Scribd Logo
Upload

Welcome to Scribd!

  • ISMS-DOC-A05-1 Information Security Summary Card

    Uploaded by

    quisfzc
    20 views2 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    20 views2 pages

    ISMS-DOC-A05-1 Information Security Summary Card

    Uploaded by

    quisfzc

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Use of passwords the IT section of the intranet or upon request from Information Security Policy

    the Resolution IT.


    The security of some of our data is only as strong
    as the password used to protect it. When creating a
    password, try to make it as strong and unguessable
    as possible. In particular: Secure use of email and defence
    against viruses Summary Card
     Make it at least eight characters long
     Use numbers as well as upper and lower- Users must be constantly vigilant against the threat
    case letters of malicious code in the form of viruses. In order to
     Use a passphrase rather than a word. For minimize the risk of introducing a virus to the
    example, TheCatSatOnTheMat2020 network, follow the following code of practice:  Passwords
     Don’t use publicly available information  Email and viruses
    associated to you, such as your name,  Don’t open attachments unless you know  Staying secure when offsite
    children’s names or date of birth they are from a reliable source  Physical security
     Don’t use common passwords such as  Always scan files from outside the  Reporting a security incident
    Password1 or 12345678 organization before storing them on the  Printing confidential information
     Change your password if you think it has network
     Transferring data outside the organization
    been compromised  Ensure your virus-scanning software is
     Never share your password with anyone working correctly
    else, including staff, third parties or even  Always report any virus-related messages
    the Resolution IT you encounter to the Resolution IT
     Don’t write your password down  Don’t download unauthorized software or
     Use different passwords for different key files from the Internet
    systems where possible Staying secure when offsite
    Employees travelling on business are responsible
    for the security of information in their custody.
    They should not take confidential data offsite
    unless there is a valid reason to do so.

    While offsite:

     Don’t leave laptops, tablets, phones or


    This document other portable IT equipment in an
    unattended vehicle
    This document is intended to be a brief summary of  Don’t advertise the fact that you have a
    some of the points set out within the set of MTK device in your possession
    MMA Global information security policies. It is  Use PINs and passwords to protect devices
    not comprehensive, and users are referred to a copy from unauthorized access
    of the full policy documents which are available on
    Physical security  Adhere to policies and procedures relating
    to IT use, equipment maintenance and
    When locating computers and other hardware, security
    precautions are to be taken to guard against the  Log out of the network and/or systems
    environmental threats of fire, flood and excessive promptly when requested to do so
    ambient temperature and humidity.

    All employees should be aware of the need to Printing confidential information


    challenge strangers on the organization’s premises.
    Consideration must be given to the secure storage Confidential information should not be sent to an
    of paper documentation containing sensitive or insecure, unattended printer where it may be seen
    confidential information, such as customer files. or picked up by unauthorized people.

    Reporting a security incident Where necessary, use PIN protection on multi-


    function devices.
    All suspected information security incidents must
    be reported promptly to the Information Security
    Manager via the Resolution IT. Provide the
    following information as a minimum: Transferring data outside the
    organization
     Name
     Department Where appropriate, sensitive or confidential
     Contact Number information or data should always be transmitted in
     Description of the incident encrypted form.
     Current and/or potential impact
    Prior to sending information to third parties, not
    Above all, think about what you are going to say only must the intended recipient be authorized to
    and how will you explain your problem: receive such information, but the procedures and
    information security measures adopted by the third
     Notify the Resolution IT of any actual or party must be seen to continue to assure the
    potential breach of security immediately. confidentiality and integrity of the information.
     Record any information which may help. Never store confidential information in
    For example, error messages unauthorized cloud services.
     Adhere to procedures when logging an
    incident If in doubt, contact the Resolution IT for advice.
     Remain courteous to the people dealing
    with the incident
     Request escalation if required by following
    the appropriate procedure

    You might also like