Desent

Security Rules

Essential security practices to keep our company and clients safe. These simple rules protect everyone.

Welcome to Security at Desent Solutions

Security is everyone's responsibility. These basic rules will help you protect our company, our clients, and yourself from security threats. They're simple to follow and essential for your daily work.

1

Never Share Passwords or Credentials

Your login credentials are personal and should never be shared with anyone, including colleagues or managers.

  • Use your own individual accounts for all systems
  • Never write down passwords or store them in plain text
  • Use unique passwords for different accounts
2

Enable Multi-Factor Authentication (MFA)

MFA adds an extra layer of security by requiring a second form of verification beyond your password.

  • Enable MFA on all work accounts (email, GitHub, cloud services)
  • Use an authenticator app rather than SMS when possible
3

Protect API Keys and Secrets

API keys and secrets are like passwords for systems and must be handled with extreme care.

  • Never commit API keys or passwords to Git repositories
  • Use environment variables or secrets managers
  • If you accidentally commit a secret, rotate it immediately and notify IT
4

Lock Your Screen and Secure Your Device

Physical security is just as important as digital security.

  • Always lock your screen when stepping away from your computer
  • Enable full-disk encryption on your work laptop
  • Keep your operating system and software up to date
  • Don't leave your laptop unattended in public places
5

Be Aware of Phishing and Social Engineering

Attackers often try to trick people into giving up their credentials or sensitive information.

  • Verify sender email addresses before clicking links or downloading attachments
  • Hover over links to see the actual URL before clicking
  • Be suspicious of urgent requests for passwords or financial information
  • When in doubt, contact the sender through a different channel to verify
6

Report Security Concerns Immediately

If you notice anything suspicious or make a security mistake, report it right away.

  • Report phishing emails or suspicious messages
  • If you accidentally exposed credentials, notify IT immediately
  • Report lost or stolen devices as soon as possible
  • No one will be punished for honest mistakes reported promptly

Security Knowledge Quiz

Test your understanding of our security rules with this short quiz.

Question 1 of 10Score: 0/0

What should you do if you receive a suspicious email asking for your password?

Need Help?

If you have any questions about these security rules, please contact Lukas directly via WhatsApp.