/
All behaviours
- SB003 Uses a strong password or passphrase
- SB013 Reports known or suspected security incidents
- SB024 Enables auto-updates for workplace devices (if permitted)
- SB061 Regularly backs up data
- SB001 Enables multi-factor authentication for workplace accounts
- SB007 Checks whether passwords (or other personal data) have appeared in known data breaches
- SB008 Checks whether personal information shared publicly online could be used to answer security questions
- SB010 Does not share passwords
- SB016 Does not re-use passwords between accounts
- SB019 Only uses well-known, reputable and trusted websites to download content
- SB020 Checks the hyperlink's destination before clicking it
- SB022 Installs antivirus on all compatible devices
- SB022a Installs antivirus on all compatible workplace devices
- SB022b Installs antivirus on all compatible personal (i.e. non workplace) devices
- SB017 Only downloads apps from trusted sources (e.g. Google Play or The App Store)
- SB034 Refers suspicious attachments to the security team
- SB035 Changes default passwords (if possible) on all internet-connected devices
- SB036 Secures devices with automatic screen locks
- SB036b Secures laptop and desktop devices with automatic screen locks
- SB036a Secures mobile devices with automatic screen locks
- SB037 Locks devices when they're not in use
- SB037a Locks mobile devices when they're not in use
- SB037b Locks laptop or desktop device when not in use
- SB041 Enables a VPN when using public Wi-Fi
- SB045 Informs organisation about unnecessary access to data or systems
- SB046 Securely removes data from devices before decommissioning
- SB051 Updates a document's classification if its sensitivity changes
- SB055 Reads organisational security policy
- SB056 Highlights security controls that prevent or disrupt ability to work sensibly
- SB057 Checks the URLs to ensure a website is legitimate
- SB060 Correctly categorises information
- SB064 Prevents tailgating at security checkpoints
- SB067 Securely disposes documents containing sensitive data once no longer needed
- SB068 Leaves vacant desks clear of sensitive information
- SB069 Reports lost or stolen devices to IT or Security team
- SB071 Regularly reviews privacy settings on social media accounts
- SB080 Verifies caller details from unexpected calls
- SB082 Uses known contact details to verify suspicious messages
- SB088 Checks emails for signs of deception
- SB089 Does not share MFA codes
- SB091 Does not forward work information to personal email addresses
- SB092 Returns allocated devices when no longer needed
- SB093 Deletes old personal online accounts if no longer used
- SB094 Does not use personal devices for work unless authorised to do so
- SB095 Does not share film recordings or photos from work locations
- SB096 Does not carry sensitive work information or unauthorised devices to countries with high security risks
- SB100 Takes additional measures to prevent eavesdropping when working outside the office
- SB105 Uses a security key
- SB150 Does not use a password that has been compromised in a data breach
- SB151 Does not use weak passwords
- SB152 Does not log in with shared credentials
- SB154 Does not visit unauthorised websites
- SB155 Does not download content or material from unauthorised websites
- SB156 Discloses credentials to a phishing site
- SB156a Discloses credentials to a simulated phishing site
- SB158 Downloads a file from an unknown source
- SB153 Does not run a file from an unknown source
- SB159 Does not click a phishing link
- SB159b Does not click a simulated phishing link
- SB161 Reports a suspected phishing email
- SB161b Reports a simulated phishing email
- SB163 Does not open a phishing email
- SB163a Does not open a simulated phishing email
- SB164 Does not open an attachment in a phishing email
- SB164a Does not open an attachment in a simulated phishing email
- SB167 Reports a suspected phishing message
- SB167a Reports a suspected phishing message in Slack
- SB167b Reports a suspected phishing message in MS Teams
- SB169 Does not open an attachment in a message from an unknown source
- SB169b Does not open an attachment in a MS Teams message from an unknown source
- SB169a Does not open an attachment in a Slack message from an unknown source
- SB171 Does not use work email address that has been compromised in a data breach
- SB172 Does not use a personal email address that has been compromised in a data breach
- SB173 Does not use work email addresses for non-work purposes
- SB174 Does not log in from a device running out of date operating software
- SB174a Does not log in from a mobile running out of date operating software
- SB174b Does not log in from a desktop/laptop running out of date operating software
- SB175 Does not log in from a rooted mobile device
- SB177 Does not lose device through theft or negligence
- SB177a Does not lose mobile device through theft or negligence
- SB177b Does not lose laptop/desktop through theft or negligence
- SB178 Does not share a desktop device
- SB182 Does not send sensitive information out of the business (email or otherwise)
- SB183 Does not send emails to unintended recipient(s)
- SB184 Does not share a file containing confidential information
- SB185 Does not post confidential information in a public messaging channel
- SB186 Does not post PII in a public channel
- SB187 Does not share a file containing PII
- SB188 Does not share sensitive information with unauthorised recipients
- SB189 Does not use unapproved applications on work devices
- SB190 Does not use third party applications within work domain
- SB192 Does not disable MFA
- SB192a Does not disable MFA on Slack
- SB192b Does not disable MFA on Microsoft 365
- SB192c Does not disable MFA on Google Workspace
- SB195 Completes policy attestation
- SB196 Doesn't share documents or files containing malicious links
- SB198 Does not use unapproved device for work purposes
- SB198a Does not use unapproved mobile device for work purposes
- SB198b Does not use unapproved desktop or laptop for work purposes
- SB202 Stores documents appropriately for their level of sensitivity
- SB203 Uses biometrics to access online account
- SB204 Uses biometrics to access mobile device
- SB208 Ensures work devices and software are updated regularly
- SB209 Uses a stand-alone password manager application
- SB081 Checks instant messages for signs of deception
- SB015 Completes assigned security awareness training successfully
- SB210 Saves passwords or passphrases into a browser
- SB005 Uses Single Sign-On (SSO)
- SB009 Ensures online accounts that are no longer needed are de-activated
- SB011 Uses a search engine to see what personal information is accessible online
- SB018 Adds security or privacy extensions to browsers
- SB023 Enables firewalls on all compatible devices
- SB023a Enables firewalls on all compatible workplace devices
- SB023b Enables firewalls on all compatible personal (i.e. non workplace) devices
- SB025 Enables Google Play Protect (Android devices only)
- SB025a Enables Google Play Protect on all workplace devices (Android devices only)
- SB025b Enables Google Play Protect on all personal devices (Android devices only)
- SB026 Restricts the number of users with administrator privileges, and uses the administrator accounts only where necessary
- SB028 Enables the “show file extensions” setting
- SB032 Does not insert unauthorised devices/media into work devices/network
- SB042 Uses tethered mobile device to avoid using insecure Wi-FI
- SB044 Enables encryption
- SB048 Uses a privacy screen when working with sensitive information in shared spaces
- SB050 Does not allow sensitive work-related matters to be overheard in shared spaces
- SB062 Locks SIM card to phone
- SB063 Checks security credentials of unknown persons at work
- SB066 Escorts visitors to ensure they follow security policies
- SB073 Sets account passwords with network provider
- SB087 Reports suspicious messages (e-mails, texts, phone calls)
- SB014 Asks security professionals for help with security issues
- SB021 Closes pop-up windows without using the 'X'
- SB030 Follows advice given in security warnings
- SB031 Runs anti-virus scan if a new, unexpected icon or pop-up appears on the desktop
- SB038 Shuts down devices when not in use
- SB040 Uses a virtual private network (VPN) on mobile devices
- SB039 Turns off Bluetooth when mobile device not in use
- SB043 Disables "automatically connect to Wi-Fi" on mobile devices
- SB049 Covers webcam when not in use
- SB052 Clears cookies regularly
- SB058 Checks websites for signs of deception
- SB059 Uses bookmarks to access frequently used websites
- SB065 Does not share security passes or access tokens
- SB070 Reviews privacy settings and permission levels for apps and online services
- SB074 Uses a private browsing on shared devices
- SB075 Requests photos are removed if posted online without consent
- SB017 Blocks browser pop-ups
- SB083 Checks before “blindly” forwarding messages to workplace contacts