Security 101 l.jpg
This presentation is the property of its rightful owner.
Sponsored Links
1 / 20

Security 101 PowerPoint PPT Presentation


Security 101. Harper P. Johnson Information Technology Services Director of Information Security. Security 101. Confidentiality. Integrity. Availability. At the Intersection: Secure Productivity. Security 101. Identity and Information Theft. Passwords.

Download Presentation

Security 101

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Security 101 l.jpg

Security 101

Harper P. Johnson

Information Technology Services

Director of Information Security


Security 1012 l.jpg

Security 101

Confidentiality

Integrity

Availability

At the

Intersection:

Secure

Productivity


Security 1013 l.jpg

Security 101

  • Identity and Information Theft


Passwords l.jpg

Passwords

  • Weak passwords cracked in seconds

  • Don’t use common words or text phrases

  • Choose a combination of letters, numbers, caps/lowercase, and non-alpha-numeric (Special characters)

  • Sharing is bad (sorry)


Slide5 l.jpg

SPAM

  • Don’t be a spam zombie


Viruses l.jpg

Viruses

  • Previous: Viruses written by anti-social misfits

  • Current: financial gain, hackers-for-hire write viruses

  • Deliver infected machines to spammers

  • Going rate: $600 per 10,000 machines per week

  • If you don’t know the source don’t click it, delete it

  • www.spamhaus.org


Phishing l.jpg

Phishing

  • Affected up to 4.7% of Americans (1.78M)

  • “Phishing”: collecting private info through various scams, ~ 3.2% of current emails

  • Exploding: $1.2B toll to US banks, credit card companies, now more regionalized

  • Desired success rate: 3%

  • Typical: starts with email purporting to be from established company (eBay, bank, etc.)

  • For more info:www.consumer.gov/idtheft/


Local phishing sample l.jpg

Local Phishing sample

  • Dear Customer,

  • We are contacting you to remind you that our Account Review Team identified some unusual activity in your account. In accordance with Arizona State Savings & Credit Union's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to sign on and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure. To view and perform the verification process, please click on the link below:

  • https://www.azstcu.org/VirtualAccess/jsp/Member/hbhome.jsp

  • Arizona State Savings & Credit Union is committed to maintaining a safe environment for our customers. To protect the security of your account, our bank employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Online Banking system for unusual activity.

  • Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience.

  • Sincerely, Arizona State Savings & Credit Union, Customer Service.


Real site l.jpg

Real site


Sample phishing site l.jpg

Sample Phishing site


Sample phishing information l.jpg

Sample phishing information


Desktop laptop security l.jpg

Desktop/Laptop Security

S-A-F-E

  • Software Updates

  • Antivirus Protection

  • Firewall

  • Eradicate Spyware


Software updates l.jpg

Software Updates

  • Software Updates

    • Top priority in securing your PC.

    • Most obvious are Windows & Office Updates.

    • Most updates close security “holes” in software products


Antivirus l.jpg

Antivirus

  • Antivirus Protection

    • Lots to choose from!

    • What to look for when selecting a product:

      • Able to scan e-mail as well as hard drive

      • Able to create a scan schedule

      • Able to automate the update process

      • Price

      • Bundled with other things (OneCare)

    • NAU provides to Faculty and Staff


Firewall l.jpg

Firewall

  • Firewall

    • A primary method for keeping a computer secure from intruders

    • Built into recent versions of major OS

      • Windows XP SP2

      • Mac OS X 10.2 +

    • Limits network traffic in and out of your computer

    • Wireless networks at home?

      • Firewall (usually comes turned off)

      • Limit access to your MAC addresses


Spyware l.jpg

Spyware

  • Eradicate Spyware

    • What spyware is

      • Malicious software

      • Intercepts or takes partial control of a computer's operation

      • Without the knowledge or consent of that machine's owner

    • What spyware does

      • The not-so-bad

        • Monitors where you go online

        • Marketers

      • The really bad

        • Can give someone else control of your computer

        • Can record keystrokes


Physical security l.jpg

Physical Security


Physical security18 l.jpg

Physical Security

  • Lock/Log Off/Turn Off

    • Lock when you walk away

    • Log Off overnight

    • Turn Off for the weekend

    • Lock your office door

  • Back Up and Clean Up

    • Prevent Lost work and productivity

    • Don’t dispose of old computers unless properly degaussed


Incident reporting l.jpg

Incident Reporting

  • Know your local contacts

  • Other national sites:

  • For everyone: http://onguardonline.gov/index.html

  • For Parents and kids: http://www.netsmartz.org

  • For Phishing:

    • http://www.us-cert.gov/nav/report_phishing.html

  • Arizona:

    • http://gita.state.az.us/security/security_web_sites_and_links.htm

  • ID Theft: www.consumer.gov/idtheft/

  • Spam: www.spamhaus.org


Summary l.jpg

Summary

  • Summary

    • Be cautious and think before providing personal data

    • Protect your passwords

    • Update frequently (automatically!)

      • Home and Office

    • Use your antivirus software & keep it updated

      • If you don’t have it, get it!

    • Scan for spyware frequently

    • Have a firewall in place

    • Remember physical access restrictions


  • Login