Security tips for the use of social media websites
|
|
- Laurel Todd
- 8 years ago
- Views:
Transcription
1 CYBER SECURITY OPERATIONS CENTRE NOVEMBER 2012 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL REFERENCES TO ASD SHOULD BE TAKEN TO BE REFERENCES TO DSD. Security tips for the use of social media websites Introduction 1. Social media websites can pose a number of risks to Australian government networks. Social media websites include blogs, wikis and forums for example, Facebook, Twitter, LinkedIn, Google+, YouTube and Wikipedia. Due to their popularity, social media websites are a common way for malicious adversaries to gather information about the Australian government on its employees, projects and networks. Adopting sound security practices when using social media websites decreases the risk of data spills and social engineering threats. 2. This publication provides information to government agencies to assist in user education. Specifically, information about the security risks to Australian government networks from the use of social media websites. Additionally, this publication provides mitigation advice to help prevent the unauthorised disclosure of official government information on social media websites. Intended audience 3. This publication is intended for information security practitioners. It aims to inform risk management decisions and assist security practitioners in developing user education about sound security practices when using social media websites. 4. Pages 4 and 5 are intended for users. These pages provide advice on the use of social media in an easy to read format that can be passed directly to system users. Risks involved with social media websites Using social media for official purposes 5. The primary security risk for using social media for official business is the possibility of data spills caused by employees posting too much information or information not authorised for public release. Agencies can significantly reduce the security risk by developing and communicating sound usage policies. 6. There are also business risks that your agency will need to consider when developing usage policies. For example, damage to agency reputation caused by negative posts by the public. Page 1 of 5
2 Using social media for personal purposes 7. According to recent reporting, only half of social media website users have privacy settings to control what information they share and with whom, and over a third accept friend requests from people they do not know. Poor security practices such as this increase the likelihood of users being targeted through socially engineered communication campaigns by malicious cyber adversaries. 8. Users posting information about their personal life, their official duties, project details or government policy could unknowingly provide people with information that could be used to elicit government information from them or to tailor social engineering campaigns to compromise an agency s networks. Users should assume everything posted on a social networking site is permanent. 9. Information that appears to be benign when posted in isolation could, if collated with other information, have a considerable security impact on the Australian government. Internet content is cached frequently, and information can be viewed, copied or forwarded on without the originator s knowledge. Once a person posts information, they effectively relinquish control over it. Information posted on the Internet is nearly impossible to completely remove. Mitigation strategies: social media for official purposes 10. The use of social media for official purposes should be governed by agency web usage and specific social media usage policies. Enforcing usage policies and implementing mandatory user education on the risks of social media is key to minimising security risks to government information. 11. The following security measures should be implemented for shared corporate social media accounts. a. Ensure users are informed of your agency s Internet usage policies and social media usage policies. b. Provide regular information security awareness training on the use of social media to your agency s system users. This could be incorporated into existing agency security training. c. Ensure policy and user training includes processes and details for reporting suspicious contact from external sources via the web, or suspected postings of official information on unauthorised websites. d. Ensure users are aware of what information is shared, monitor information posted and promptly remove any unauthorised content. If a data spill has occurred, follow agency procedure for reporting and responding to cyber security incidents. e. Maintain an access control list including who can access the account and who is an account administrator. Change the account password when a person is removed from the access control list. Page 2 of 5
3 f. Apply any available security and privacy options on websites. g. Use a strong password that is not reused for multiple accounts. h. Use caution when deciding to enable third party applications. i. Use multi factor authentication where possible (some social media sites may offer this as an option). See page 4 and 5 for ASD s advice to users about the secure use of social media websites in business and personal settings. Further information 12. Further guidance can be found in the Australian Government Information Security Manual at In particular, the Using the Internet section. Contact details Australian government customers with questions regarding this advice should contact the ASD Advice and Assistance Line on 1300 CYBER1 ( ) or asd.assist@defence.gov.au. Australian businesses or other private sector organisations seeking further information should contact CERT Australia at info@cert.gov.au or by calling Page 3 of 5
4 User security tips for the use of social media websites Risks involved with social media websites Social media websites can pose a number of risks to Australian government networks and to your personal privacy. Social media websites include blogs, wikis and forums for example, Facebook, Twitter, LinkedIn, Google+, YouTube and Wikipedia. Due to their popularity, social media websites are a common way for malicious adversaries to gather information about the Australian government on its employees, projects and networks. For this reason, you should be aware of the two key risks involved with using social media websites. 1. Posting unauthorised official information in the worst cases, this can harm Australia s national interests or security, cause harm to your agency s reputation, or even violate an individual s right to privacy. Information that appears benign when posted in isolation could, if collated with other information, have a considerable security impact on the Australian government. 2. Posting too much personal information personal information you post on websites could be used to develop a detailed profile of your lifestyle and hobbies. This could then be used in social engineering campaigns, which attempt to elicit sensitive or classified information from you, or influence you to unknowingly implant malicious software on a government system. Additionally, posting too much personal information could lead to identity theft. To help minimise these risks and protect Australian government information and systems when using social media websites, consider the following tips. When using corporate social media accounts Read, understand and adhere to your agency s Internet usage policies. If you don t understand a policy or are unsure whether it applies in a particular situation, ask your IT team. If your agency is using social media websites as an authorised means of communication, ensure that all information you post is approved and recorded. Limit the publication of your official address, including in documents made available on social media websites. Supply a generic corporate address or use web contact forms instead of individual contacts where possible. Page 4 of 5
5 When using private social media accounts Carefully consider the type and amount of information you post regarding your work duties. Do not post information that is not for public release from your current or previous roles. Restrict the amount of personal information placed on social media websites. Avoid posting information such as your home or work address, phone numbers, place of employment and other personal information that can be used to target you. Monitor the information friends and colleagues post about you to prevent the unauthorised disclosure of your personal information. Consider limiting access to posted personal data to friends only. Apply any available security and privacy options to your accounts and use a private profile where available. Use a personal address rather than an official address when creating personal profiles, and use an alias rather than disclosing your full name. If possible, make your address private to those viewing your page. Several social media websites allow users to opt out of allowing search engines to search and display your personal information. If possible, use this opt out feature. Review the website security and privacy policies regularly, as these can change with minimal communication to users. Be wary of accessing unknown website links or attachments, unsolicited contact and scams (such as through the use of fake profiles). Report any suspected security incidents when you or a colleague has posted sensitive or classified information on social media websites to your protective security team. Report any suspicious contact made to you or a colleague through social media websites. Further information For further security information on the use of corporate social media accounts, contact your IT team. For further security and privacy information on the use of private social media accounts, visit Page 5 of 5
Additional Security Considerations and Controls for Virtual Private Networks
CYBER SECURITY OPERATIONS CENTRE APRIL 2013 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL REFERENCES
More information[Example] Social Media Acceptable Use Policy
[Example] Social Media Acceptable Use Policy Overview The [agency] recognises that there are legitimate business and personal reasons for using social media at work or using corporate computing resources.
More informationMalicious Email Mitigation Strategy Guide
CYBER SECURITY OPERATIONS CENTRE Malicious Email Mitigation Strategy Guide Introduction (UPDATED) SEPTEMBER 2012 1. Socially engineered emails containing malicious attachments and embedded links are commonly
More informationSpecific recommendations
Background OpenSSL is an open source project which provides a Secure Socket Layer (SSL) V2/V3 and Transport Layer Security (TLS) V1 implementation along with a general purpose cryptographic library. It
More informationDealing with social media
Dealing with social media Dealing with social media Guidelines for employees Social networks, blogs and forums have changed our communications environment. Even the Federal Administration is increasingly
More informationDISTRICT COUNCIL OF LOXTON WAIKERIE. Social Media Policy
DISTRICT COUNCIL OF LOXTON WAIKERIE Social Media Policy Policy Identification: Adoption Date: 20 April 2012 Last Review: 17 April 2015 Next Review Date: April 2017 Every 2 years Responsible Officer(s):
More informationSocial Media in the Workplace
Social Media in the Workplace A Guide for CWU Members CWU Youth Committee 2013 CONTENTS Introduction... 3 Social Networking in Ireland... 4 Guidelines for using Social Media Responsibly... 5 2 INTRODUCTION
More informationInformation Management Advice 57 Sample Social Media Acceptable Use Policy
Information Management Advice 57 Sample Social Media Acceptable Use Policy Overview The [agency] recognises that there are legitimate business and personal reasons for using social media at work or using
More informationCyber security the facts
Cyber security the facts By Dr Carolyn Patteson, Executive Manager, CERT Australia The cyber threat is real and ever present and every business is at risk. Australia s security and intelligence agencies
More informationMulti-factor authentication
CYBER SECURITY OPERATIONS CENTRE (UPDATED) 201 (U) LEGAL NOTICE: THIS PUBLICATION HAS BEEN PRODUCED BY THE DEFENCE SIGNALS DIRECTORATE (DSD), ALSO KNOWN AS THE AUSTRALIAN SIGNALS DIRECTORATE (ASD). ALL
More informationSHS Annual Information Security Training
SHS Annual Information Security Training Information Security: What is It? The mission of the SHS Information Security Program is to Protect Valuable SHS Resources Information Security is Everyone s Responsibility
More informationZep Inc.: Global Online Privacy Notice
Zep Inc.: Global Online Privacy Notice Effective Date: March 26, 2015 We at Zep Inc., along with our affiliates (collectively, Zep ), respect your concerns about privacy. This Global Online Privacy Notice
More informationGuidance on the Use of Social Networking
Guidance on the Use of Social Networking Version 1 - January 2012 Reviewed: September 2013 Version 2 Approved by SM: November 2013 Version 2 modified and approved by the PCC Board: April 2014 Overview
More informationWorking Practices for Protecting Electronic Information
Information Security Framework Working Practices for Protecting Electronic Information 1. Purpose The following pages provide more information about the minimum working practices which seek to ensure that
More informationSOCIAL MEDIA POLICY. Introduction
Introduction Throughout this Policy, the words Translink Company and/or the Group refer to all corporate entities under the ownership of the Northern Ireland Transport Holding Company (NITHC). This includes
More informationINFORMATION TECHNOLOGY SECURITY STANDARDS
INFORMATION TECHNOLOGY SECURITY STANDARDS Version 2.0 December 2013 Table of Contents 1 OVERVIEW 3 2 SCOPE 4 3 STRUCTURE 5 4 ASSET MANAGEMENT 6 5 HUMAN RESOURCES SECURITY 7 6 PHYSICAL AND ENVIRONMENTAL
More informationInformation System Audit Guide
Australian Government Department of Defence Information System Audit Guide VERSION 11.1 January 2012 Commonwealth of Australia 2011 Page 1 TABLE OF CONTENTS 1. INTRODUCTION TO ACCREDITATION...4 2. THE
More informationABC PRIVACY POLICY. The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services.
ABC PRIVACY POLICY The ABC is strongly committed to protecting your privacy when you interact with us, our content, products and services. Our goal is to provide you and your family with media experiences
More informationHuddersfield New College Further Education Corporation
Huddersfield New College Further Education Corporation Policy for Personal Use of Social Networking and Third Party Websites 1.0 Introduction 1.1 This policy sets out the principles that Huddersfield New
More informationWHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security
WHITE PAPER: Cyber Crime and the Critical Need for Endpoint Security A World of Constant Threat We live in a world on constant threat. Every hour of every day in every country around the globe hackers
More informationBad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads
Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams May 2014 TrustInAds.org Keeping people safe from bad online ads OVERVIEW Today, even the most tech savvy individuals can find themselves
More informationBYLAW 26. Skate Australia Social Media Usage Policy
BYLAW 26 Skate Australia Social Media Usage Policy Adopted August 12, 2012 1.0 Definitions For the purposes of this policy the following definitions apply: Skate Australia (or SA) broadly includes all
More informationAdult Enterprise Guided Learning Programme for Business and Social Enterprise. Unit and Assessment Guide
Adult Enterprise Guided Learning Programme for Business and Social Enterprise Unit and Assessment Guide Understanding the Uses of Social Media for Business This unit is one of a framework of units that
More informationPolicy. Social Media Acceptable Use Policy. Executive Lead. Review Date. Low
Policy Social Media Acceptable Use Policy Date approved by - ISG Version Issue Date Review Date Executive Lead 11/6/2013 1.0 11/6/2013 11/6/2015 Mike Robson Executive Director Finance Procedure/Policy
More informationNSW Government. Social Media Policy and Guidelines
NSW Government Social Media Policy and Guidelines December 2012 Table of Contents 1 Policy 1 1.1 Policy Statement 1 1.2 Context 1 1.3 Objectives 2 1.4 Guiding principles 2 1.5 Scope 3 1.6 Definitions 3
More informationSOCIAL MEDIA Guidance for Agencies and Staff
SOCIAL MEDIA Guidance for Agencies and Staff About this guide Information technology has changed forever the way in which people communicate and share information. While the wide range of technologies
More informationWHAT YOU NEED TO KNOW ABOUT CYBER SECURITY
SMALL BUSINESSES WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY ONE CLICK CAN CHANGE EVERYTHING SMALL BUSINESSES My reputation was ruined by malicious emails ONE CLICK CAN CHANGE EVERYTHING Cybercrime comes
More informationINFORMATION SERVICES SOCIAL MEDIA GUIDE FOR STAFF
INFORMATION SERVICES SOCIAL MEDIA GUIDE FOR STAFF go.qub.ac.uk/socialmedia WHY ARE SOCIAL MEDIA TOOLS IMPORTANT TO QUEEN S UNIVERSITY? The term social media is used to describe a range of communication
More informationHow To Protect Decd Information From Harm
Policy ICT Security Please note this policy is mandatory and staff are required to adhere to the content Summary DECD is committed to ensuring its information is appropriately managed according to the
More informationSmall businesses: What you need to know about cyber security
Small businesses: What you need to know about cyber security March 2015 Contents page What you need to know about cyber security... 3 Why you need to know about cyber security... 4 Getting the basics right...
More informationIGO GROUP GOVERNANCE STANDARD 4 - SOCIAL MEDIA INDEPENDENCE GROUP NL
IGO GROUP GOVERNANCE STANDARD 4 - SOCIAL MEDIA INDEPENDENCE GROUP NL CONTENTS 1. PURPOSE... 3 2. SCOPE... 3 3. STANDARD COMPLIANCE... 3 4. DEFINITIONS... 3 5. RESPONSIBILITIES... 4 6. MONITORING... 4 7.
More informationSocial Media Charter
Social Media Charter 1. Internet, social media, web 2.0 interface and on-line communication "Social media" and "web 2.0" interface are generic terms which designate different activities integrating technology,
More informationCyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate
Cyber Security Operations Centre Reveal Their Secrets - Protect Our Own Defence Signals Directorate Contents Message from the Director 3 Cyber Security Operations Centre 5 Cyber Security Strategy 7 Conversation
More informationONLINE RECONNAISSANCE
ONLINE RECONNAISSANCE HOW YOUR INTERNET PROFILE CAN BE USED AGAINST YOU May 2013 Most people and organisations put information about themselves on the web. Companies advertise their work and achievements
More informationSTUDENT S INFORMATION SECURITY GUIDE
STUDENT S INFORMATION SECURITY GUIDE April 2013 Table of contents Information security is important - also for you...1 Use strong passwords and keep them safe...2 E-mail use...3 Beware of phishing and
More informationcurrent and previous addresses name/ssn Medical Insurance info UNCLASSIFIED credit info family info phone & fax #
Personal Identifiable Information current and previous addresses name/ssn credit info family info Medical Insurance info professional & personal relationships email address phone & fax # 1 Implications
More informationUNILEVER PRIVACY PRINCIPLES UNILEVER PRIVACY POLICY
UNILEVER PRIVACY PRINCIPLES Unilever takes privacy seriously. The following five principles underpin our approach to respecting your privacy: 1. We value the trust that you place in us by giving us your
More informationIT ACCESS CONTROL POLICY
Reference number Approved by Information Management and Technology Board Date approved 30 April 2013 Version 1.0 Last revised Review date March 2014 Category Owner Target audience Information Assurance
More informationsocial media boot camps getting your business off on the right foot
social media boot camps getting your business off on the right foot introduction It doesn t cost the earth to do, but could cost you business and your reputation if you don t! Why Oak Consult - We thought
More informationMandatory data breach notification in the ehealth record system
Mandatory data breach notification in the ehealth record system Draft September 2012 A guide to mandatory data breach notification under the personally controlled electronic health record system Contents
More informationContact Reporting Guidelines The Australian Government Contact Reporting Scheme
Contact Reporting Guidelines The Australian Government Contact Reporting Scheme Version 1.0 Approved September 2010 Contents Introduction... 1 The role of ASIO... 1 Australian Government Contact Reporting
More informationZOOMIN.TV PRIVACY POLICY Last updated: 5 August 2014
ZOOMIN.TV PRIVACY POLICY Last updated: 5 August 2014 We're always working to make our services even better. One of the ways we do that is by analyzing information we collect and receive about users in
More informationInformation Security Incident Management Policy and Procedure
Information Security Incident Management Policy and Procedure Version Final 1.0 Document Control Organisation Title Author Filename Owner Subject Protective Marking North Dorset District Council IT Infrastructure
More informationAustralian Government Information Security Manual EXECUTIVE COMPANION
2015 Australian Government Information Security Manual EXECUTIVE COMPANION 2015 Australian Government Information Security Manual EXECUTIVE COMPANION Commonwealth of Australia 2015 All material presented
More informationINTERNET, EMAIL AND COMPUTER USE POLICY.
INTERNET, EMAIL AND COMPUTER USE POLICY. CONSIDERATIONS Code of Conduct Discipline and termination policy Privacy Policy Sexual Harassment policy Workplace Health & Safety Policy LEGISLATION Copyright
More informationImage credits: Front cover: U.S. Army photo by Sgt. Brandon Little, Task Force XII PAO, MND-B Inside back cover: U.S Army photo by Staff Sgt.
Image credits: Front cover: U.S. Army photo by Sgt. Brandon Little, Task Force XII PAO, MND-B Inside back cover: U.S Army photo by Staff Sgt. Mike Pryor, 2nd BCT, 82nd Abn. Div. Public Affairs Operations
More information2013-2014-2015 THE PARLIAMENT OF THE COMMONWEALTH OF AUSTRALIA HOUSE OF REPRESENTATIVES/THE SENATE
2013-2014-2015 THE PARLIAMENT OF THE COMMONWEALTH OF AUSTRALIA HOUSE OF REPRESENTATIVES/THE SENATE PRIVACY AMENDMENT (NOTIFICATION OF SERIOUS DATA BREACHES) BILL 2015 EXPLANATORY MEMORANDUM (Circulated
More informationMitigating and managing cyber risk: ten issues to consider
Mitigating and managing cyber risk: ten issues to consider The board of directors is responsible for managing and mitigating risk exposure. A recent study conducted by the Ponemon Institute 1 revealed
More informationCYBER SECURITY STRATEGY AN OVERVIEW
CYBER SECURITY STRATEGY AN OVERVIEW Commonwealth of Australia 2009 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without
More informationCYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility
CYBER SECURITY AND RISK MANAGEMENT An Executive level responsibility Cyberspace poses risks as well as opportunities Cyber security risks are a constantly evolving threat to an organisation s ability to
More informationSocial Media Policy. Policies and Procedures. Social Media Policy
Policies and Procedures Social Media Policy 1 1. Introduction...3 2. Privacy settings and personal information.....3 3. Use of Social Media at Work.....4 4. Account Administrators and Login Details......4
More informationData Protection Breach Management Policy
Data Protection Breach Management Policy Please check the HSE intranet for the most up to date version of this policy http://hsenet.hse.ie/hse_central/commercial_and_support_services/ict/policies_and_procedures/policies/
More informationHIPAA PRIVACY AND SECURITY AWARENESS. Covering Kids and Families of Indiana April 10, 2014
HIPAA PRIVACY AND SECURITY AWARENESS Covering Kids and Families of Indiana April 10, 2014 GOALS AND OBJECTIVES The goal is to provide information to you to promote personal responsibility and behaviors
More informationCHIEF EXECUTIVE OFFICER
SOCIAL MEDIA POLICY TITLE: ADOPTED BY: RESPONSIBILITY: SOCIAL MEDIA POLICY COUNCIL CHIEF EXECUTIVE OFFICER NEXT REVIEW DATE: 29/07/2015 Version Decision Number Adoption Date History 1 DRAFT 2 3 4 2 P a
More informationCloud Computing Security Considerations
CYBER SECURITY OPERATIONS CENTRE APRIL 2011, UPDATED SEPTEMBER 2012 Cloud Computing Security Considerations Table of Contents Cloud Computing Security Considerations... 3 Overview of Cloud Computing...
More informationProtective security governance guidelines
Protective security governance guidelines Reporting incidents and conducting security investigations Approved 13 September 2011 Version 1.0 Commonwealth of Australia 2011 All material presented in this
More informationSocial Media Guidance for Staff
Social Media Guidance for Staff May 2013 Social media guidance aims Establish practical and reasonable guidelines to help staff in their professional use of social media. Promote a safe environment to
More informationANNUAL SECURITY RESPONSIBILITY REVIEW
ANNUAL SECURITY RESPONSIBILITY REVIEW For Faculty and Staff Who Use Computers Minimally in their work May 2012 Training Topics What is Information Security? Review Security Vulnerabilities Phishing email
More informationCyber Security Incident Reporting Scheme
OCIO/G4.12a ISMF Guideline 12a Cyber Security Incident Reporting Scheme BACKGROUND Reporting cyber security incidents is a source of intelligence information that assists in the development of a greater
More informationPOLICY. Responsible Use of Social Media
POLICY Responsible Use of Social Media Contact Officer Director of Personnel Director of Communications & Participation Senior Project Manager: Corporate Policies (Policy author) Purpose The primary aims
More informationSTOP. THINK. CONNECT. Online Safety Quiz
STOP. THINK. CONNECT. Online Safety Quiz Round 1: Safety and Security Kristina is on Facebook and receives a friend request from a boy she doesn t know. What should she do? A. Accept the friend request.
More informationSOCIAL MEDIA and E-SAFETY POLICY
SOCIAL MEDIA and E-SAFETY POLICY Background The internet and Social Networking revolution have created new and instantaneous channels for information sharing and communication which are freely available
More informationNSW Government Digital Information Security Policy
NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...
More informationState Records Guideline No 18. Managing Social Media Records
State Records Guideline No 18 Managing Social Media Records Table of Contents 1 Introduction... 4 1.1 Purpose... 4 1.2 Authority... 5 2 Social Media records are State records... 5 3 Identifying Risks...
More informationTHE HUMAN COMPONENT OF CYBER SECURITY
cybersecurity.thalesgroup.com.au People, with their preference to minimise their own inconvenience, their predictability, apathy and general naivety about the potential impacts of their actions, are the
More informationSOCIAL MEDIA IN SCHOOLS. Guidelines for school staff using social media and other technologies. Licenced for NEALS
SOCIAL MEDIA IN SCHOOLS Guidelines for school staff using social media and other technologies Licenced for NEALS TITLE: Social Media In Schools: Guidelines for school staff using social media and other
More informationThe British Academy of Management. Website and Social Media Policy
The British Academy of Management s Website and Social Media Policy The creation of management knowledge through research and its dissemination through teaching and application The British Academy of Management
More informationInfocomm Sec rity is incomplete without U Be aware,
Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN
More informationSocial Media Policy For Staff
Social Media Policy For Staff 1 Owlswick School and Home Social Media Policy Introduction The Internet provides a range of social media tools that allow users to interact with one another, for example
More informationPrivacy and Cloud Computing for Australian Government Agencies
Privacy and Cloud Computing for Australian Government Agencies Better Practice Guide February 2013 Version 1.1 Introduction Despite common perceptions, cloud computing has the potential to enhance privacy
More informationInformation Security
Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff
More informationRecovering Your Identity. Advice for victims of identity crime
Recovering Your Identity Advice for victims of identity crime How will you know your identity has been stolen? Identity crime is unfortunately very common. Around 1 in 5 Australians have been a victim
More informationInformation Services. Protecting information. It s everyone s responsibility
Information Services Protecting information It s everyone s responsibility Protecting information >> Contents >> Contents Introduction - we are all responsible for protecting information 03 The golden
More informationManaging internet security
Managing internet security GOOD PRACTICE GUIDE Contents About internet security 2 What are the key components of an internet system? 3 Assessing internet security 4 Internet security check list 5 Further
More informationSocial Networking Issues in the Workplace
Social Networking Issues in the Workplace Presented By: David Flotten, JD, SPHR HR Consultant/Benefits Technical Advisor Disclaimers Technology is moving faster than the legal system can keep pace. Accordingly,
More informationSOCIAL MEDIA POLICY AND GUIDANCE Issue 1. 9 November 2010
SOCIAL MEDIA POLICY AND GUIDANCE Issue 1 9 November 2010 Martin McEwan, Director of Communications & Engagement Jane Loughran, Senior Communications Manager Scott Gaule, Involvement & Patient Experience
More informationDocument Control. Version Control. Sunbeam House Services Policy Document. Data Breach Management Policy. Effective Date: 01 October 2014
Document Control Policy Title Data Breach Management Policy Policy Number 086 Owner Information & Communication Technology Manager Contributors Information & Communication Technology Team Version 1.0 Date
More informationEASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY. Inspire and Achieve
EASTNOR PAROCHIAL PRIMARY SCHOOL STAFF SOCIAL NETWORKING POLICY Inspire and Achieve Introduction This document sets out the guidance on social networking and aims to: Set clear expectations of behaviour
More informationSocial Media. Policies & Handbook
Social Media Policies & Handbook Centenary College supports the use of social media to connect with students, colleagues, and alumni. This handbook explains how to do so effectively and safely within the
More informationGUIDE TO MANAGING DATA BREACHES
8 MAY 2015 CONTENT PURPOSE OF THE GUIDE 3 INTRODUCTION 4 HOW DATA BREACHES COULD OCCUR 5 RESPONDING TO A DATA BREACH 6 i. DATA BREACH MANAGEMENT PLAN 6 ii. CONTAINING THE BREACH 7 iii. ASSESSING RISK AND
More informationThreat Intelligence. Benefits for the enterprise
Benefits for the enterprise Contents Introduction Threat intelligence: a maturing defence differentiator Understanding the types of threat intelligence: from the generic to the specific Deriving value
More informationNOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0
NOS for IT User and Application Specialist IT Security (ESKITU04) November 2014 V1.0 NOS Reference ESKITU040 ESKITU041 ESKITU042 Level 3 not defined Use digital systems NOS Title Set up and use security
More informationDisclosure Statement: I have no industry relationships to disclose.
Professionalism and Social Media Speaker Information: Julie Walsh - Covarrubias, MEd, EdD Associate Professor Unviersity of Alabama - Birmingham 619 19th Street S Women and Infants Center, RM 5330 Department
More informationREDEFINING THE BOUNDARIES OF RISK MANAGEMENT, NOW AND INTO THE FUTURE
CYBER RISKS SECURITY BREACH CHECKLIST REDEFINING THE BOUNDARIES OF RISK MANAGEMENT, NOW AND INTO THE FUTURE STEP 1 UNDERTAKE PRELIMINARY ASSESSMENT OF THE INCIDENT A serious data security breach is described
More informationInformation security management guidelines
Information security management guidelines Agency cyber security responsibilities when transacting online with the public Version 2.1 Approved July 2014 Amended April 2015 Commonwealth of Australia 2013
More informationEgress Switch Best Practice Security Guide V4.x
Egress Switch Best Practice Security Guide V4.x www.egress.com 2007-2013 Egress Software Technologies Ltd Table of Contents Introduction... 4 Best Practice Installation... 4 System Administrators... 5
More informationInformation Security Incident Management Policy and Procedure. CONTROL SHEET FOR Information Security Incident Management Policy
Bolsover District Council North East Derbyshire District Council & Rykneld Homes Ltd Information Security Incident Management Policy September 2013 Version 1.0 Page 1 of 13 CONTROL SHEET FOR Information
More informationPolicy on Use of IT Resources of Government of India
Policy on Use of IT Resources of Government of India October 2014 Version 1.0 Department of Electronics and Information Technology Ministry of Communications and Information Technology Government of India
More information2) applied methods and means of authorisation and procedures connected with their management and use;
Guidelines on the way of developing the instruction specifying the method of managing the computer system used for personal data processing, with particular consideration of the information security requirements.
More informationBeasley Broadcast Group, Inc. Privacy Policy
Beasley Broadcast Group, Inc. Privacy Policy Last Updated and Effective December 31, 2015 This Privacy Policy has been updated to include a section regarding your California privacy rights if you are a
More informationOnline Reputation Management Protecting your Brand & Reputation In The Digital Marketplace
Online Reputation Management Protecting your Brand & Reputation In The Digital Marketplace POWERi Technologies Inc. Overview - Online Reputation Management Solutions: - Online Brand Protection Monitoring
More informationSocial Media Policy & E- Safeguarding Staff & Student Guidance
Social Media Policy & E- Safeguarding Staff & Student Guidance Introduction Social Media is a fast growing phenomenon and popular sites include: Facebook, Twitter, LinkedIn, Google+. This communication
More informationUse of online and social media channels for official and professional comment
Use of online and social media channels for official and professional comment Management Instruction MI-0618 Version 3 Effective 9 February 2015 Contact: Sponsor: Authorised: Rob Walker Manager Corporate
More informationCyber Security. Securing Your Mobile and Online Banking Transactions
Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet
More informationYORK REGION DISTRICT SCHOOL BOARD
WORKING DOCUMENT YORK REGION DISTRICT SCHOOL BOARD Policy and Procedure #194.0, Use of Technology Procedure #194.1, Use of Non-Board Devices Procedure #194.2, Password Management The Use of Technology
More informationAcceptable Use of Information Technology
Acceptable Use of Information Technology No.: 3501 Category: Information Technology Services Approving Body: Leadership Team Executive Division: Learning and Technology Services Department Responsible:
More informationOCR UPDATE Breach Notification Rule & Business Associates (BA)
OCR UPDATE Breach Notification Rule & Business Associates (BA) Alicia Galan Supervisory Equal Opportunity Specialist March 7, 2014 HITECH OMNIBUS A Reminder of What s Included: Final Modifications of the
More informationSTRATEGIC POLICY REQUIRED HARDWARE, SOFTWARE AND CONFIGURATION STANDARDS
Policy: Title: Status: ISP-S9 Use of Computers Policy Revised Information Security Policy Documentation STRATEGIC POLICY 1. Introduction 1.1. This information security policy document contains high-level
More informationREVIEWED BY Q&S COMMITTEE ON THE 4 TH JUNE 2015. Social Media Policy
Social Media Policy SOCIAL MEDIA POLICY This Policy applies to all academy staff regardless of their employment status. It is to be read in conjunction with the E Safety and Data Security Policy. This
More informationIDT Financial Services Limited. Prime Card Privacy Policy
IDT Financial Services Limited Prime Card Privacy Policy Effective and Updated April 7, 2014 General IDT Financial Services Limited and its affiliates ( IDT, us, we, our ) are committed to protecting the
More information