IT security checklist for employees

IT security checklist for employees



Eight Spoked Asterisk One-off checks



Devices:

Check that your devices are from a reputable brand and  running a supported operating system 
Set  automatic screen lock  to a maximum of 5 minutes of inactivity
Check what  security software  is already installed, and activate/install if needed (e.g. Microsoft Defender, Malwarebytes, or Bitdefender)
Enable  disk encryption (FileVault / BitLocker / Device Encription)
Set your device's recycle bin to  delete files automatically 

Passwords:

 Store  all your passwords in the password manager (easiest: using  import/export  functionalities)
 Delete  all saved passwords from your browser(s) / former password manager / stored elsewhere (in a document, on paper, in emails, etc.)
Replace weak passwords with  strong passwords  generated by the password manager
Enable  MFA/2FA  on all your business accounts



Counterclockwise Arrows Button Recurring checks



Monthly:

Check your (1) downloads folder, (2) desktop, and (3) recycle bin for business files and delete or move them to the cloud/business applications (as far as this isn't done  automatically )
Check that all  security updates  are installed on your device

Quarterly:

Check that the devices you use for business software still meet the requirements of the information security policy
Check that  MFA/2FA  is still active on all business accounts

Yearly:

(Re-)read the  Information Security Policy for employees  to make sure you're aware of our policy and potential changes.
Take  Google's phishing quiz  (8 eight questions that help you identify phishing techniques).
For customers that use Google: Ensure that your  Google Security Checkup  results in 'No issues found'.