Browser access and password synchronization disabled
julho 26, 2024
Em outubro, vamos vivenciar juntos o Mês Europeu da Cibersegurança
outubro 14, 2024
Dear Colleague,
ensuring information security is teamwork, that we are required to do us not only by common sense and our customers, but also by law. Despite the effort made every year by organizations like ours, most security incidents originate from small actions by individuals. Let’s see how to avoid them.
Do not process work data with personal accounts and storage
It is forbidden to store work data on personal accounts (e.g. email, web drive / cloud storage, software development portals, code repositories / Git / Postman, etc.).
Customer and Company data are critical and must be protected with the utmost care:
- maintaining/consulting them on the systems where they are generated or stored
- exporting them to the company PC only in case of operational necessity and only for the time needed
- not transferring them to devices other than the Company PC
- processing them, in the case of personal data, in accordance with the instructions received from the Customer and in line with data protection regulations
Critical data include work passwords: verify that you have not saved/synchronized any credential on personal devices (cf. bulletin on Engage)
Do not use external memory devices (USB)
It is forbidden to use personal external memory devices (e.g. USB pendrive), for whatever purpose (backup, file transferring, etc.).
To backup, transfer or share files, use only Engineering-provided tools (e.g. OneDrive, Teams, Sharepoint) or similar tools recommended and approved by the customer that owns the data, using work accounts (not private).
Do not download or install illegal or unsafe software
Software is considered illegal not only if it has been pirated to avoid paying for a license but also if it is used for work purposes under a license that does not allow professional use (even if the software was legally purchased).
Additionally, it is essential to obtain software from safe sources (official website, authorized distributor, etc.). Packages obtained from forums, file sharing/P2P services, cloud storage, or portable memory devices should never be installed or stored on company devices.
Browse with caution
Just opening the wrong web page can infect your system with malware and cause a data breach with serious legal, economic, and reputational consequences. The risk of infection increases when downloading documents, images, executables, and other materials from unverified sites. Threats are often hidden behind seemingly innocuous pages that provoke curiosity or concern.
For this reason, it is forbidden to use the company PC for non-work-related purposes at Engineering. Following this simple rule and paying attention to the source and nature of the material we download significantly reduces the risks associated with browsing.
Thank you for your valuable cooperation.
Best regards,
Group Information Security Office
