Page 36 - CyberSecurityEssentialsEnglish
P. 36

Protect your data
       Data security and privacy go along with one another. You can keep your data secure by creating lengthy, one-
       of-a-kind  passwords  and  keeping  them  in  a  password  manager.  Also,  multi-factor  authentication  (MFA)
       should be enabled whenever possible.

       Understand Information Sharing Threats

       Before you can utilize online services, you should know that many accounts want access to personal data like
       your  location,  contacts,  and  photo  album.  Think  carefully  about  who  receives  that  information,  and  be
       cautious of apps or services that demand access to data that is neither necessary nor pertinent for the
       services they provide.
       The Traffic Light Protocol

       Due to the increase of potential information-sharing threats, the UK Government's National Infrastructure
       Security Coordination Center (NISCC), in the 2000s, developed a sharing threat intelligence protocol named
       the Traffic Light Protocol (TLP). Its primary purpose is to prevent sending sensitive information to the wrong
       recipients.

       TLP offers a clear and straightforward method for securely sharing information with the appropriate party; a
       person, group, or community. The information flow is as follows:

           ✓  The sender gives information a color code (Red, Amber, Green, or White), shown in figure 22, to
               indicate its importance and how the sender will share it with others.
           ✓  The  sender  always  has  the  final  say;  thus,  the  recipient  must  acquire  express  permission  before
               sharing any information with a wider audience.


       In other words, the sender restricts information sharing; only the appropriate person will receive the shared
       information. Senders must ensure that the recipient knows the TLP sharing restrictions, otherwise using it
       will be useless.





















                                                 Figure 22 Traffic Light Protocol

       Protective Guidelines for Safe Information Sharing
       This section explains how to securely and professionally communicate personal information on an as-needed
       basis over the phone, in person, by email, or via removable electronic devices. You must constantly take into
       account the sensitivity of the information, the urgency of the issue when selecting the best manner to disclose
       personal  information,  and  the  amount  of  protection  required.  In  short,  you  have  to  adopt  a  risk-based




          34
   31   32   33   34   35   36   37   38   39   40   41