Key security instructions
Everyone
- Lock your screen while unattended
- Don’t leave classified information unattended
- Don’t share your passwords
- Don’t write down your passwords
- Beware of suspicious emails and attachments
- Report suspicious behaviour immediately
- Wear your badge at all times on premise
- Identify unescorted strangers on premise
- Do not use personal accounts (eg email, dropbox) for business
- Report security incidents, concerns or vulnerabilities immediately
- Do not store documents on your c drive
- Protect company equipment offsite (laptops, mobiles, etc)
- Use password protection on mobile phones
- Report lost equipment immediately
- Do not take equipment offsite without approval
Remote Workers
- Use approved VPN client for remote access
- Use anti-virus software on personal computers
- Use a personal firewall
- Use WPA2 for wireless access
Managers and Supervisors
- Ensure your staff understand and adhere to security policies
- Demonstrate support of information security policies and procedures
- Document roles & responsibilities, processes and procedures
- Provide incentive, training and time for continual improvement
- Establish and monitor key performance metrics
System Administrators
- Only use privileged access for authorized activities
- Don’t use shared passwords
- Consult with HR for any suspicious activity involving staff
- Follow guidelines for collection of evidence