Skip to main content Link Expand (external link) Document Search Copy Copied Lab Management 10 Lab Processes 10.72 Security Keep your operating system and software up-to-date, enable automatic updates Regularly audit and uninstall unnecessary software to reduce potential vulnerabilities Run antivirus software Turn on disk encryption Document your setup Lock the screen when you leave the room (enable auto-lock after 3 min) Regular backups, at least weekly Backup on an external device Software: Back-in-time (Linux) or Kopia Share Git repositories on GitHub and with the team (publishing and distributing data across multiple devices is a useful measure against ransomware attacks) Test backups periodically to ensure data integrity and accessibility Store backups offsite or on cloud storage (encrypted) to safeguard against physical disasters Create a disaster recovery plan for quick restoration after data loss Use a password manager (such as KeePass ) Use strong passwords Use different passwords for different accounts Educate team members on recognizing and avoiding phishing attacks targeting password theft Regularly change passwords, especially after suspected breaches Classify confidential data in the handbook (see example ) Do not post personal data online without consent Store sensitive data (such as grades) in directories with restricted access rights Prefer end-to-end encrypted channels Sign your E-Mails Be aware of phishing and social engineering attacks Use a shared Nextcloud directory for sharing data Use 2-factor authentication whenever possible Give access to confidential data only when needed and revoke it when it is no longer required For confidential data: Apply the principle of least privilege (users should have only the access necessary for their roles) Do not leave your equipment out of sight Do not log into your online accounts on other devices Do not use public WiFi hotspots or charging stations Turn off your computer and phone completely when traveling across borders and checkpoints Use VPN and communicate through encrypted channels Use privacy screens to prevent shoulder surfing when working in public spaces, do not work on confidential data when others can see your screen Educate team members with regular security training on the latest threats and best practices Use sandboxing or virtualization for testing software or opening unknown files Maintain a clear incident response plan for addressing breaches or malware infections