Information Security - Best Practice


Do's Don'ts
  • Install and update antivirus software
  • Enable Firewall
  • Check carefully before accessing to an unknown website
  • Check and verify SSL Certificate on the website
  • Use official and legal software
  • Turn off the unused camera and microphone
  • Use normal user account (avoid use administrator / privileged account for daily normal work).
  • Setup privacy setting on social media - only share information to whom you allow.
  • Beware of shoulder surfing
  • Don’t open any suspicious email
  • Don’t open email from unknown senders
  • Don’t open the unknown web-link
  • Don’t use software from unknown sources

Protect your Account and Password

Good Password Practice
Do's Don'ts
  • Enable Two-Factor Authentication (2FA)
  • At least 8 characters for the password
  • Use complex password (composite of a-z, A-Z, 0-9)
  • Change password regularly
  • Keep password in a safe place
  • Don't use phone number, birthday, anniversary in the password
  • Don’t use name or address as your password
  • Don't use easy to guess password
  • Don’t write down your password
  • Don’t share your password
  • Don’t use the “remember password” function in the browser
  • Don’t re-use old password
  • Don't use one password for all accounts

Good Practice for Mobile Devices

Good Practice for Mobile Devices
Do's Don'ts
  • Lock your device
  • Beware of shoulder surfing
  • Keep OS and mobile apps up-to-date from a trustworthy source
  • Enable remote wipe function
  • Enable device encryption if available
  • Turn off Wifi, NFC,  Bluetooth, camera and location services, etc when you are not using it.
  • Don’t use apps from untrusted sources
  • Don’t jailbreak apple device or root android device
  • Don’t leave mobile devices unattended
  • Don't use Wifi from unknown source
  • Don't store confidential or sensitive information or pictures on public cloud storage