Changes

Security Guidance

10 bytes removed, 15:55, 5 October 2021
m
Formatting changes to some numeric lists.
Passwords provide important protection for your IMSMA data, but only if you use them properly;
# Switch on Password Protection As well as for mobile devices, switch password protection on for any computers that collect or store IMSMA data.<br /> 
# Consider using encryption on devices that store IMSMA data Encryption can prevent anyone accessing or manipulating IMSMA data. This can include on portable drives that contain your IMSMA NG backups. Newer versions of windows includes [https://docs.microsoft.com/en-gb/windows/security/information-protection/bitlocker/bitlocker-overview Bitlocker] and [https://docs.microsoft.com/en-gb/windows/security/information-protection/bitlocker/bitlocker-to-go-faq Bitlocker to Go] that can be used to encrypt and add password protection to your computers disks and any portable drives where you store your backups.
# Avoid Using Predictable Passwords, and change Default Passwords Passwords should be easy to remember, but difficult to guess. Combinations of random words can make good passwords that are easier to remember. Change any default passwords, especially the IMSMA database accounts, and do not use common passwords such as ‘password’ or ‘imsma’.
# Do not re-use the same password for multiple accounts Especially for online accounts try not to use the same password for more than one website or login, for example using the same password for a forum as you use for MARS or IMSMA Core. This is because if hackers gained access to your login details for one website or app, they could try to use that same password to login to another.<br /> 
# Consider using a Password Manager Where you have a lot of passwords to remember, a password manager such as [https://keepass.info/ KeePass] can help. With these tools you store your passwords in an encrypted ‘vault’ and use one strong master password to access them. If someone obtains the password file they can’t access it without knowing your master password.
### === Understand how to avoid phishing attacks===
Phishing attacks are where hackers or scammers will send fake emails or use bad websites to try to collect sensitive information. They may trick you into logging in to a fake website with your real username and passwords, which they can then use to steal information or in the case of bank accounts, money. Phishing is more of a risk for common online accounts and websites rather than IMSMA NG, but you should still be aware of the risk, for example to protect your email account which you may use to share IMSMA data.
NoPublic
3
edits