{"id":29390,"date":"2021-06-29T17:05:53","date_gmt":"2021-06-29T21:05:53","guid":{"rendered":"https:\/\/www.kaspersky.com.au\/blog\/security-awareness-basic-instruction\/29390\/"},"modified":"2021-07-02T21:47:51","modified_gmt":"2021-07-02T10:47:51","slug":"security-awareness-basic-instruction","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.au\/blog\/security-awareness-basic-instruction\/29390\/","title":{"rendered":"Information security guide for new employees"},"content":{"rendered":"<p>An information security guide can help minimize related errors, but writing one from scratch is quite challenging. To that end, we offer a general plan, a basic guide to which you can add points specific to your company and its rules and regulations. In our opinion, this is a standard; it includes the necessities and needs only personalization. Once you\u2019ve tweaked it as needed, don\u2019t just file it away: Show it to all new employees and bring it to the attention of established staff as well.<\/p>\n<h2>Access to corporate systems and services<\/h2>\n<ol>\n<li>Use <a href=\"https:\/\/www.kaspersky.com\/blog\/password-dilemma\/20821\/\" target=\"_blank\" rel=\"noopener nofollow\">strong passwords<\/a> for all accounts \u2014 at least 12 characters long, containing no words in the dictionary, and including special characters and numerals. Attackers can brute-force simple passwords easily.<\/li>\n<li>Create a unique password for every account. If you <a href=\"https:\/\/www.kaspersky.com\/blog\/never-reuse-passwords-story\/24808\/\" target=\"_blank\" rel=\"noopener nofollow\">reuse passwords<\/a>, then a leak in one service could compromise the others.<\/li>\n<li>Keep passwords <a href=\"https:\/\/www.kaspersky.com\/blog\/password-security-smb\/35836\/\" target=\"_blank\" rel=\"noopener nofollow\">secret<\/a>, without exception. Do not write them down, do not save them in a file, and do not share them with colleagues. A random office visitor or a dismissed colleague could use your password to harm the company, for an obvious danger, but the possibilities for damage are practically limitless.<\/li>\n<li>Enable <a href=\"https:\/\/www.kaspersky.com\/blog\/2fa-notification-trap\/23819\/\" target=\"_blank\" rel=\"noopener nofollow\">two-factor authentication<\/a> for every service that allows it. Using 2FA helps prevent an attacker from gaining access to the service even in the event of a password leak.<\/li>\n<\/ol>\n<h2>Personal data<\/h2>\n<ol start=\"5\">\n<li><a href=\"https:\/\/www.kaspersky.com\/blog\/disposing-corporate-trash\/40326\/\" target=\"_blank\" rel=\"noopener nofollow\">Shred documents<\/a> for disposal instead of simply throwing them away. <a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/personally-identifiable-information-pii\/\" target=\"_blank\" rel=\"noopener\">Personally identifiable information<\/a> in a trash can guarantees attention from regulators and hefty fines.<\/li>\n<li>Use secure channels to exchange files containing personal data (for example, share Google Doc documents with specific colleagues, not via \u201canyone with the link\u201d option). Google, for example, indexes documents that anyone on the internet can view, meaning they can appear in search results.<\/li>\n<li>Share clients\u2019 personal data with colleagues on a strict need-to-know basis. Beyond causing trouble with regulators, sharing data increases the risk of data leakage.<\/li>\n<\/ol>\n<h2>Common cyberthreats<\/h2>\n<ol start=\"8\">\n<li>Check links in e-mails carefully before clicking, and remember that a convincing sender name is no guarantee of authenticity. Among cybercriminals\u2019 many tricks for getting people to click on phishing links, they may tailor messages to your business specifically or even use a colleague\u2019s <a href=\"https:\/\/www.kaspersky.com\/blog\/what-is-bec-attack\/34135\/\" target=\"_blank\" rel=\"noopener nofollow\">hijacked account<\/a>.<\/li>\n<li>For budget managers: Never transfer money to unknown accounts solely based on an e-mail or direct message. Instead, directly contact the person who supposedly authorized the transfer to confirm it.<\/li>\n<li>Leave <a href=\"https:\/\/www.kaspersky.com\/blog\/dangerous-usb\/12736\/\" target=\"_blank\" rel=\"noopener nofollow\">unknown flash drives<\/a> alone; don\u2019t connect found media to a computer. Attacks through infected flash drives are not just the stuff of science fiction \u2014 cybercriminals can and have planted malicious devices in public and in offices.<\/li>\n<li>Before opening a file, check to make sure it is not executable (attackers often disguise malicious files as office documents). Do not open and run executable files from untrusted sources.<\/li>\n<\/ol>\n<h2>Emergency contacts<\/h2>\n<ol start=\"12\">\n<li>Whom to contact \u2014 name and phone number \u2014 in case of suspicious e-mail, weird computer behavior, a ransomware note, or any other questionable issues. That might be a security officer, a system administrator, even the business owner.<\/li>\n<\/ol>\n<p>Those are the very basics \u2014 the stuff everyone at every company needs to know. For greater awareness of modern cyberthreats, however, we recommend <a href=\"https:\/\/k-asap.com\/en\/?icid=au_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder____kasap___\" target=\"_blank\" rel=\"noopener\">special training<\/a>.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kasap\">\n","protected":false},"excerpt":{"rendered":"<p>To minimize cyberincidents, issue a basic information security guide and make it compulsory reading for onboarding employees. <\/p>\n","protected":false},"author":700,"featured_media":29391,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,2993,2994],"tags":[3229,2388,363,76],"class_list":{"0":"post-29390","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-cybersecurity-awareness","11":"tag-employees","12":"tag-personal-data","13":"tag-phishing"},"hreflang":[{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/security-awareness-basic-instruction\/29390\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/security-awareness-basic-instruction\/23016\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/security-awareness-basic-instruction\/18499\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/security-awareness-basic-instruction\/9234\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/security-awareness-basic-instruction\/24966\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/security-awareness-basic-instruction\/22975\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/security-awareness-basic-instruction\/22217\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/security-awareness-basic-instruction\/25569\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/security-awareness-basic-instruction\/25033\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/security-awareness-basic-instruction\/30980\/"},{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/security-awareness-basic-instruction\/9795\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/security-awareness-basic-instruction\/40416\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/security-awareness-basic-instruction\/17257\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/security-awareness-basic-instruction\/17720\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/security-awareness-basic-instruction\/14986\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/security-awareness-basic-instruction\/26998\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/security-awareness-basic-instruction\/31157\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/security-awareness-basic-instruction\/27236\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/security-awareness-basic-instruction\/24043\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/security-awareness-basic-instruction\/29183\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.au\/blog\/tag\/cybersecurity-awareness\/","name":"cybersecurity awareness"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/29390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/users\/700"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/comments?post=29390"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/29390\/revisions"}],"predecessor-version":[{"id":29405,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/posts\/29390\/revisions\/29405"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media\/29391"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/media?parent=29390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/categories?post=29390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.au\/blog\/wp-json\/wp\/v2\/tags?post=29390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}