Hints Archive - SEC4YOU

Information security risk survey for 27001 and TISAX®

Due to the rapidly increasing threats to an IT operation, every company should survey and evaluate the relevant IT threats with regard to information security. However, the selection of threats for the primary InfoSec protection goals confidentiality, integrity and availability is very complex, because there are no simple threat lists, especially for small and [...]

Von Andreas Schuster|2022-11-06T10:05:24+01:0008.07.2022|Blog EN, Hints, ISMS tools|

11 tips for fast ISO 27001 certification

We would like to provide valuable tips for the implementation of ISO 27001 for all companies that are aiming for certification. The ISO 27001 standard describes the requirements of an information security management system (ISMS), which also includes having a person responsible for information security. This person is often called the information security officer [...]

Von Andreas Schuster|2022-11-06T09:38:55+01:0008.11.2021|Blog EN, Hints, ISMS tools|

Secure coding — this is how Security by Design succeeds

Secure coding is no longer new in software development. It has also been established for a long time, you can find a wealth of information about it, there are courses, tutorials, and everything is well documented. All developers should therefore be using it by now. Unfortunately, developing secure software does not start with a simple [...]

Von Rene Pfeiffer|2022-11-06T09:53:10+01:0025.09.2018|Blog EN, Hints|

Tip #5: Clear Desk Policy

Clear Desk Policy: Unprotected documents at the workplace can very easily be viewed or copied by unauthorized persons in your absence. Therefore, keep sensitive documents in a secure lockable location while you are away. If you work with internal or confidential data, you need an access system at the office door and a lockable box [...]

Von Admin Sec4u|2022-11-06T10:02:22+01:0002.04.2017|Hints|

Tip #4: Caution Social Engineering

Social engineering exploits human behavior such as helpfulness or respect for authority to obtain confidential information. When communicating with unknown people, be careful what information you disclose. Places and media used for social engineering: public transportation at the lunch table at business events in the company parking lot by telephone by e-mail online surveys through [...]

Von Andreas Schuster|2022-11-06T10:02:29+01:0002.04.2017|Hints|

Tip #3: Always supervise visitors

The entry of visitors or guests without supervision poses a risk to the protection of information. Always pick up visitors from the doorman and escort them while they are in the company. If there are guest badges, ask your visitors to wear them, especially if they are allowed to move freely around the company. Do [...]

Von Andreas Schuster|2022-11-06T10:02:36+01:0002.04.2017|Hints|

Tip #2: A sticky note is no place for passwords

Sticky notes or Post-it's® are not a suitable place for the permanent storage of passwords. Any password written down allows identity theft and subsequently unauthorized access to information. Therefore, keep your passwords in a safe place. Even if it is difficult in everyday life, access codes should not be written down here: Post-it's® notebooks the [...]

Von Andreas Schuster|2022-11-06T10:02:46+01:0002.04.2017|Hints|

Tip #1: Think before you click!

Fake emails are used to spread malware and trick recipients into revealing sensitive information. Do not fall into the trap and be skeptical of unknown senders. Hence the advice to "Think before you click!". Typical deceptions that can cause harm by a click / click: Letter from the bank to update the account data, for [...]

Von Andreas Schuster|2022-11-06T10:02:54+01:0002.04.2017|Hints|

Hints

Titel