New employees often receive a PC or laptop, or a smartphone to use professionally. Typically, the IT department will provide the company policy along with the devices. Beyond the tips for configuration and use of company e-mails and software, both new and long-time employees should take time to inform themselves about working in a digital world. This is because the human factor plays a key role in protecting company networks and business data from ransomware or attempted fraud. The checklist below summarises the most important tips for approaching the digital workplace with security at the forefront:

View e-mails critically

• Use caution whether an e-mail sender is an external contact or a colleague or even your supervisor: criminal creatives are increasingly successful at imitating plausible senders for their spam mails
• To avoid being caught in a trap, take time for a 3-second security check: check the sender, the subject line and the attachment before you click.
• To prevent others from reading along with you, we recommend encrypting e-mails before you send them. This means that the intended recipient is the only one who can read the message. Ask your IT department how you can encrypt your communication.

Responsible handling of passwords

• Never write down your passwords on bits of paper to stick Post-its on your monitor or hide under your keyboard or in similar 'discrete' locations.
• You are responsible for ensuring that you are not being observed when you enter your password.
• Use different passwords for every device and every application. Change these passwords regularly.
• If you are permitted to create your own password, rather than them being chosen for you by the IT department, do be sure to choose a most secure password that cannot be guessed: don't use your birthday or the name of your child or pet.

Protect sensitive data on computers, laptops and other devices

• Lock your screen before you walk away to prevent access to your device, even if you only plan to be gone for a few minutes.
• Do not connect removable media to your workplace computer if you don't know where it came from. This includes any freebies you might receive such as USB sticks. There is the threat of infection from malware.
• Do not connect any personal hardware to the company network and do not store company data on private storage media.
• Use on your professional devices only software that your IT department has officially approved.
• Treat with care USB sticks that contain work documents and protect them with a password if possible as well.

Secure Internet connection

• Use the Internet at work for professional purposes only, keeping any private usage to the minimum. This will reduce the threat of malware infections of your systems or potentially the entire company network. Ask your IT department about additional measures you can take to keep private and professional data separate.
• Configure your browser to block pop-ups. If you do not know how to do this, ask your IT department.
• Pay attention to any messages about invalid and/or expired security certificates that appear for web services. When in doubt, ask your IT department.
• As a rule, you should share your personal data sparingly on social media. This is even more true of data on professional and corporate networks as Internet con artists seek these out to collect information for creating realistic e-mails that may use the names of your colleagues.

Take your role seriously

Naturally, the IT department is in charge of company security. However, all employees have the opportunity to contribute to protection against security incidents each time they take time to think about what they are doing and act conscientiously. When your employer provides information about IT security, take time to inform yourself. It can help you both at work and at home.