computer security beyond the serpentine walls
Download
Skip this Video
Download Presentation
Computer Security Beyond the Serpentine Walls

Loading in 2 Seconds...

play fullscreen
1 / 20

Computer Security Beyond the Serpentine Walls - PowerPoint PPT Presentation


  • 243 Views
  • Uploaded on

Computer Security Beyond the Serpentine Walls . New Horizons Conference May 23 rd , 2007 Shirley Payne & Marty Peterman UVa IT Security and Policy Office. Agenda. Vulnerabilities and Risks Tips and tools before you go Device Requirements on the road Checklist Q&A throughout.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Computer Security Beyond the Serpentine Walls' - Roberta


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
computer security beyond the serpentine walls

Computer Security Beyond the Serpentine Walls

New Horizons Conference

May 23rd, 2007

Shirley Payne & Marty Peterman

UVa IT Security and Policy Office

agenda
Agenda
  • Vulnerabilities and Risks
  • Tips and tools before you go
  • Device Requirements on the road
  • Checklist
  • Q&A throughout
serious security vulnerabilities
Serious Security Vulnerabilities
  • Out of date software
  • Lack of effective anti-virus and anti-spyware software
  • Weak security settings on browsers
  • Weak passwords
  • Software firewalls not activated
serious security vulnerabilities continued
Serious Security Vulnerabilities - continued
  • Unencrypted sensitive data
  • Use of unsecured wireless
  • Use of improperly maintained public computers
  • Unattended mobile devices and electronic media
risk of exploited vulnerabilities can vary with location
Risk of Exploited Vulnerabilities Can Vary With Location
  • University provides:
    • “More Secure Network” that prevents certain attacks
    • Automatically updated software
    • Encrypted wireless network (“cavalier” & “jefferson”)
    • Encrypted wired connection to email, home directory, and other services
vulnerabilities increase the risk of
Vulnerabilities Increase the Risk of:
  • Mobile devices being stolen
  • Computer being rendered unusable by virus or worm
  • Private data being captured by stealth, keylogging software
  • Sensitive data being copied, modified or deleted by or exposed to unauthorized individual
risk to sensitive data is huge
Risk To Sensitive Data Is Huge!
  • A total of 1.9 billion reported compromised records from 1980-2006¹
  • Trend is toward:
    • More sophisticated criminal attacks
    • Increasing # of incidents where motive is exploit of personal data for profit
  • However, there are many steps individuals can take to prevent such attacks

¹Source: Phil Howard & Kris Erickson, University of Washington study, March 12, 2007

before you go secure your system
Before You Go, Secure Your System
  • Configure operating system, browser, word processing and other software to automatically update.
  • Obtain free anti-virus and anti-spyware software for office and home computers. Configure for automatic update and regular device scans.
  • Set security settings in browser to “medium-high” or “high”
before you go secure your system continued
Before You Go, Secure Your System - continued
  • Properly configure the firewall
  • Use strong passwords
  • Tips for securing systems - http://www.itc.virginia.edu/security/device-requirements.html
before you go secure your data
Before You Go, Secure Your Data
  • Delete or de-identify non-essential sensitive data
    • Common sense tips - http://www.itc.virginia.edu/security/
    • Examples of legally protected data -http://www.itc.virginia.edu/security/
    • Tool - Spider will search for hard drive data appearing to be SSNs or credit card #s - https://www.itc.virginia.edu/security/identityfinder
before you go secure your data continued
Before You Go, Secure Your Data - continued
  • Encrypt sensitive data that cannot be removed
    • Encryption Guidance - http://www.itc.virginia.edu/security/mobile/encryption.html
  • Create data backup and store in safe place
before you go prep for secure remote access
Before You Go, Prep for Secure Remote Access
  • Install UVA-Anywhere to enable:
    • Remote use of the Home Directory Service
    • Access to UVa-licensed online databases, news resources, and software
    • Encrypted data transmission
    • Access to UVa Email server without reconfiguration
  • Tips and tool - http://www.itc.virginia.edu/network/vpn/
when on the road
When On The Road,
  • Be wireless wary. Prevent unintentional connections to untrustworthy wireless networks
  • Disable file and print sharing
  • Device Requirements - http://www.itc.virginia.edu/security/
when on the road17
When On The Road,
  • Never key passwords or other sensitive information into public computers that may not be properly secured. Hidden software that captures every keystroke may be installed.
  • Keep mobile devices and electronic media with you at all times or under lock and key
  • Call UVa if you suspect or know your password or sensitive data have been stolen or otherwise compromised
checklist
Checklist
  • Software up to date
  • Anti-virus and anti-spyware software installed
  • Strong security settings on browser
  • Strong passwords
  • Software firewall activated
checklist continued
Checklist - continued
  • Sensitive data purged or encrypted
  • Data backup stored in safe
  • Got UVa-Anywhere
  • Choosing wireless networks carefully
  • Steering clear of improperly maintained public computers
  • Watching mobile devices and electronic media like a hawk
ad