What is Personal Data?
What term refers to any information that can be used to identify a person?
What is Personally Identifiable Information (PII)
True or False: Your pet's name is a strong password.
What is False?
Define Phishing
What are scammers using email or text messages to try and steal passwords, and any other information that they can?
What should you do when leaving your workstation?
What is lock your screen/computer?
Improper workstation security example
What is leaving your computer unlocked when leaving your desk?
True or False: Is an IP address considered personal data?
What is True?
Why is password security important?
What is to keep PII, your identity, money, and data safe?
Give at least three phishing attempts
What is (but not limited to): say you need to confirm some personal or financial information, includes an invoice you don't recognize, wants you to click on a link to make a payment, and says you're eligible to register for a government refund.
True or False: You can share data with coworkers who "might need it later."
What is False?
Insecure data transmission example
List at least 5 different pieces of information are considered PII
What is: Credit Card Information, Date of Birth, Driver's License, Full Name, Gender, Mailing Address, Zip Code, Race, Social Security Number, Passport Information, and Medical Records.
What is the most common layer of security for your passwords?
What is Multi-Factor Authentication (MFA)?
True or False: Hovering over a link can reveal a fake URL?
What is True?
Files containing personal data should always be sent this way.
What is encrypted?
Improper data disposal example
What is the difference between Sensitive and Nonsensitive PII?
What is Sensitive PII is information not publicly available such as (but not limited to) SSN, Credit Card Information, Passport Information, and Medical Records. Nonsensitive PII is information that is easily accessible from public sources, and that data includes (but not limited to) ZIP Code, Race, and Date of Birth.
What is the recommended minimum password length?
What is at least 16 characters long?
What is a fake website that replicates a real login page
What is a spoofed website?
What tool can be used to limit access to sensitive data based on roles?
What is Role-Based Access Control (RBAC)?
Unauthorized cloud storage/use example
Uploading client data to your person drive.
What is one of the most common methods of PII theft?
Phishing
What is a reliable and useful hub for all your passwords.
What is Password Managers?
What is the most important thing when you face a possible scam?
What is Stay Alert and Think Critically?
What do you need to avoid when handling data (at least two)?
What is (but not limited to): unclear data ownership, lack of encryption, inadequate data backup, not keeping up with regulations, uncontrolled data access, and inconsistent employee training.
Discussing sensitive information infraction example
What is talking about client or employee details in public spaces openly.