Security Management and Protection of Information in the workplace

When at work use your office PC for business only, avoid using it to do personal activities such as online shopping, banking and checking social media sites. 

Be aware and alert of piggybacking. When in doubt question strangers lurking around the office area and request for their identification then verify it.

Never discuss sensitive work subjects / topics in public areas or spaces for example in an elevator, or even a taxi.

Keep your desk clean and ensure sensitive information in a locked and secure cabinet.

Classify information and handle them appropriately according to policies.

Restrict access to the shared drive to authorised personnel only.

Report suspicious security breaches to management or information security officer

Don't leave the print out at the printer unattended to when printing sensitive documents.

Social Engineering

Beware of people who call you and ask for your personal information, passwords, and other sensitive information

Question the suspected social engineer for his/her identity, as well as the authorisation for requesting the information

Never provide sensitive information via email

Be suspicious of anyone who tries to get personal data passwords and other sensitive information from you.