Access Credential Policy and Device Security Analysis.

Within the scope of good information security practices and in accordance with the ISO 27001 and ISO 27002 standards, the credentials used to access devices such as printers must be distinct from the credentials used to access the database, thus reducing the risk of sensitive information being compromised and guaranteeing its integrity, confidentiality and availability.

Another security measure is that when an employee takes the organisation's laptop home and connects it to their private network or even to a public network, there is the possibility of exposure to security threats such as malware or unauthorised access. For this reason, upon returning to the organisation, a security analysis should be carried out on the laptop before it is connected to the internal network, ensuring that it does not pose a risk to the organisation's infrastructure. This process should include:

- Checking for malicious software and vulnerabilities;

- Checking compliance with the organisation's internal policies;

- Blocking devices that do not meet the minimum security requirements.

Implementing these guidelines contributes to a secure environment, reducing the risk of unauthorised access and protecting the organisation's digital assets.