1 / 107

COMPUTER SECURITY

COMPUTER SECURITY. How to achieve total computer security. The best way to do so is to apply Richards' Laws Of Computer Security (ca. 1992): A.    Don't buy a computer B.    If you do buy a computer, don't turn it on. Golden Rule. Don’t assume anything! Learn the risks.

jana-pena
Download Presentation

COMPUTER SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. COMPUTER SECURITY

  2. How to achieve total computer security The best way to do so is to apply Richards' Laws Of Computer Security (ca. 1992): A.    Don't buy a computer B.    If you do buy a computer, don't turn it on

  3. Golden Rule Don’t assume anything! Learn the risks.

  4. The Ten Commandments of Safer Computing • Protect your personal information. It's valuable • Make backupsof important files • Install and use anti-virus software. • Acquire and use a reliable firewall solution. • Acquire and use AntiSpyware • Apply security software patches and updates regularly • Use Safe browsing techniques on the internet • Use caution when reading your email • Avoid installing services and applications which are not needed • Learn what to do when something goes wrong.

  5. 1. Protectyour personal information. • Never store sensitive personal information such as your bank account information, Social Security numbers or passwords on your computer. • Do not use the "Remember Password" feature of applications (e.g., Eudora, OutLook, Netscape Messenger, Web Browser). • Never comply with requests for personal information from an email or phone call unless you initiated the contact. These are often phishing scams trying to steal your personal information • Use strong passwords • If someone demands a password, refuse to give it. • Do not write passwords down and store them anywhere in your office. • Change passwords ( 6 months)

  6. Passwords • The golden rules, or policies for passwords are: • Make passwords as meaningless as possible • Change passwords regularly • Never divulge passwords to anyone

  7. Weak Passwords • WEAK PASSWORDS • Poor, weak passwords have the following characteristics: • • The password contains less than eight characters • • The password is a word found in a dictionary (English or foreign) • • The password is a common usage word such as: • o Names of family, pets, friends, co-workers, fantasy characters, etc. • o Computer terms and names, commands, sites, companies, hardware, software. • o Birthdays and other personal information such as addresses and phone numbers. • o Word or number patterns like aaabbb, qwerty, zyxwvuts, 123321, etc. • o Any of the above spelled backwards. • o Any of the above preceded or followed by a digit (e.g., secret1, 1secret)

  8. Strong Passwords Strong passwords have the following characteristics: • • Contain both upper and lower case characters (e.g., a-z, A-Z) • • Have digits and punctuation characters as well as letters e.g., 0-9, !@#$%^&*()_+|~- • =\‘{}[]:";’<>?,./) • • Are at least eight alphanumeric characters long. • • Are not a word in any language, slang, dialect, jargon, etc. • • Are not based on personal information, names of family, etc. • • Passwords should never be written down or stored on-line. Try to create passwords that can be easily remembered.

  9. Use Strong passwords • Use strong passwordsand keep them secret. • Don’t reveal a password over the phone to ANYONE • Don’t reveal a password in an email message • Don’t reveal a password to the boss • Don’t talk about a password in front of others • Don’t hint at the format of a password (e.g., "my family name") • Don’t reveal a password on questionnaires or security forms • Don’t share a password with family members • Don’t reveal a password to others while on vacation • If someone demands a password, refuse to give it.

  10. 2. Make backupsof important files

  11. Make backups of important files • Why Backup? • What to backup • When to back up • Where to backup • How to backup

  12. Why Backup? • The Risks - Main Causes of Downtime and Data LossNo system is completely secure. Systems Crash. It’s not of matter of if, it’s a matter of when. • Human Error • Accidental deletion of a file or folder • Accidental overwriting of a file (forget to Save AS!) • Malicious deletion or editing of files • Hard disk or other hardware failure • Data loss due to a virus or other attack • Vandalism • Theft • Fire • Faulty software rollouts • Driver setting conflicts • Lost/locked-out passwords • Power Surges • Weather & Storms • Hackers / Terrorism • And So Many More!

  13. What to backup • Original Software Disks • Boot/ Recovery Disks • Backups • Your e-mail and e-mail address book. • Bank records other financial information • Tax returns • Digital photographs and video • Software purchased and downloaded from the Internet • Music purchased and downloaded from the Internet • Personal projects • Your Microsoft Outlook calendar • Your Internet Explorer bookmarks

  14. When to back up • As soon as possible after you change it. • On a regular basis • Make a schedule – weekly , monthly.

  15. Where to backup • Diskette 1.4 MB • Zip Drives 100 to 250 MB • CD-ROM R/RW 700MB • USB FLASH DRIVES 32 TO 1GB • DVD-ROM R/RW 4.7 GB • USB EXTERNAL HD 40GB AND UP • ONLINE BACKUP OFFSITE

  16. Backup Media

  17. How to backup • Copy and Paste • Backup UtilitiesWindows XP home – Install from CDhttp://www.microsoft.com/athome/security/update/howbackup.mspx • Make more than 1 copy. Save older copies.Store offsite.

  18. 3. Install and use anti-virus software.

  19. 3. Install and use anti-virus software. The Risk • A virus or worm is a computer program that can spread across computers and Networks by making copies of itself, usually without the user’s knowledge. Viruses can have harmful effects. These can range from displaying irritating messages to stealing data or giving other users control over your computer. • Even a new computer is not protected • If your antivirus program doesn’t have the latest virus definitions, your computer isn’t protected against ANY of the new viruses!

  20. Viruses, Trojans and Worms. Oh My! What to do • Acquire and use a reliable antivirus program. New virus are discovered every day. It’s important to keep your Antivirus software updated with the latest Virus identities. • Select an antivirus that has a consistent track record. Checkmark, AV-Test.org and TuV are among the most respected independent testers of antivirus software.

  21. Install and use anti-virus software. There is no reason not to have Antivirus protection Check with your ISP. Antivirus protection may be available as part of your internet service. Charter F-Secure DSL SBC/ATT Computer Associates AOL McCaffee.

  22. Install and use anti-virus software. Free Antivirus for personal use is available Free Antivirus • AVG Antivirus • Avast • Trend Micro – Free online scan • Panda – Free online scan Antivirus Software CA Eztrust Norton McCaffee

  23. Viruses, Trojans and Worms. Oh My! • Virus • Program that is self-replicating and attaches to other programs. • Worm • Special type of virus that can replicate itself and use memory, but cannot attach itself to other programs. Uses computer networks and security holes to replicate itself. • Trojan Horse • A computer program that claims to do one thing (such as a game) but instead does damage when you run it. Trojan Horses do not replicate automatically

  24. What can viruses do? Viruses used to play pranks or stop your computer working, but now they compromise security in more insidious ways. Here are the things that viruses can do. Slow down email. Viruses that spread by email, such as Sobig, can generate so much email traffic that servers slow down or crash. Even if this doesn't happen, companies may react to the risk by shutting down servers anyway. Steal confidential data. The Bugbear-D worm records the user's keystrokes, including passwords, and gives the viruswriter access to them. Use your computer to attack websites.MyDoom used infected computers to flood the SCO software company's website with data,making the site unusable (a denial of service attack). Let other users hijack your computer. Some viruses place “backdoor Trojans” on the computer, allowing the virus writer to connect to your computer and use it for their own purposes.

  25. What can viruses do? Corrupt data. The Compatable virus makes changes to the data in Excel spreadsheets. Delete data. The Sircam worm may attempt to delete or overwrite the hard disk on a certain day. Disable hardware. CIH, also known as Chernobyl, attempts to overwrite the BIOS chip on April 26, making the computer unusable. Play pranks. The Netsky-D worm made computers beep sporadically for several hours one morning. Display messages. Cone-F displays a political message ifthe month is May. Damage your credibility. If a virus forwards itself from your computer to your customers and business partners, they may refuse to do business with you, or demand compensation. Cause you embarrassment. For example, PolyPost places you rdocuments and your name on sexrelated newsgroups.

  26. How viruses get into computers: • The origin of the four most common virus infections: • File – A virus type that infects existing files on the computer • Macro – A virus that runs as a macro in a host application; i.e., MS Office applications such as Word or Excel • VBScript – A virus that uses Windows Visual Basic Script • Internet Worm – A virus that is primarily characterized by its replication across the Internet

  27. How viruses spread • By downloading infected files or programs from a network. If you download and run software from the Internet, or receive e-mail attachments, there is a chance that you can contract a computer virus.Once you RUN an infected program, the virus can spread rapidly, especially on networks. That is why the Internet, the largest network, is a fertile breeding ground for viruses. • By inserting infected disks into your computer.

  28. How viruses spread (continued) • Computers do get viruses from e-mail. You must be aware of the fact that you CANNOT get a computer virus from simply the text of an e-mail. • The virus will come in the form of some kind of attachment. Opening the attachment can give your computer a virus.

  29. Virus Symptoms • Unusual messages or displays on your monitor. • Unusual sounds or music played at random times. • A file name has been changed. • A change in dates against the filenames in a directory. • Programs or files are suddenly missing. • Unknown programs or files have been created.

  30. Virus Symptoms (continued) • Reduced memory or disk space. • Unexpected writes to a drive. • Bad sectors on your floppy disk. • Your entire system crashing. • Some of your files become corrupted – meaning that the data is damaged in some way – or suddenly don’t work properly. • Programs take longer to load, they may hang the computer or not work at all.

  31. Basic virus defense • Don’t open files that you are not expecting. • Many viruses automatically send files without the e-mail account owner’s knowledge. • Ask the sender to confirm unexpected files. • If you don’t know who the message is from, don’t open it. • Messages that appear more than once in your Inbox can be suspect for a virus. • If you receive a suspicious message, delete it. • Don’t use or share floppies without scanning with anti-virus software first.

  32. Basic virus defense (continued) • Learn file extensions. • Your computer will display both an icon and a file extension for files you receive. Open only file extensions you know are safe. • If you are not sure, ask your Technical Support person. • Never double-click to open an attachment that contains an executable that arrives as an e-mail attachment.

  33. Basic virus defense (continued) • Regularly back up your files. • Do not install pirated software, especially computer games. • Make sure your computer runs anti-virus software. If you don’t have it, buy and install it immediately. • If you have anti-virus software on your computer, it has to be updated at least weekly, as new viruses appear daily. • Scan the entire hard disk twice a month.

  34. Examples of potentially unsafe file types • The following file types should not be opened unless you have verified the sender and the reason sent: • .EXE • .PIF • .BAT • .VBS • .COM

  35. Microsoft Office • Microsoft Office files are mostly data with some program code. • Office macros are programs, which can be viruses. • Office will prompt you to enable macros. • Enable macros only when you know why Office is asking. Never run macros in a document unless you know what they do.

  36. Anti Virus Software Free Antivirus • AVG Antivirus • Avast • Trend Micro – Free online scan • Panda – Free online scan CA Eztrust Norton McCaffee

  37. 4. Acquire and use a reliable firewall solution.

  38. 4. Acquire and use a reliable firewall solution. The Risk A firewall is a security measure that protects a computer or a computer network from unauthorized access. Unfortunately in today’s computer world, there are a lot of devious hackers working diligently to access computer information. Where previously, the targets were large institutions, today hackers seek out all sorts of personal information including information from everyday home computer users. If you use a broadband connection to the Internet, like DSL or cable, you should definitely get a firewall. Such broadband connections are always on, shared connections. It is easier for an intruder to break into your computer if you are using one of these connections. So it is essential to have a firewall on a computer that uses DSL or cable to connect to the Internet. Firewalls don't prevent virus attacks but in some circumstances they can stop viruses from sending information from an infected computer.

  39. Firewalls Hardware Appliance (Router) Software

  40. Personal Firewalls – Your options If you have XP, install XP SP2 and enable the firewall that comes with it. Biggest plus, it’s now part of the OS. Biggest negative, it doesn’t guard against outbound attacks. ZoneLabs www.zonelabs.com offers a variety of options from free and up. Biggest plus, they’re a respected name in the business Biggest negative, you have to do some reading if you want to learn how to effectively manage your settings. Security Suites Most antivirus vendors are getting into this area as well, and are offering bundled products . For more information and guidance see: http://www.firewallguide.com/software.htm

  41. 5. Acquire and use AntiSpyware

  42. Spyware • Spyware is software that enables advertisers to gather information about a computer user’s habits • Spyware programs are not viruses (They don’t spread)

  43. How you get Spyware • Spyware is typically placed on your system by visiting websites and installing software.

More Related