Never store or transmit any sensitive information using plain-text methods.  

  • No notepad files, sticky notes, emails, or any human readable format 

  • Do not store sensitive information unnecessarily

    • Example: Employee information, if stored, should either be encrypted and truncated 

DO NOT send information outside of protected protocols 

  • Research the standards and regulations associated with the information you’re considering storing or receiving regularly. 

  • Know where in the process of sending and receiving information encryption and decryption is most secure. 

  • Update regularly; stay up to date with current regulations to not fall behind. 

  • If your company allows employees to bring their own devices, ensure access to sensitive information cannot be done on unsafe and unsecure networks.