/
All behaviours
Account Compromise
Account compromise happens when unauthorised people access them.
- Using multi-factor authentication
- Enabling fingerprint or facial login for devices and/or accounts
- Using a separate passphrase for email account(s)
- Not using personal details in passwords
- Using Single Sign On
- Creating a passphrase ruleset
- Checking password exposure
- Checking personal data exposure
- Reporting old accounts
- Doesn't share passwords
- Using a password manager
- Reporting security incidents
- Asking for help
- Completing security awareness training
- Using different passwords
- Installing antivirus on workplace devices
- Following security warnings
- Using privacy screens
- Reads security policies
- Challenging security policies
- Setting an account password with network provider
- Using private browsing windows
- Doesn't click links in unexpected texts
- Reporting suspicious messages
- Checking emails for signs of deception
Malware Infection
Malware infections occur when malicious software makes its way on to a device or network.
- Reporting security incidents
- Asking for help
- Completing security awareness training
- Blocking pop-ups
- Adding security extensions to browsers
- Downloading content from trusted websites
- Closing pop-ups with [alt]+[F4] (Windows) or [cmd]+[w] (Mac)
- Installing antivirus on workplace devices
- Enabling firewalls
- Enabling auto-updates
- Enabling Google Play Protect
- Restricting administrator privileges
- Downloading apps from trusted app stores
- Enabling "show file extensions"
- Following security warnings
- Running antivirus if a new icon or desktop pop-up appears
- Doesn't plug unknown devices into work devices
- Referring suspicious attachments
- Checks websites for signs of deception
- Using bookmarked websites
- Doesn't click links in unexpected texts
- Verifying messages
- Checking emails before forwarding them
- Reporting suspicious messages
- Checking emails for signs of deception
Data Theft
Data theft is the intentional stealing of data.
- Enabling fingerprint or facial login for devices and/or accounts
- Reporting security incidents
- Blocking pop-ups
- Enabling firewalls
- Enabling auto-updates
- Enabling Google Play Protect
- Restricting administrator privileges
- Running antivirus if a new icon or desktop pop-up appears
- Doesn't plug unknown devices into work devices
- Changing default passwords
- Using a screen lock
- Locking devices
- Shutting down devices when not in use
- Turning off Bluetooth
- Using a VPN
- Tethering a laptop
- Disabling "automatically connect to Wi-Fi" on mobile devices
- Enabling encryption
- Securely removes data from a devices before decommissioning
- Using a webcam cover
- Checking unknown people's details or security passes
- Preventing tailgating at security checkpoints
- Does not share work passes
- Escorting visitors and ensuring they follow security policies
- Reporting lost or stolen devices
- Using private browsing windows
- Verifying callers
- Doesn't click links in unexpected texts
- Verifying messages
- Checking emails before forwarding them
- Reporting suspicious messages
- Checking emails for signs of deception
Data Leak
A data leak is when data is accidentally or intentionally disclosed to unauthorised people.
- Asking for help
- Completing security awareness training
- Reporting unnecessary access
- Using privacy screens
- Refraining from discussing sensitive work topics in public
- Updating a document's classification if necessary
- Reads security policies
- Challenging security policies
- Categorising sensitive documents
- Securely disposing of confidential documents
- Keeping desks clear
Physical Damage
Physical damage is the damage, destruction or theft of devices and other hardware.
- Checking unknown people's details or security passes
- Preventing tailgating at security checkpoints
- Does not share work passes
- Escorting visitors and ensuring they follow security policies
Personal Exposure
Personal exposure is the extent to how much someones personal information is available online.
- Reporting old accounts
- Using a search engine to search for personal information
- Completing security awareness training
- Using a screen lock
- Locking devices
- Refraining from discussing sensitive work topics in public
- Backing up data
- Securely disposing of confidential documents
- Reviewing privacy settings and permissions for apps and online services
- Reviewing social media privacy settings
- Removing personal details from the open voters register
- Requesting personal photos or information are removed
- Verifying messages
- Checking emails before forwarding them
Privacy Violation
A privacy violation occurs when an unintended person learns about someone elses private information.
- Adding security extensions to browsers
- Using a webcam cover
- Clearing cookies regularly
- Reviewing privacy settings and permissions for apps and online services
- Reviewing social media privacy settings
- Removing personal details from the open voters register
- Using private browsing windows
- Requesting personal photos or information are removed
Fraud & Identity Theft
Identity theft and fraud can occur when criminals use personal information for their own gain, or when they cause loss to another.