1 / 47

Practical Approaches to Security: Physical and Digital Threats

Discover practical approaches to physical and digital security threats in this chapter, including tips for securing laptops, desktops, mobile devices, and networks. Learn about the top threats to computers and the imperative steps to protect your systems.

elinorj
Download Presentation

Practical Approaches to Security: Physical and Digital Threats

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Page 47-79 Chapter 4: Practical Approaches to Security

  2. Page 47 Security Exhaustion At some point being told to do something but not sure what has translated into lets do nothing an hope: Fact – 63% of the respondents in a recent survey indicated they were facing security fatigue. So people start to: They are not personally at risk, there is nothing they have that anybody wants. Someone else is responsible for security, or I have stuff that will take care of everything. Nothing they do will change a thing so what will happen will happen. Chapter 4: Practical Approaches to Security

  3. Page 47 Physical Security • The PRIMARY risks: • Unencrypted data on laptops • Servers not physically secure • Desktops left unprotected / no screensaver passwords • Mobile devices used at work, BYOD • Devices with USB ports • Unreliable power sources • Unsecured WiFi networks • Bad backup policies Chapter 4: Practical Approaches to Security

  4. Page 48-49 Top Ten (Thirteen) Threats to Computers • Infection Agents • Viruses • Worms • Trojan Horse Programs • Rootkits • Spyware • Adware • Ransomware • Infection Vectors • Spam Mail/Phishing Mail • BYOD (personal devices in the workplace) • Wireless Attacks • Bad Web Sites • Adware • Social Engineering • Client USB thumb drives and DVDs The threats to our systems we will address Chapter 4: Practical Approaches to Security

  5. Page 49 Five Imperatives • Keep every computer updated • Have & use protection: • Have up-to-date backups • Have Security protocols Regular maintenance Surprise audits Procedures for emergencies • Practice “safe computing” Chapter 4: Practical Approaches to Security

  6. Page 50 Configuring Windows • Have Automatic Updates ON • Update programs too Chapter 4: Practical Approaches to Security

  7. Page 52 Second Imperative – Have Adequate Defenses These are not set it and forget devices Hardware firewall – Not an issue of years but an issue of functionality Software firewall – This is software that requires updating, depend of the developer to make the call Virus Program - This is software that requires updating, depend of the developer to make the call Several Spyware / malware programs - This is software that requires updating, depend of the developer to make the call Chapter 4: Practical Approaches to Security

  8. Page 52 Second Imperative – Have Adequate Defenses • Hardware firewall Manages Inbound Traffic Firewall Chapter 4: Practical Approaches to Security

  9. Page 53-56 Step 1 – Use a Firewall Three of the top contenders per firewall.com ranging in price from $440 to $1520. Buying is not the most important part it is setting it up. Chapter 4: Practical Approaches to Security

  10. Page 56 Things to Remember about Firewalls Don’t assume that a firewall will solve all security problems. Firewalls may be great at stopping unwanted intrusions, but they do nothing to prevent virus-laden emails or stop adware and spyware. Hardware firewalls will not manage outbound traffic, which means that should a piece of malware find its way on a computer, it could be turned into a spam server on the internet. The sole purpose of a hardware firewall is to cloak a computer and stymie inquisitive software that pings, sniffs, and queries IP addresses in the hopes of finding an open system. They must be set up properly. An enormous number of these devices are unboxed, plugged in, and considered to be installed. There is a setup process the directions will specify to configure the device for different situations. One of the biggest problems is users failing to change the device password to a user-specific one. Chapter 4: Practical Approaches to Security

  11. Page 56 Test your Firewall • www.grc.com • This is how I know my firewall is okay Chapter 4: Practical Approaches to Security

  12. Page 56-57 Software Firewalls • Software firewall – Win 7 Firewall, engaged Chapter 4: Practical Approaches to Security

  13. Page 56-57 Software Firewalls • Type Here Chapter 4: Practical Approaches to Security

  14. Page 57-58 User Account Control While you’re at it, why not remove the batteries from your fire alarm? Chapter 4: Practical Approaches to Security

  15. Page 59-60 Step 2 – Antivirus and Anti-Malware Programs The answer is it depends who you talk to, there is no perfect here, the true cat an mouse game continues. Note an update from the manual publication has changed the top ranking product. Image courtesy of https://www.pcmag.com/article2/0,2817,2369749,00.asp Chapter 4: Practical Approaches to Security

  16. Page 59-60 Step 2 – Antivirus and Anti-Malware Programs The answer is it depends who you talk to, there is no perfect here, the true cat an mouse game continues. Note an update from the manual publication has changed the top ranking product. Image courtesy of toptenreviews.com Chapter 4: Practical Approaches to Security

  17. Page 60 Step 2-Antivirus and Anti-malware Programs Chapter 4: Practical Approaches to Security

  18. Page 60 Step 2 – Antivirus and Anti-Malware Programs Chapter 4: Practical Approaches to Security

  19. Page 61 The Microsoft Response It comes with Win 10 Chapter 4: Practical Approaches to Security

  20. Page 61 The Microsoft Response Freeware Security: Ok performance – Win 7 Chapter 4: Practical Approaches to Security

  21. Page 61-Update The Microsoft Response Microsoft Safety Scanner is a scan tool designed to find and remove malware from Windows computers. Simply download it and run a scan to find malware and try to reverse changes made by identified threats. https://www.microsoft.com/en-us/wdsi/products/scanner Chapter 4: Practical Approaches to Security

  22. Page 62 Fake Anti-Malware Bogus! Chapter 4: Practical Approaches to Security

  23. Page 62 Fake Anti-Malware Bogus! Chapter 4: Practical Approaches to Security

  24. Page 63 Fake Anti-Malware https://en.wikipedia.org/wiki/List_of_rogue_security_software Chapter 4: Practical Approaches to Security

  25. Page 66-67 Preventing/Rescue from Ransomware Where does this stuff come from: Work computers on personal surfs Free software Downloads eBook Sites Porn Sites Pirated Movies and Music Email attachments Cloud Based file Sharing Sites Pay the ransom (typically $300 - $500) and you may or perhaps not get your data unlocked. Chapter 4: Practical Approaches to Security

  26. Page 67 Preventing/Rescue from Ransomware Chapter 4: Practical Approaches to Security

  27. Page 67 Preventing/Rescue from Ransomware To defend against these attacks: Adopt prevention programs. Strengthen email controls. Insulate infrastructure. • Limit the access a workstation has based on need. • “Domain Controllers” will complicate systems but improve security. • If using a cloud based filing system this will not thwart the attack. Plan for the attack. Chapter 4: Practical Approaches to Security

  28. Page 67-Bonus Preventing/Rescue from Ransomware Helpful Sites: https://insights.sei.cmu.edu/sei_blog/2017/05/ransomware-best-practices-for-prevention-and-response.html https://www.business.com/articles/how-to-protect-from-ransomware-summarizing-the-best-practices/ https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/best-practices-ransomware https://businessinsights.bitdefender.com/best-practices-preventing-responding-ransomware-attacks Chapter 4: Practical Approaches to Security

  29. Page 68 What To Do if Infected Be Prepared by: Chapter 4: Practical Approaches to Security

  30. Page 68 Can this Stuff Be Kept off the Computer? Anti-virus will not protect you! There are programs that will Cryptoprevent: $ 15 www.foolishit.com Chapter 4: Practical Approaches to Security

  31. Page 69-Update Can this Stuff Be Kept off the Computer? Alternate: HitmanPro.alert $54.95 for 3PCs https://www.hitmanpro.com/alert.aspx Chapter 4: Practical Approaches to Security

  32. Page 69-Bonus Can this Stuff Be Kept off the Computer? Chapter 4: Practical Approaches to Security

  33. Page 69-Bonus Can this Stuff Be Kept off the Computer? https://malwarebytes-anti-ransomware.en.softonic.com/ Chapter 4: Practical Approaches to Security

  34. Page 69-70 SPAM Mail The best way to avoid spam is to use a hosted filter. The best are provided with Gmail and Outlook. It’s easy to redirect mail so it passes through Gmail. Simply configure the current email host to forward the mail to a Gmail account. Chapter 4: Practical Approaches to Security

  35. Page 69-70 Spam Mail 89% of all emails are Spam 260 Billion spam emails per day Chapter 4: Practical Approaches to Security

  36. Page 71 Wireless Attack Consider not using wireless inside the office firewall. Any public access wireless in your office should be outside your firewall. Always turn on security: • Set up passwords and logins on routers • Do not allow the WiFi to be discoverable, i.e. you must know it is there, limits accidental intrusion's. Chapter 4: Practical Approaches to Security

  37. Page 72 Facebook Dangers While Face Book is almost a requirement of commercial firms today, careful use of the resource is a must. Imperative – Ban Facebook while staff is on premises Chapter 4: Practical Approaches to Security

  38. Page 72-73- Bonus Safe Facebooking Managing your social media presence is a safe computing imperative. Frank Abiginale a thief turned consultant for the FBI indicates that especially Americans willingly turn over an incredible amount of information to almost anyone. http://www.trustedreviews.com/opinion/facebook-privacy-settings-protecting-what-you-care-about-2939307 Chapter 4: Practical Approaches to Security

  39. Page 73 Having a “Disaster Day” SOP Do you know what you’ll do if you have a disaster? Who does what? Tools available? Policies People aware, ready and trained? Chapter 4: Practical Approaches to Security

  40. Page 73 Having a “Disaster Day” SOP Do you know what you’ll do if you have a disaster? Who does what? Tools available? Policies People aware, ready and trained? Chapter 4: Practical Approaches to Security

  41. Page 74 Having a “Disaster Day” SOP Do you know what you’ll do if you have a disaster? Who does what? Tools available? Policies People aware, ready and trained? Chapter 4: Practical Approaches to Security

  42. Page 74-77 Some Chapter Titles Safe Computer Usage – Page 74 Social Engineering – Page 74 – 75 Staying Safe Online – Page 75 How to Prevent Infection – Page 75 – 77 A 22 item checklist of what to do to keep your system running smooth and event free Chapter 4: Practical Approaches to Security

  43. Page 47 Virtual Private Networks A VPN is an encrypted tunnel over a public wire between two points. This can be used by: A person on a public WiFi can mask their identity. Someone who requires their IP address to be cloaked. Someone who is transmitting confidential data over a public wire. Chapter 4: Practical Approaches to Security

  44. Page 77-78 Virtual Private Networks Caution – A VPN connection will normally slow down the internet connection: The Steps: A service that is signed up for costing as little as $3 a month. Once the service is arranged for a connection will normally be tunneled through the service. VPN connections will increase your security and open the internet to broader access Your IP address will be hidden from every site a connection is made to. Chapter 4: Practical Approaches to Security

  45. Page 78 Virtual Private Networks http://www.toptenreviews.com/software/privacy/best-proxy-services/ Chapter 4: Practical Approaches to Security

  46. Page 78 Downloading Programs Chapter 4: Practical Approaches to Security

  47. Page 78-79 Additional Resources Chapter 4: Practical Approaches to Security

More Related