Start Here

Security Basics for Everyone

Foundational

You don't need to be technical to keep Finperiti safe. Most security comes down to a few simple habits and one instinct: when something feels off, stop and check. Attackers rely on people being busy, polite, and reluctant to ask. So the most powerful thing you can do is slow down and question anything unusual.

Finperiti helps fight financial crime and holds people's identity documents, financial details, and personal data. That makes us a target — criminals would love to get in, and the easiest way in is usually not hacking a computer but tricking a person. You are part of the defence, and you don't need any special knowledge to be good at it.

This page is the short version. The rest of the handbook goes into specifics — passwords, phishing, handling data, your devices — but if you absorb these basics, you're already most of the way there.

The habits that matter most

AlwaysStop and check when something feels off — an unexpected message, an unusual request, a link you're unsure about. Asking is always okay.
DoUse strong, unique passwords and your password manager, and turn on multi-factor authentication everywhere you can.
DoLock your screen whenever you step away, even for a minute, and keep your devices updated.
DoTreat customer and company information as confidential — share it only with people who are meant to have it, through approved tools.
DoReport anything suspicious or any mistake quickly — speed matters more than being sure, and you won't be blamed for a false alarm.
AlwaysAssume a request to bypass a normal process — "skip the check", "just send it over", "do it quickly and quietly" — could be an attacker, and verify it independently.

The things we never do

NeverShare your account, password, or login with anyone — not colleagues, not IT, not your manager. Your login is yours alone.
NeverSend customer or personal data to your personal email, personal cloud, or any unapproved place.
NeverHand over a password, code, or sensitive information because someone asked by email, phone, or message — verify first, through a channel you trust.

Ask yourself

AskDoes this message or request feel unusual, urgent, or too good to be true?
AskAm I about to share something sensitive — and is this the right person and the right channel?
AskIf this turned out to be an attack, would I wish I'd checked first?

Why it matters: The vast majority of real attacks on companies like ours start by fooling a person, not by defeating technology. A workforce that pauses when something feels wrong, protects its logins, and reports quickly is the strongest security control we have — and every one of these habits is something anyone can do, today, without being technical.