Information data security 10 tips for personal and professional behaviors
This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

Information & Data Security, 10 tips for personal and professional behaviors PowerPoint PPT Presentation


  • 83 Views
  • Uploaded on
  • Presentation posted in: General

Information & Data Security, 10 tips for personal and professional behaviors. William C. Moore II, CISSP, MLIS Chief Information Security Officer Valdosta State University. What is identity theft?.

Download Presentation

Information & Data Security, 10 tips for personal and professional behaviors

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Information & Data Security, 10 tips for personal and professional behaviors

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University


What is identity theft?

  • Identity theft occurs when someone uses your personal information without your knowledge or consent to commit a crime, such as fraud or theft.

  • In 2001 Georgia ranked 7th nationally with 2,592 victims

  • In 2003, Georgia ranked 12th in the nation with over 6,000 victims


10 Basic Habits

  • Protect personal data

  • Be aware of “phishing” techniques

  • Know who you are interacting with

  • Know how to identify a “secure site” or SSL site

  • Protect your passwords

  • Backup important files

  • Anti-Virus, Anti-Spy and Firewall

  • Operating Systems and Applications

  • Request a credit report

  • Financial and academic records


Protect personal data

  • SSNs

    • Change Drivers License number from SSN

    • Do not include SSN on checks

    • Do not carry SSN card in wallet or purse

    • Ask why SSN is needed by various companies

  • Keep copy of Credit Card contact information at home or in safe location in the event your wallet or purse is stolen

  • Request credit card companies to cease delivery of “convenience checks”


“Phishing” you are the catch of the day

  • Phishing is a term used for impersonating a company or individual in an effort to gather personal information

    • This normally leads to identity theft and/or credit card fraud

  • You should initiate the conversation or transaction.

  • Email messages are easily faked and may appear to be from legitimate sources

  • Do not click URLs or web addresses in email messages (copy and paste or type URLs into your browser Address Bar)


Know who you are working with

  • Again, email is easily faked. Exactly who is [email protected]?

  • Do not provide personal information when using “chat clients”

  • https://bankofamerica.com/l3g1t/login.asp vs http://banksofamerica.com/5l4y3r/login.php

  • When shopping online, verify physical mailing address and phone number.


Know what a “secure site” is

  • Look for “https://” and “http://” in the address bar of your web browser.

  • Look for a pad lock or some other form of lock symbol in the bottom of your web browser.

  • Read the company’s Privacy Statement


Protect your passwords

  • Change your initial or default passwords

  • Use complex passwords not real words

    • i.e. first letter of each word in favorite song

    • wdnnewdnntc (we don’t need no education we don’t need no thought control)

  • Do not give out or share your passwords

  • If you must store passwords in an electronic files

    • Password protect the file

    • Store the file on “off-line” media such as floppy disk

  • The more important or sensitive the material, the more frequently the password should be changed


Backup important files

  • Backup important files frequently and regularly

    • Decide what files to backup

      • How many files

      • How much storage space is required (plan for growth)

    • Create Backup plan

      • A full backup: All files are included.

      • A differential backup: files that have changed since the last full backup.

      • An incremental backup: files that have changed since the last backup of any type.

      • What type of media will be used (CDRs, tapes, DVDRs)

    • Many newer operating systems have included backup functionality (Windows, Linux, and Macintosh)


Anti-Virus, Anti-Spy and Firewalls

  • Anti-Virus

    • Primarily for email attachments, “off-line” media (floppy disk, CDs and USB drives), network drives

    • Often works in conjunction with web browsing

    • Computer viruses destroys or modifies data/files

  • Spy Ware

    • Records computing and/or surfing habits often for marketing purposes

    • Can include “key logger” for malicious activity

    • Can be used in conjunction with “Pop Ups”

    • Is often included with “free” software such as WebShots and “Bonsai Buddy”

  • Firewalls

    • Hardware and software models

    • Helps prevent receiving, distributing and functionality of viruses, worms and spy ware

    • Is NOT a complete solution


O.S. and Program Application patches

  • All commercial Operating Systems (O.S.) and applications receive patches or updates

  • Can often be automated on many current computers

  • Can often help alleviate or mend computer “bugs”

  • Reduces security risks for worms, hacking and other forms of malicious activity

  • Helps in maintaining a more stable computer


Request a credit report

  • Georgia residents are allowed 2 free credit reports per year

  • Credit reports can be obtained by visiting http://www.annualcreditreport.com

  • May also be purchased by contacting any of the three major credit bureaus: Equifax, Experian or Trans Union


Keep financial/academic records

  • Paper copies of financial and academic records should be kept for a minimum of one year

    • Academic Records-- follow institutional and USG policies for record retention

    • Financial Records-- follow recommendation of financial advisor or attorney

  • When disposing paper copies of academic or financial records shred with a cross-cut shredder or a certified and bonded document destruction and disposal company

  • When disposing electronic records use a method and/or software that at least meets the DoD standards

    • Replacing computer

    • Destroying backups


Conclusion

  • Identity theft and poor computing habits often go “hand in hand”

  • Disclosure of personal data

  • “Phishing” techniques are used for gathering information

  • By not knowing who you are dealing with you may be releasing personal data for illegitimate use

  • A “secure site” or SSL protected site helps ensure a more secured transaction

  • Your passwords grant access to material you deem important. Protect them wisely


Conclusion

  • Backups of important files are your best method of recovery

  • Anti-Virus, Anti-Spy and Firewalls - the safety features for your computing tools

  • Operating System and Application patches - recalls and repairs for your software

  • By requesting credit reports you are being proactive in safe guarding your identity

  • Keep financial/academic records for non-repudiating purposes and dispose of them appropriately


Questions / Comments?

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]


Presentation and handouts will be accessible via:http://www.valdosta.edu/security/training/darton-2005-presentation.pptand http://www.valdosta.edu/security/training/darton-handout.doc

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]


  • Login