Safety Ten Commandments
1. If you don't know, ask.
If I suspect a cyber-attack, receive a questionable email, or my computer is acting strangely, I contact the HelpDesk to discuss the next steps. I follow the instructions of the experts.
2. You will authenticate and authorize yourself.
The computer does not recognize me on its own, so I have to prove my identity to it, for example by knowing the password to the user account (authentication). In applications, programs and information systems, I often do not have authorization for all activities. Therefore, authentication is followed by authorization, which determines what I can and cannot do.
3. Be careful where you enter your password.
I only enter my login information into a web page that is encrypted, i.e., its address starts with https:// and has a lock icon at the beginning. It is important that the address of the site is accurate; even fraudulent sites can use encryption.
4. You will be healthily suspicious of incoming mail.
Electronic mail is often misused to send spam, hoaxes, phishing or bulk messages. Be wary of suspicious emails, especially those that contain attachments or links to sites. The attachment may contain malicious code and the linked site may be fraudulent.
5. Thou shalt not believe everything that is written on the Internet.
Anyone can post information on the Internet, even an author who is ignorant or deliberately manipulative. Therefore, I always check the credibility of the information I receive. In a work environment, I must handle information judiciously; not all information is for everyone.
6. You will encrypt confidential information.
Data encryption ensures that the information cannot be read by anyone who obtains it, but only by those who know the extra decryption key. An electronic signature confirms that the signer is the author or agrees with the content. It also confirms that the content of the electronically signed document has not changed after signing.
7. You are not anonymous on the Internet.
By browsing sites and using services on the Internet, I leave a lot of traces. Other traces are created by voluntarily disclosing information about myself, especially on social networks. All these activities reduce my anonymity and it is good practice to behave as if anyone can identify me.
8. Thou shalt protect my computers and back up my data.
No one unauthorized should use someone else's personal item such as a computer. I must protect such devices by locking my office and using a screen lock. I make sure that its software is up to date or I entrust the management of the device to professionals. I regularly back up important data.
9. Mobile devices are also computers.
A mobile device, nowadays most often a smart phone, is a small computer and I treat it and the data on it the same way I would a computer. In addition, I need to be aware of the risks of carrying the device or having it with me at all times.
10. Thou shalt obey the rules and respect the law.
The same legislation applies on the Internet as in the real world, but it is augmented by some additional specific legal standards. In addition to this state-required legislation, I also abide by the internal rules of organisations or the rules of use of specific services.