GeneralBots/botserver
2
1
Fork 0
Code Issues Pull requests Projects Releases 323 Packages Wiki Activity Actions
botserver/templates/it/helpdesk.gbai/helpdesk.gbkb/security-tips.md
Rodrigo Rodriguez (Pragmatismo) 50eae38d36 Looking at this diff, I can see it's a comprehensive documentation 
update and code refactoring focused on:

1. Adding new documentation pages to the table of contents
2. Restructuring the bot templates documentation
3. Changing keyword syntax from underscore format to space format (e.g.,
   `SET_BOT_MEMORY` → `SET BOT MEMORY`)
4. Updating compiler and keyword registration to support the new
   space-based syntax
5. Adding new keyword modules (social media, lead scoring, templates,
   etc.)

Refactor BASIC keywords to use spaces instead of underscores

Change keyword syntax from underscore format (SET_BOT_MEMORY) to more
natural space-separated format (SET BOT MEMORY) throughout the codebase.

Key changes:
- Update Rhai custom syntax registration to use space tokens
- Simplify compiler preprocessing (fewer replacements needed)
- Update all template .bas files to use new syntax
- Expand documentation with consolidated examples and new sections
- Add new keyword modules: social_media, lead_scoring, send_template,
  core_functions, qrcode, sms, procedures, import_export, llm_macros,
  on_form_submit
2025-11-30 10:53:59 -03:00

4.1 KiB
Raw Blame History

IT Security Tips and Best Practices

Password Security

Creating Strong Passwords

  • Use at least 12 characters
  • Mix uppercase, lowercase, numbers, and symbols
  • Avoid personal information like birthdays or names
  • Don't use common words or patterns
  • Consider using a passphrase: "Coffee$Morning2024!"

Password Management

  • Never share your password with anyone
  • Don't write passwords on sticky notes
  • Use the company-approved password manager
  • Change passwords immediately if you suspect compromise
  • Use unique passwords for each account

Phishing Awareness

How to Spot Phishing Emails

  • Check the sender's email address carefully
  • Look for spelling and grammar mistakes
  • Be suspicious of urgent requests
  • Hover over links before clicking to see the real URL
  • Beware of unexpected attachments

Common Phishing Red Flags

  • "Your account will be suspended"
  • "Click here immediately"
  • "Verify your password"
  • "You've won a prize"
  • Requests for sensitive information

What to Do If You Suspect Phishing

  1. Do NOT click any links
  2. Do NOT open any attachments
  3. Do NOT reply to the email
  4. Report the email to security@company.com
  5. Delete the email from your inbox

Device Security

Laptop Security

  • Lock your screen when away: Windows+L
  • Never leave your laptop unattended in public
  • Use the laptop lock cable when in shared spaces
  • Enable full disk encryption
  • Keep your operating system updated

Mobile Device Security

  • Use a strong PIN or biometric lock
  • Enable remote wipe capability
  • Don't connect to unknown Wi-Fi networks
  • Keep apps updated
  • Only install apps from official stores

Data Protection

Handling Sensitive Data

  • Only access data you need for your job
  • Don't copy sensitive data to personal devices
  • Use company-approved cloud storage only
  • Encrypt files before sending externally
  • Shred physical documents with sensitive info

Clean Desk Policy

  • Lock your computer when leaving
  • Put away sensitive documents
  • Don't leave printouts on the printer
  • Secure notebooks with confidential notes
  • Clear whiteboards after meetings

Remote Work Security

Working from Home

  • Use the company VPN for all work
  • Secure your home Wi-Fi with WPA3
  • Don't let family members use work devices
  • Position your screen away from windows
  • Use a privacy screen in public places

Public Wi-Fi Dangers

  • Avoid public Wi-Fi for work tasks
  • Always use VPN if you must connect
  • Don't access banking or sensitive sites
  • Verify the network name with staff
  • Disable auto-connect to open networks

Social Engineering

Types of Social Engineering

  • Phishing: Fake emails requesting info
  • Vishing: Phone calls impersonating IT/execs
  • Tailgating: Following someone into secure areas
  • Pretexting: Fabricated scenarios to gain trust

How to Protect Yourself

  • Verify unexpected requests via a known channel
  • Don't give info to unverified callers
  • Challenge unknown people in secure areas
  • Report suspicious behavior immediately

Incident Reporting

What to Report

  • Suspicious emails or calls
  • Lost or stolen devices
  • Unauthorized access attempts
  • Malware or virus warnings
  • Any security concerns

How to Report

  • Email: security@company.com
  • Phone: ext. 4357 (HELP)
  • Create a ticket with category "security"
  • For urgent issues, call immediately

Security Updates

Why Updates Matter

  • Fixes known security vulnerabilities
  • Protects against new threats
  • Ensures compliance with policies
  • Improves system stability

Update Schedule

  • Windows updates: Weekly on Wednesday nights
  • Application updates: As released
  • Antivirus: Daily automatic updates
  • Browser updates: Enable auto-update

Frequently Asked Questions

Q: Can I use my personal email for work? A: No, always use your company email for work communications.

Q: Is it safe to use USB drives? A: Only use company-approved encrypted USB drives.

Q: Can I install software on my work computer? A: No, contact IT to request software installation.

Q: What if I accidentally clicked a suspicious link? A: Disconnect from the network and contact IT security immediately.