Data Location: Endpoint
-
Don’t reuse passwords
—
by
Do not reuse passwords for multiple services. Do not use your Kerberos password for non-Kerberos enabled systems.
-
Use strong passwords
—
by
Use strong passwords. Change authentication keys e.g., password, certificate, regularly – at least annually.
-
File encryption
—
by
Use file level encryption when sharing files on platforms like email, Dropbox, Slack. Encryption keys must be shared via another method.
-
Automatic software updates
—
by
Configure automatic download and application of software and operating system updates.
-
Limit access
—
by
Information is accessible only for authorized purposes and shared only with those authorized to receive it.
-
Review user access
—
by
Review which user accounts have access to information at this level regularly – at least annually.
-
Revoke permissions
—
by
Revoke permissions when a user no longer needs access to information (e.g., upon project completion or job change).
-
Security responsibilities training
—
by
Train all users with access to ensure understanding of their responsibilities with regard to handling information.