Information data security 10 tips for personal and professional behaviors
This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

Information & Data Security, 10 tips for personal and professional behaviors PowerPoint PPT Presentation


  • 80 Views
  • Uploaded on
  • Presentation posted in: General

Information & Data Security, 10 tips for personal and professional behaviors. William C. Moore II, CISSP, MLIS Chief Information Security Officer Valdosta State University. What is identity theft?.

Download Presentation

Information & Data Security, 10 tips for personal and professional behaviors

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Information data security 10 tips for personal and professional behaviors

Information & Data Security, 10 tips for personal and professional behaviors

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University


What is identity theft

What is identity theft?

  • Identity theft occurs when someone uses your personal information without your knowledge or consent to commit a crime, such as fraud or theft.

  • In 2001 Georgia ranked 7th nationally with 2,592 victims

  • In 2003, Georgia ranked 12th in the nation with over 6,000 victims


10 basic habits

10 Basic Habits

  • Protect personal data

  • Be aware of “phishing” techniques

  • Know who you are interacting with

  • Know how to identify a “secure site” or SSL site

  • Protect your passwords

  • Backup important files

  • Anti-Virus, Anti-Spy and Firewall

  • Operating Systems and Applications

  • Request a credit report

  • Financial and academic records


Protect personal data

Protect personal data

  • SSNs

    • Change Drivers License number from SSN

    • Do not include SSN on checks

    • Do not carry SSN card in wallet or purse

    • Ask why SSN is needed by various companies

  • Keep copy of Credit Card contact information at home or in safe location in the event your wallet or purse is stolen

  • Request credit card companies to cease delivery of “convenience checks”


Phishing you are the catch of the day

“Phishing” you are the catch of the day

  • Phishing is a term used for impersonating a company or individual in an effort to gather personal information

    • This normally leads to identity theft and/or credit card fraud

  • You should initiate the conversation or transaction.

  • Email messages are easily faked and may appear to be from legitimate sources

  • Do not click URLs or web addresses in email messages (copy and paste or type URLs into your browser Address Bar)


Know who you are working with

Know who you are working with

  • Again, email is easily faked. Exactly who is [email protected]?

  • Do not provide personal information when using “chat clients”

  • https://bankofamerica.com/l3g1t/login.asp vs http://banksofamerica.com/5l4y3r/login.php

  • When shopping online, verify physical mailing address and phone number.


Know what a secure site is

Know what a “secure site” is

  • Look for “https://” and “http://” in the address bar of your web browser.

  • Look for a pad lock or some other form of lock symbol in the bottom of your web browser.

  • Read the company’s Privacy Statement


Protect your passwords

Protect your passwords

  • Change your initial or default passwords

  • Use complex passwords not real words

    • i.e. first letter of each word in favorite song

    • wdnnewdnntc (we don’t need no education we don’t need no thought control)

  • Do not give out or share your passwords

  • If you must store passwords in an electronic files

    • Password protect the file

    • Store the file on “off-line” media such as floppy disk

  • The more important or sensitive the material, the more frequently the password should be changed


Backup important files

Backup important files

  • Backup important files frequently and regularly

    • Decide what files to backup

      • How many files

      • How much storage space is required (plan for growth)

    • Create Backup plan

      • A full backup: All files are included.

      • A differential backup: files that have changed since the last full backup.

      • An incremental backup: files that have changed since the last backup of any type.

      • What type of media will be used (CDRs, tapes, DVDRs)

    • Many newer operating systems have included backup functionality (Windows, Linux, and Macintosh)


Anti virus anti spy and firewalls

Anti-Virus, Anti-Spy and Firewalls

  • Anti-Virus

    • Primarily for email attachments, “off-line” media (floppy disk, CDs and USB drives), network drives

    • Often works in conjunction with web browsing

    • Computer viruses destroys or modifies data/files

  • Spy Ware

    • Records computing and/or surfing habits often for marketing purposes

    • Can include “key logger” for malicious activity

    • Can be used in conjunction with “Pop Ups”

    • Is often included with “free” software such as WebShots and “Bonsai Buddy”

  • Firewalls

    • Hardware and software models

    • Helps prevent receiving, distributing and functionality of viruses, worms and spy ware

    • Is NOT a complete solution


O s and program application patches

O.S. and Program Application patches

  • All commercial Operating Systems (O.S.) and applications receive patches or updates

  • Can often be automated on many current computers

  • Can often help alleviate or mend computer “bugs”

  • Reduces security risks for worms, hacking and other forms of malicious activity

  • Helps in maintaining a more stable computer


Request a credit report

Request a credit report

  • Georgia residents are allowed 2 free credit reports per year

  • Credit reports can be obtained by visiting http://www.annualcreditreport.com

  • May also be purchased by contacting any of the three major credit bureaus: Equifax, Experian or Trans Union


Keep financial academic records

Keep financial/academic records

  • Paper copies of financial and academic records should be kept for a minimum of one year

    • Academic Records-- follow institutional and USG policies for record retention

    • Financial Records-- follow recommendation of financial advisor or attorney

  • When disposing paper copies of academic or financial records shred with a cross-cut shredder or a certified and bonded document destruction and disposal company

  • When disposing electronic records use a method and/or software that at least meets the DoD standards

    • Replacing computer

    • Destroying backups


Conclusion

Conclusion

  • Identity theft and poor computing habits often go “hand in hand”

  • Disclosure of personal data

  • “Phishing” techniques are used for gathering information

  • By not knowing who you are dealing with you may be releasing personal data for illegitimate use

  • A “secure site” or SSL protected site helps ensure a more secured transaction

  • Your passwords grant access to material you deem important. Protect them wisely


Conclusion1

Conclusion

  • Backups of important files are your best method of recovery

  • Anti-Virus, Anti-Spy and Firewalls - the safety features for your computing tools

  • Operating System and Application patches - recalls and repairs for your software

  • By requesting credit reports you are being proactive in safe guarding your identity

  • Keep financial/academic records for non-repudiating purposes and dispose of them appropriately


Questions comments

Questions / Comments?

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]


Information data security 10 tips for personal and professional behaviors

Presentation and handouts will be accessible via:http://www.valdosta.edu/security/training/darton-2005-presentation.pptand http://www.valdosta.edu/security/training/darton-handout.doc

William C. Moore II, CISSP, MLIS

Chief Information Security Officer

Valdosta State University

[email protected]


  • Login