You need to upgrade your Flash Player This is replaced by the Flash content. Place your alternate content here and users without the Flash plugin or with Javascript turned off will see this. Content here allows you to leave out noscript tags.

 

 Home » ADMINISTRATIVE INFORMATION » DO's and DONT's Back
 
DO's and DONT's
 

     DO's AND DONT's : CYBER SECURITY PDF FILE DOWNLOAD

       DO's          DONT's

1.

Ensure physical security of computer / laptop and other IT assets

1.

Don't let any unauthorized person use your computer system.

2.

Ensure effective physical access control procedures by using multilevel passwords.

2.

Never select the "Remember my password" option.

3.

Always use screen saver password, user login password and power on password.

3.

Don't share your password with anyone, not even your colleagues.

4.

The password must be a complex one and hard to guess, change them every 15 days.

4.

Don't reveal the admin/root password to any unauthorized persons

5.

The contents of CDs and flash drive are as good as written files. The external storage media containing classified data should be marked and treated like other classified documents.

5.

Do not connect youe computer storing classified data to internet

6.

All classified documents must be stored in an encrypted form in PCs as well as external storage devices.

6.

Don't allow staff to bring their own devices or software to run on the offical computer.

7.

In a multi user system, user log to be maintained.

7.

Don't use pirated or gifted copies of software as these may contain viruses and even faciliate intrusion into the system.

8.

Before deleting the sensitive files, overwrite the files with some junk data to prevent resotration of sensitive data by any means or delete the data by using secure delete option.

8.

Don't play computer games. These could be the main carriers of viruses for an intruder to break into your computer system.

9.

Avoid storing of files on deskstop and C drive of the PC.

9.

Dont's store TOP SECRET or SECRET information permanently in the hard disk of PC. Whenever TOP SECRET or SECRET information is processed on the PC, erase the information immediately from the disk after the processing is over.

10.

CD drive to be disabled and external CD writers are to be kept under the custody of Gp "A" officer only.

10.

When CDs or DVDs are used for working on TOP SECERT or SECRET information it should be handled in accordance with instructrions for handling TOP SECRET or SECRET documents. It will be the responsibility of the authorized officer under whose supervision the work is being carried out.

11.

Ensure safe custody of computer storage media like CDs/DVDs, Pen drive etc.

11.

Don't carry CDs or removabvle devices outside the office bulding. In case a device has to be taken outside the office building, its movement will be with the prior approval of the officer-in-charge. A record of the movement indicating full details like date or time of its being taken out, name of the officer taking it out and purpose, date and its time of its return etc will be maintained.

12.

Every new incoming storage media and software should be tested for malwares.

12.

Don't become a memeber of any unofficial chat club. Don't use official internet for joining and offical chat club.

13.

Always use original software purchased from the authorized vendors.

13.

Don't download free songs/videos or any objectionable material on PCs where official work is carried out as such downloads often contains malware.

14.

Use a standalone computer for internet work and no official work is to be permitted on that PC.

14.

Do not use pen drivers/ USB data storage devices on official PCs.

15.

Ensure proper marking of removable media like CD/DVD. The defective CD/DVD to be physically broken and destruction certificate for the same to be kept for auditing purpose.

15.

Do not use/ install freely available screen saver on internert as these may have encode spyware / Trojan.

16.

Always use UPS to ensure uninterrupted power supply and to prevent any corruption of data and software.

16.

Don't be tricked into giving away confidential information.

17.

Maintenance and rectification of PC faults to be undertaken in the presence of individual user. Under no circumstance the PC to be handed over to outside maintenance engineer alone.

17

Don't use unprotected computer on public networks for carrying out official work.

18.

Ensure centralized printing of all documents. Network printer must be located in a secure place.

18.

Don't leave senstive information unattended on your desktop on official PCs

19.

Always keep the PC updated with antivirus and OS update patches.

19.

Don't install unauthorised software programs on your office computer

20.

Portable storage media used on internet machine to be scanned for spyware, Trojan viruses and other suspicious malware before being used on department LAN systems.

20.

Don't post any private or sensitive information on any social media

21.

Ensure first boot device is the internal HDD.

21.

Don't open mail or attachement from an untrused sourcee. Report the same immediately as cyber attacker often trick you into visiting malicious sites and downloading malware to steal data& damage network.

22.

Install latest software patches

22.

Never reply to emails requesting personal or financial information.

23.

Install a personal firewall

 

 

24.

Never log in as Admin for day to day work.

 

 

25.

Take regular backups.

 

 

26.

Disable services that are not reqiured.

 

 

27.

Always lock account while leaving the computer.

 

 

28.

Encrypt sensitive data on HDD.

 

 

29.

Wipe data from unused portion of the disk

 

 

30.

Local Security Policy:

 

 

 

(a) Show a customized warning screen

 

 

 

(b) Only have one Admin account.

 

 

 

(c) Set a strong Password policy.

 

 

 

(d) Set a strong Account lockout policy

 

 

 

(e) Disable file sharing

 

 

 

(f) Enable auditing

 

 

 

(g) Disable Guest account if not required

 

 

31.

Stay alert and report suspicious activity.

 

 

32.

Always use password protect for sensitive files and devices.

 

 

33.

Be cautious of suspicious e-mails and links.

 

 

34.

Delete information when it is no longer needed.

 

 

35.

Be aware of your surrounding when printing, copying, facing or discussing senstitive information.

 

 

36.

Physically secure your Laptop and never leave it unattended.

 

 

Copyright : 2007-2014 Directorate General of Quality Assurance, Department of Defence Production, Ministry of Defence, Government of India.
Site best viewed in IE 4.0 or Netscape 4.0 and later versions, and 1024 x 768 Resolution.