National KE-CIRT/CC Cybersecurity Best Practice Guide of the Week





In This Issue:

*        How to  protect yourself from a data leak












Data leakage is the unauthorized transfer of classified information from a computer or datacenter to the outside world which can be accomplished by simply mentally remembering what was seen, by physical removal of tapes, disks and reports or by subtle means such as data hiding.


Tips on how to better protect yourself from a data leak

*                 Avoid storing sensitive data on the Internet or Public Online Storage Space – This may cause data leakage if the access permission is not set up appropriately.

*                 Avoid using the file sharing or peer to peer software – This software will have potential security risks of leakage of data or files in your system.

*                 Encrypt your files – Encryption mechanisms with strong key authentication should be used when files are being transferred in removable media.

*                 Avoid sending sensitive data over Internet e-mail – This may result in a copy of your data being stored or archived by a third-party server.

*                 Virus scan files from external source – Scan the files you have downloaded from the Internet before opening or saving them. This is a critical step for data leakage prevention.

*                 Ensure physical security of your computer – Loss or theft of a computer, USB storage device or even printer, is a common cause of data loss.

*                 Do not leave printed documents unattended – Remember to collect all the printed documents from the network printer and ensure all print jobs are completed when you leave.

*                 Protect your files - Setting password to file that contains personal data for email transmission

*                 Obtain just the right information you need – e.g. Extracting essential student’s information only from the Student Management System (SMS) for use.


Have the above security tips in mind when operating your computer systems. Report any cybercrime incident/activity

to /