Lilt - IT Policies and Cyber Security 2022

Policies & Procedures

Click on the Introduction tile below to begin

Introduction

Policy Information

Contacts & Key Points

Click on the 'Next Activity' button at the top or bottom of the page when you have explored each section the the course.

Menu

Click on the right arrow icon at the end of the video to continue your learning

Click this arrow icon to continue

Menu

Introduction

IT policies and Cyber Security

Information security is really important to the Watches of Switzerland Group and we have a range of IT policies that help us stay safe. Smartphones, computers, tablets and the internet are such a key part of our lives that it is difficult to imagine how we would cope without them. It is more important than ever that we take steps to protect them and the information they contain. The policies covered in this learning session contain a lot of detailed information around the use of IT devices, systems and networks, including what is and what is not allowed. All colleagues need to understand how the policies relate to them in their role, and in the case of the Social Media Policy, this applies to their personal accounts too. We all have a responsibility to keep each other, the business and our information safe.

Click on the menu button to continue

Menu

Keeping Us Safe

Software Installation Policy

Our Software Installation Policy requires the installation of any software on any Group device to be authorised and carried out by the IT Team. This prevents colleagues downloading potentially harmful software, or software that may otherwise adversely affect our systems. If you need any software installing, contact the IT Service Desk.

Software Installation Policy DE

Click on the arrow button to continue

Menu

Keeping Us Safe

Anti Malware and Cyber Security Policies

Our Anti Malware and Cyber Security Policies outline how we can defend the Group against the threat of viruses, phishing, ransomware and all other types of malware. We have software installed to protect us, but you need to know how to recognise the different types of malware so that you can avoid transmitting or opening anything containing it.

Cyber Criminals

We have a dedicated cyber security team – if you have any questions you can contact them via cybersecurity@thewosgroup.com

Cyber Scams

Click on the arrow button to continue

Menu

Keeping Us Safe

Spotting Scams and Avoiding Viruses

Malicious emails and text messages may look like they’re from a company you know or trust; a bank, a credit card company, a social networking site, an online payment website or app, or an online store.

Clicking on a link or opening an attachment

How to spot it may not be genuine

If you are not sure whether a message is legitimate, you can try to verify it by contacting the company directly, using contact information from a statement for example, or from the company’s official website. Search for the company online, but not using details from the message you have received. If in any doubt, advise the IT Service Desk and delete the message!

Click on the arrow button to continue

Menu

The sender’s email address is familiar, but not related to the email content

Keeping Us Safe

Spotting Scams and Avoiding Viruses

Contains urgent call to action

The following characteristics identify a potential phishing email:

Contains spelling and grammatical error

Familiar Logo

The actual address the email was sent from differs from that appearing in the ‘From’ box

Contains a link for you to click to take action

Click on the arrow button to continue

Menu

What would you do?

Spotting Scams and Avoiding Viruses

Hover over the A and B tiles below to identify the response then select your answer (grey tiles)

A caller rings and says they are from IT and they need remote access to your PC to check for a potentially serious problem – they say they will send you an email that will allow them to do this. What would you do?

This is what I would do

This is what I would do

REMEMBER Never give out the full security word from ONE - you should only ever be asked for one character

Click on the arrow button to continue

Menu

What would you do?

Spotting Scams and Avoiding Viruses

• Support colleagues visiting showrooms should be identified using the Directory on ONE.

Do not accept ID/business cards – always use ONE, or if the colleagues is not present on ONE then contact their line manager for confirmation.

• Third party visits to showrooms should be booked in advance. .

ID should be presented to confirm the name of the expected visitor. If in any doubt contact the relevant department to confirm the visitor

• Third party visitors must be accompanied at all times in showrooms.

Click on the arrow button to continue

Menu

Keeping Us Safe

Anti Malware and Cyber Security Policies

Our Anti Malware and Cyber Security Policies outline how we can defend the Group against the threat of viruses, phishing, ransomware and all other types of malware.

Anti Malware and Cyber Security Policies DE

Click on the arrow button to continue

Menu

Keeping Us Secure

Password security

Our Password Creation and Protection Policy helps you to choose secure passwords for your devices and systems to prevent any unauthorised access. This is important information that everyone should follow to avoid a potential compromise of data and systems belonging to you, others or even the Group as a whole.

What makes a good password?

Click on the below three tiles to learn more

Family Names

Same Passwords

Short and Simple

Click on the arrow button to continue

Menu

Keeping Us Secure

Password security

Password Protection & Creation Policy DE

Click on the arrow button to continue

Menu

Keeping Us Professional

Electronic messaging

All colleagues need to know the contents of our Electronic Messaging Policy Including Email. This policy describes how you should use all forms of electronic messaging from WhatsApp and SMS Texts to Email, including the correct format for email signatures.

• Set up multi factor authentication (MFA) and use the App as this is the most secure

• Do NOT click to auth any unexpected MFA requests - report these to The Service Desk

• For official business always use Watches of Switzerland Group electronic messaging facilities – never use a personal account.

• Make sure that nothing you send could affect the Group’s reputation or affect its relationship with suppliers, clients or other stakeholders.

• Electronic communications are monitored and recorded centrally to help us protect the interests of the business.

Click on the arrow button to continue

Menu

Keeping Us Professional

Social media

Our Social Media Policy covers rules and expectations for using social media accounts. As social media is widely used, it is important that you understand the full policy, as well as they following key points.

Key Points

Electronic Messaging Policy & Social Media Policy DE

Click on the arrow button to continue

Menu

Keeping Us Going...on the go

Mobile devices and remote access

Mobile devices include items such as laptops, notebooks, tablet devices, smartphones and smart watches. Our Mobile Device Policy sets out the rules that must be followed when using mobile devices, as well as additional precautions to protect against loss or theft, compromise of classified or confidential information or introduction of viruses.

Click on the remote access below to learn more

Remote Access

Remote Access Policy & Mobile Device Policy UK

Click on the arrow button to continue

Menu

Keeping Us Connected

Wireless and internet

Click on the icons below below to learn more

Internet Usage

Wireless Communication

Wireless Communication Policy & Internet Usage Policy UK

You should read this policy together with the Social Media Policy and the Unacceptable Use Policy

Click on the arrow button to continue

Menu

Keeping Us Right...

Equipment and technology

We know that our colleagues will want to use the IT equipment and facilities provided by the Group in a responsible manner. For clarity and alongside the information in the policies already covered, the Unacceptable Use policy clearly sets out what is not permitted, covering system and network activities, email and communication activities, Social Media and blogging, both within and outside of the workplace.

Unacceptable Use Policy DE

Click on the arrow button to continue

Menu

The End

Equipment and technology

Technology equipment often contains parts which cannot simply be thrown away, or more importantly data, which must be properly destroyed. Proper disposal of equipment is both environmentally responsible and often required by law. No IT equipment should be disposed of via skips, dumps, landfill etc. Contact the IT Service Desk who will arrange proper removal of all data prior to final disposal of equipment.

Technology Equipment Disposal Policy DE

Click on the menu button to continue

Menu

Support Contacts

Who to contact and when

Cyber Line

IT Service Desk

Contact Information

The Cyber Line is available 24/7

Cyber:

309

146

Option 0

01200

IT Service Desk:

309

146

Option 2

01200

Email: cybersecurity@thewosgroup.com

If a request appears to come from someone in the business, don’t be afraid or embarrassed to question it. How embarrassed would you be if your didn’t question it and your account was hacked, causing a risk to the business? Remember to delete anything suspicious and then delete it from your Deleted Items.

Click on the arrow button to continue

Menu

Key Points

• Cyber security is everyone’s responsibility! For urgent cyber assistance you can call the Cyber Line. For any other concerns or queries, please email the Cyber Security team

Contact Numbers

• ID alone should not to be used to confirm the identity of visitors to our showrooms or offices – verify their picture to ONE or contact their line manager for confirmation.

Cyber:

309

146

Option 0

01200

IT Service Desk:

309

146

Option 2

01200

• Use different multi-word passwords for each account and change them frequently

• If you have any suspicions that an email or SMS is not genuine, DO NOT click any links or images they contain and report it.

• Keep an eye out for any electronic devices that do not genuinely seem to be company equipment and report them immediately.

• DO NOT DISPLAY PASSWORDS, OR THE CURRENT SECURITY WORD, OR SHARE THEM WITH ANYONE.

Click on the menu button to return to the main menu