# Security Operations in Crypto ## Dylan Kawalec, **Binance Technology Evangalist** ###### tags: `tutorials`, `security`, `web3`, `BNB` > Security is everything, and it's a top priority for the entire organization. Everyone's role in Crypto is to build upon internal security, and it should be why anyone is able to work for the company to begin with. ## Security is a part of our culture Cryptocrats should be obligated to protect a massive repository of client risk management profiles as well as their private date about their client's personal identity information. There are general operations every crypto employee must follow to protect their organization. ### Crypto Security Protocols (P-TAD) 1. **People Protect Protocol** - Recognize and report security and Safety Incidents - The Binance Security Operation Center(BSOC) is open 24/7 and can be alerted using the "*SecSupportBot*" - Physical Security - Binance advised it's employees to work from their home and had performed diligent SecOp's with each individual to secure the devices they received from Binance. - It's known in the Crypto industry to attend network meetings. However, there are plenty of risks associated with attending conferences. You should always make sure to check your surroundings before entering a building to make sure you are not tailgated by a random individual. If someone is attempting to steal information from you, lock your computer after opening it, using $ `Crtl + CMD + Q` > If you want to be extreme, you could even be sure you encrypt your files using the command line in case there's a breach of entry. Use long passwords that are stored securely in our brain. - Security Do's and Don't - As a Cryptocrat, you want to be sure to finish your compliance training as soon as possible, which means that we need to thoroughly understand the workplace compliance standards when networking with clients' data, remote work groups. This also means security in the metaverse, which is a whole separate topic in of itself. - Some obvious things to note are the following, "Never share any passwords, ever! Make passwords long and complex, and try not to use the same password twice. - We're obligated to send lost or breached client data to BSOC, or if information was sent to the wrong recipient. - Binance/BNB Dev's must also comply with the same Do's and Don'ts. - Once a Project is completed for a client, delete ALL of the data using CMD+DEL on all the files. - While traveling, if an officer asks for our laptop and checks it, we must comply but must immediately report this incident to BSOC. BSOC advises us to lock our materials in the truck before we commute anywhere, and we should never leave our devices unattended. - It's best practice to use our Binance workstation for all work we do for clients. The laptop comes equipped with internal Malware protections and VPN services to protect our clients files/IP. - Each employee at Binance agree to the Security practice notice and has taken rigorous tests to comply with best security practices, as apart of the company's mission and culture. - Security Essentials - Follow all the instructions and you should be good to go. At the end of the day, it's really about being as conscientious as possible. 2. **Tech & Access Protect Protocol** - Protect Passwords using MFA - Each of the employee's received a YubiKey that was used as a Two Factor Authentication. - Workstation Compliance - virus protection, Firewalls, patching and other locks. The security policies are very important and are mandatory for work compliance; otherwise, our devices will be locked. - Network Access - We were required to set up the MFA using OKTA, which is the internal IT portal for downloading and updating applications used for communications, password management and other such operations. - Protect Against Malicious Activities - enable WPA2 on the router to encrypt online activity, make a strong Wi-fi password at home and when you connect to your own local network, "do not allow your computer to be discoverable by other devices on the network." - If I needed to use a hotspot, I should use my own in order to connect to the internet. Navigate to sites that begin with "https", and confirm with admins if the network we use is secure and genuine for use while accessing the internet at hackathons for example. - in order to avoid phishing attempts, do not open malicious attachments in any email. External emails should be avoided unless noted otherwise. There's a bot that checks if emails from binance employees are official or not. >>> binance.com/en/official-verification 3. **Data Protect Protocol** - Properly manage and secure data - We classify data into 4 categories, [Restricted, Internal, Confidential and Unrestricted]. - Use only approved solutions and vendors - When sharing files or content with clients, apply the least necessary permissions to items and protect the files at the document or folder level. You can see how that is done at --> [Encrypting data for clients are the folder/file level](/X0vh067fSB22LfZyHAaq7Q) - Securely build and deliver for our clients - We want to make sure we only use company provided software for collaboration and file storage. Unapproved 3rd party software is off limits. - We want to avoid using devices that are not approved for use by our team. - Don't let friends or family use our device's. - You can check for security updates using tools like [Windows Defender](https://www.microsoft.com/en-us/security/business/endpoint-security/microsoft-defender-business-b?ef_id=337abcb262a41cd1b1f7df259e27a182:G:s&OCID=AIDcmm7ol8ekjr_SEM_337abcb262a41cd1b1f7df259e27a182:G:s&msclkid=337abcb262a41cd1b1f7df259e27a182). - Keep your devive updated, and enable automatic updates to avoid being non-compliant with your team's standard security operations. - Disable Siri, Alexa or other recording devices around you in conference calls. Make sure other devices are on mute or are moved out of the room / disabled, or are turned off. ### How to know if you've been compromised? * Indicators of Compromise (IOCs) - Unusual items keep appearing on the screen like random graphics, odd messages, pop-up's or system error messages. - corrupted files on the hard disk. - Take notice if and when a program of yours starts to take a long time to load up, or refuses to run at all. - Your settings have been changed and cant be changed back for no particular reason. - Your web browser has new components you do not remember installing. * Should you suspect that your computer is infected, take immediate action: - Close all of your files and programs, document what symptoms you observed and the disconnect from the network and do not shutdown your system. Contact your team (BSOC) for and file a report. ## Avoid using USB or offline storage backup's Lost or lent risks, and they can have SPY or Malware virus's. ---- ## Review - [risky file extensions ](https://www.file-extensions.org/filetype/extension/name/dangerous-malicious-files)