1

Information SecurityInformation Security

Toolbox Talk

This document is made available on the condition that it is used solely to assist you in the preparation of your own safety training material. Use for resale or similar commercial activity to third parties is strictly forbidden. This document was produced for our

internal use only, and therefore it may not be suitable or sufficient for your purposes. No guarantees whatsoever can be given as to their legal compliance or comprehensiveness, and you are responsible for obtaining professional advice and verification as to the correctness or suitability of any training or documents which you produce which are based wholly or in part on these. No liabilities whatsoever are accepted. It has been made available purely for information to others who may find them useful when formulating

their own safety training and procedures.

© A. Groves & Océ (UK) Ltd

2

Rule 1Rule 1

Always keep to our Policies Keep to our information security policies.

Obey the customer’s information security rules.

Respect the law and privacy legislation.

Use approved hardware and licensed software only.

3

Rule 2Rule 2

Handle information with care Keep your desk / work area clear.

Keep confidential information protected (under lock & key) during breaks and when going home.

Remove printed matter from printers, copiers and faxes immediately

Dispose of documents and digital media securely

4

Rule 3Rule 3

Keep your passwords and PINs secret Use quality passwords and PINs, and change them

regularly

Keep your password and PINs secure and don’t share them with anyone.

Use password-protected screensavers.

Log off and switch the PC off before going home.

5

Rule 4Rule 4

Know whom you’re dealing with Exercise caution in conversations and professional

interactions.

Ensure that you know who you are communicating with on the phone, the internet or via e-mail.

Use your best professional judgement when getting or giving information. Not everything is true.

6

Rule 5Rule 5

Use e-mail and the Internet with care Use e-mail and the Internet primarily

for business purposes.

Don’t open any strange e-mails or attachments and be careful when downloading information.

Don’t send strictly confidential information via e-mail unless it is encrypted.

Don’t access, download, store and send illegal or offensive materials.

7

Rule 6Rule 6

Pay attention to physical security and mobile equipment Escort guests and make sure they

wear their visitor badges.

Question strangers about their presence in your department.

Protect your mobile equipment with a password or PIN and don’t leave it unattended.

Avoid the use of non-company equipment on the company network.

8

Rule 7Rule 7

Report incidents like viruses, thefts and losses. Report suspicious activity at your workstation / area

immediately.

Report all security incidents like thefts, losses, etc. to your manager and security co-ordinator.