information data security 10 tips for personal and professional behaviors
Download
Skip this Video
Download Presentation
Information & Data Security, 10 tips for personal and professional behaviors

Loading in 2 Seconds...

play fullscreen
1 / 17

Information & Data Security, 10 tips for personal and professional behaviors - PowerPoint PPT Presentation


  • 114 Views
  • Uploaded on

Information & Data Security, 10 tips for personal and professional behaviors. William C. Moore II, CISSP, MLIS Chief Information Security Officer Valdosta State University. What is identity theft?.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' Information & Data Security, 10 tips for personal and professional behaviors' - penelope-herman


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
information data security 10 tips for personal and professional behaviors

Information & Data Security, 10 tips for personal and professional behaviors

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

what is identity theft
What is identity theft?
  • Identity theft occurs when someone uses your personal information without your knowledge or consent to commit a crime, such as fraud or theft.
  • In 2001 Georgia ranked 7th nationally with 2,592 victims
  • In 2003, Georgia ranked 12th in the nation with over 6,000 victims
10 basic habits
10 Basic Habits
  • Protect personal data
  • Be aware of “phishing” techniques
  • Know who you are interacting with
  • Know how to identify a “secure site” or SSL site
  • Protect your passwords
  • Backup important files
  • Anti-Virus, Anti-Spy and Firewall
  • Operating Systems and Applications
  • Request a credit report
  • Financial and academic records
protect personal data
Protect personal data
  • SSNs
    • Change Drivers License number from SSN
    • Do not include SSN on checks
    • Do not carry SSN card in wallet or purse
    • Ask why SSN is needed by various companies
  • Keep copy of Credit Card contact information at home or in safe location in the event your wallet or purse is stolen
  • Request credit card companies to cease delivery of “convenience checks”
phishing you are the catch of the day
“Phishing” you are the catch of the day
  • Phishing is a term used for impersonating a company or individual in an effort to gather personal information
    • This normally leads to identity theft and/or credit card fraud
  • You should initiate the conversation or transaction.
  • Email messages are easily faked and may appear to be from legitimate sources
  • Do not click URLs or web addresses in email messages (copy and paste or type URLs into your browser Address Bar)
know who you are working with
Know who you are working with
  • Again, email is easily faked. Exactly who is [email protected]?
  • Do not provide personal information when using “chat clients”
  • https://bankofamerica.com/l3g1t/login.asp vs http://banksofamerica.com/5l4y3r/login.php
  • When shopping online, verify physical mailing address and phone number.
know what a secure site is
Know what a “secure site” is
  • Look for “https://” and “http://” in the address bar of your web browser.
  • Look for a pad lock or some other form of lock symbol in the bottom of your web browser.
  • Read the company’s Privacy Statement
protect your passwords
Protect your passwords
  • Change your initial or default passwords
  • Use complex passwords not real words
    • i.e. first letter of each word in favorite song
    • wdnnewdnntc (we don’t need no education we don’t need no thought control)
  • Do not give out or share your passwords
  • If you must store passwords in an electronic files
    • Password protect the file
    • Store the file on “off-line” media such as floppy disk
  • The more important or sensitive the material, the more frequently the password should be changed
backup important files
Backup important files
  • Backup important files frequently and regularly
    • Decide what files to backup
      • How many files
      • How much storage space is required (plan for growth)
    • Create Backup plan
      • A full backup: All files are included.
      • A differential backup: files that have changed since the last full backup.
      • An incremental backup: files that have changed since the last backup of any type.
      • What type of media will be used (CDRs, tapes, DVDRs)
    • Many newer operating systems have included backup functionality (Windows, Linux, and Macintosh)
anti virus anti spy and firewalls
Anti-Virus, Anti-Spy and Firewalls
  • Anti-Virus
    • Primarily for email attachments, “off-line” media (floppy disk, CDs and USB drives), network drives
    • Often works in conjunction with web browsing
    • Computer viruses destroys or modifies data/files
  • Spy Ware
    • Records computing and/or surfing habits often for marketing purposes
    • Can include “key logger” for malicious activity
    • Can be used in conjunction with “Pop Ups”
    • Is often included with “free” software such as WebShots and “Bonsai Buddy”
  • Firewalls
    • Hardware and software models
    • Helps prevent receiving, distributing and functionality of viruses, worms and spy ware
    • Is NOT a complete solution
o s and program application patches
O.S. and Program Application patches
  • All commercial Operating Systems (O.S.) and applications receive patches or updates
  • Can often be automated on many current computers
  • Can often help alleviate or mend computer “bugs”
  • Reduces security risks for worms, hacking and other forms of malicious activity
  • Helps in maintaining a more stable computer
request a credit report
Request a credit report
  • Georgia residents are allowed 2 free credit reports per year
  • Credit reports can be obtained by visiting http://www.annualcreditreport.com
  • May also be purchased by contacting any of the three major credit bureaus: Equifax, Experian or Trans Union
keep financial academic records
Keep financial/academic records
  • Paper copies of financial and academic records should be kept for a minimum of one year
    • Academic Records-- follow institutional and USG policies for record retention
    • Financial Records-- follow recommendation of financial advisor or attorney
  • When disposing paper copies of academic or financial records shred with a cross-cut shredder or a certified and bonded document destruction and disposal company
  • When disposing electronic records use a method and/or software that at least meets the DoD standards
    • Replacing computer
    • Destroying backups
conclusion
Conclusion
  • Identity theft and poor computing habits often go “hand in hand”
  • Disclosure of personal data
  • “Phishing” techniques are used for gathering information
  • By not knowing who you are dealing with you may be releasing personal data for illegitimate use
  • A “secure site” or SSL protected site helps ensure a more secured transaction
  • Your passwords grant access to material you deem important. Protect them wisely
conclusion1
Conclusion
  • Backups of important files are your best method of recovery
  • Anti-Virus, Anti-Spy and Firewalls - the safety features for your computing tools
  • Operating System and Application patches - recalls and repairs for your software
  • By requesting credit reports you are being proactive in safe guarding your identity
  • Keep financial/academic records for non-repudiating purposes and dispose of them appropriately
questions comments

Questions / Comments?

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]

slide17

Presentation and handouts will be accessible via:http://www.valdosta.edu/security/training/darton-2005-presentation.pptand http://www.valdosta.edu/security/training/darton-handout.doc

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]

ad