I’m Dale and I work in the information Security team. To support Cyber Security Awareness Month, my colleagues have written a few posts to help you keep your data and accounts safe, and your home devices too.
Now I’ve pulled together some useful information for you to consider when sharing your own, and Co-op’s information, to make sure it stays safe and doesn’t fall into the wrong hands:
1. Protect your privacy
Lots of us use social media to keep in touch with friends, family and share things that we want people to see. At Co-op we use social media to connect with our customers and members, and we have colleague Facebook and Twitter accounts so you can stay up to date and connect with other colleagues too.
The important thing to remember is that nothing you post on social media is private, no matter what your privacy settings, so you need to be careful what information you post online. You should never post:
- Where you live
- Photos that identify where you live, work, car registration plates or computer screens
- Contact information like an email address or phone number
- Your date of birth. While we all love a happy birthday post, this combined with other information makes it easier for fraudsters to commit identity theft, spam you or try other scams
2. Watch out for metadata
When sharing pictures or files you may be sharing more than you’re aware of, so always check what data could be stored or tracked by third party apps – does the app really need your location data? If not, say no.
There’s also lots of information you don’t see behind photos and files that you share, called metadata. It can reveal information like:
- The name of the person who created the file
- The network user ID of the last person to edit the file
- The location coordinates where a picture was taken
3. Check before sharing Co-op data
Trust is important to us at Co-op. We trust our colleagues not to share commercially sensitive or personal information about our customers, members or colleagues on social media. But many of us need to share information outside of Co-op as part of our job. So it’s important that you:
- Only access/share or send personal information if you have a business need to do so, and this is agreed by your manager
- Check with the Information Security team that the supplier’s passed our supplier assessment process, before sharing any information with them
- Recognise personal information. This could be obvious things (name, address, age, bank details), less obvious things (online identity, photograph, location data) or sensitive things (health, religion, sexual orientation). All this information needs handling properly, so check with your manager or GDPR rep if you’re not sure what that means
- Know how to password protect or encrypt personal information when sharing it outside the Co-op by email. Ask your manager or email my team, if you’re unsure how to do this
Like to know more?
We’re here to help, so if you have any questions, feel free to get in touch with us at: firstname.lastname@example.org
Information Security Policy and Standards Specialist