We are a financial company and because of that we need to maintain a high security standard. No exceptions.

In order for a lost laptop to remain an inconvenience and not a company wide disaster every employee needs to have their hard drive encrypted.

This ensures that if somebody gains access to your laptop, but doesn't have your password for it then they can't gain access to the data on your hard drive.

Make sure to use strict sleep and require password settings on your laptop.

On mac the hard drive is automatically encrypted out of the box, but check that it is not turned off. It should look like this

If you use windows or linux then various tools are available. It is your own responsibility. Feel free to ask a fellow employee for help if you need it

If you have sensitive data you need to share with a fellow employees (especially stuff like certificates and api keys for developers) don't send it over Slack, email or similar. It could happen that somebodies email or Slack account got hacked. In that case we don't want that to compromise our security. Make sure you use a tool which is end to end encrypted and where the data gets deleted shortly afterwards.

For this we use the tool Wickr read more here.

A common form of social engineering is that a hacker will pretend to be the CEO, CTO or similar of a company and ask an employee to urgently give access to sensitive data. Therefore before you comply to any of such requests talk with the person on the phone and confirm that they are who they say they are.