1 / 20

Security 101

Security 101. Harper P. Johnson Information Technology Services Director of Information Security. Security 101. Confidentiality. Integrity. Availability. At the Intersection: Secure Productivity. Security 101. Identity and Information Theft. Passwords.

Mia_John
Download Presentation

Security 101

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Security 101 Harper P. Johnson Information Technology Services Director of Information Security

  2. Security 101 Confidentiality Integrity Availability At the Intersection: Secure Productivity

  3. Security 101 • Identity and Information Theft

  4. Passwords • Weak passwords cracked in seconds • Don’t use common words or text phrases • Choose a combination of letters, numbers, caps/lowercase, and non-alpha-numeric (Special characters) • Sharing is bad (sorry)

  5. SPAM • Don’t be a spam zombie

  6. Viruses • Previous: Viruses written by anti-social misfits • Current: financial gain, hackers-for-hire write viruses • Deliver infected machines to spammers • Going rate: $600 per 10,000 machines per week • If you don’t know the source don’t click it, delete it • www.spamhaus.org

  7. Phishing • Affected up to 4.7% of Americans (1.78M) • “Phishing”: collecting private info through various scams, ~ 3.2% of current emails • Exploding: $1.2B toll to US banks, credit card companies, now more regionalized • Desired success rate: 3% • Typical: starts with email purporting to be from established company (eBay, bank, etc.) • For more info:www.consumer.gov/idtheft/

  8. Local Phishing sample • Dear Customer, • We are contacting you to remind you that our Account Review Team identified some unusual activity in your account. In accordance with Arizona State Savings & Credit Union's User Agreement and to ensure that your account has not been compromised, access to your account was limited. Your account access will remain limited until this issue has been resolved. We encourage you to sign on and perform the steps necessary to restore your account access as soon as possible. Allowing your account access to remain limited for an extended period of time may result in further limitations on the use of your account and possible account closure. To view and perform the verification process, please click on the link below: • https://www.azstcu.org/VirtualAccess/jsp/Member/hbhome.jsp • Arizona State Savings & Credit Union is committed to maintaining a safe environment for our customers. To protect the security of your account, our bank employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Online Banking system for unusual activity. • Thank you for your prompt attention to this matter. Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience. • Sincerely, Arizona State Savings & Credit Union, Customer Service.

  9. Real site

  10. Sample Phishing site

  11. Sample phishing information

  12. Desktop/Laptop Security S-A-F-E • Software Updates • Antivirus Protection • Firewall • Eradicate Spyware

  13. Software Updates • Software Updates • Top priority in securing your PC. • Most obvious are Windows & Office Updates. • Most updates close security “holes” in software products

  14. Antivirus • Antivirus Protection • Lots to choose from! • What to look for when selecting a product: • Able to scan e-mail as well as hard drive • Able to create a scan schedule • Able to automate the update process • Price • Bundled with other things (OneCare) • NAU provides to Faculty and Staff

  15. Firewall • Firewall • A primary method for keeping a computer secure from intruders • Built into recent versions of major OS • Windows XP SP2 • Mac OS X 10.2 + • Limits network traffic in and out of your computer • Wireless networks at home? • Firewall (usually comes turned off) • Limit access to your MAC addresses

  16. Spyware • Eradicate Spyware • What spyware is • Malicious software • Intercepts or takes partial control of a computer's operation • Without the knowledge or consent of that machine's owner • What spyware does • The not-so-bad • Monitors where you go online • Marketers • The really bad • Can give someone else control of your computer • Can record keystrokes

  17. Physical Security

  18. Physical Security • Lock/Log Off/Turn Off • Lock when you walk away • Log Off overnight • Turn Off for the weekend • Lock your office door • Back Up and Clean Up • Prevent Lost work and productivity • Don’t dispose of old computers unless properly degaussed

  19. Incident Reporting • Know your local contacts • Other national sites: • For everyone: http://onguardonline.gov/index.html • For Parents and kids: http://www.netsmartz.org • For Phishing: • http://www.us-cert.gov/nav/report_phishing.html • Arizona: • http://gita.state.az.us/security/security_web_sites_and_links.htm • ID Theft: www.consumer.gov/idtheft/ • Spam: www.spamhaus.org

  20. Summary • Summary • Be cautious and think before providing personal data • Protect your passwords • Update frequently (automatically!) • Home and Office • Use your antivirus software & keep it updated • If you don’t have it, get it! • Scan for spyware frequently • Have a firewall in place • Remember physical access restrictions

More Related