SlideShare a Scribd company logo

Make Your Employees More Security Aware

Download as PPTX, PDF
PortalGuard dba PistolStar, Inc.
PortalGuard dba PistolStar, Inc.

Top 10 Ways to Make Your Employees More Security Aware

Technology
1 of 15
Top 10 Ways to Make Your Employees More Security Aware 2:00PM EDT, Thursday August 26th, 2010 Presented By: Gregg Browinski CTO, PistolStar Inc. Moderated By: Kimberly Johnson Marketing Associate, PistolStar Inc.
Welcome to the Event • Setting Your Expectations: – Objective is to give you “food for thought” • Housekeeping Points • Introducing the Speaker: Gregg Browinski, CTO PistolStar, Inc.
Security Awareness o Many organizations tend to overlook o Forms the first line of defense against attacks o Security Awareness Programs = Headaches o Arm your employees with 10 tips to be more aware
Tip #1: Provide Credentials on HTTPS Protected Sites o Users should get in the habit of looking at a URL before logging in o HTTPS is Hypertext Transfer Protocol layered on an encrypted SSL/TLS o Prevents “eavesdropping” attacks
Tip #2: Creating Strong Passwords – Give Them a Clue o Provide a visual clue for employees when creating passwords o Avoids risks associated with weak passwords o Standards for passwords ever increasing – demands for “super passwords” o Pass “Phrases”
Tip #3: Watch for Your Personal Watermark Going to the beach is the best! o Provides compliance when multi-factor authentication is required o Another visual clue for the user o Usually used by financial institutions o Mutual authentication - proves server’s identity to user
Tip #4: Look at Your Last Login Date and Time o Provides a quick check for fraudulent logins o Can be a log or a simple phrase
Tip #5: Password History Policies o The challenge is to maintain usability while increasing compliance and security o Enforce only when appropriate o Expiration interval and password history limit are inversely proportional
Tip #6: Using Security Question(s) Examples: Bad Question: What was your first pet? Good Question: Who was your first kiss? o Use mandatory or optional sets of questions o It is better to require more answers o Can be used to reset passwords or to augment login security
Tip #7: Avoid Password Lockout – Stop Logging In! o Caused by users’ habit of repeatedly trying to login with the same credentials o Configure Password Lockouts to expire o Use helpful warning messages to educate and reduce Help Desk calls
Tip #8: Watch for Trouble Spots & Malicious Activity o Points throughout a user’s day where security is the weakest o Educate employees about attacks and how to watch for them
Tip #9: Use Virtual Keyboard When Available o Avoid keystroke logging attacks – educate users o Implement a virtual keyboard for password and/or challenge answer fields
Tip #10: Avoid Concurrent Login Sessions o Prevent concurrent login sessions • Inactivity timeouts • Logging in invalidates pre-existing sessions • Logging in not possible until previous sessions are logged out o Tailor to the required level of data protection
Please Answer Based on a Scale from 1 to 5: Short Q&A Session: 1. How much of an overall concern is security Thank You for Your Answers awareness and authentication in your organization currently? In order to help us provide our audience with the Please Choose One Answer for the Following: appropriate information for 2. Out of these four business drivers which one future events, please take resonates the most with you and in your a moment to respond with environment? your answers to the a) Usability following questions via b) Security Instant Message. c) Auditing d) Compliance Your answers are greatly 3. Out of these four feature categories which one appreciated. Thank you. resonates the most with you and in your environment? e) Password Management f) Self-service g) Audit/Logging h) Stronger Authentication
Q&A • Q&A Session • Thank You for Attending • Please email Kjohnson@pistolstar.com with any questions, comments or feedback you may have • For more information on this series and other webinars such as: “Securely Manage Your Corporate Portal Login: Take a Look at How the Financial Industry is Leading the Way” Please Visit: http://portalguard.com/learn-more.html

Recommended

4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentationRashid Khatmey
 
Daniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxDaniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxRomania Testing
 
Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident ResponseAnton Chuvakin
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 dandb-technology
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s cannersRashid Khatmey
 
Be Aware of These Security Recommendations
Be Aware of These Security RecommendationsBe Aware of These Security Recommendations
Be Aware of These Security RecommendationsDue
 
SnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms
 

Recommended

4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentationRashid Khatmey
 
Daniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxDaniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxRomania Testing
 
Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident ResponseAnton Chuvakin
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 dandb-technology
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s cannersRashid Khatmey
 
Be Aware of These Security Recommendations
Be Aware of These Security RecommendationsBe Aware of These Security Recommendations
Be Aware of These Security RecommendationsDue
 
SnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms
 
How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Spring Security
Spring SecuritySpring Security
Spring SecurityKnoldus Inc.
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdfAliza Oscar
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag501 Commons
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordNicholas Davis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityEvernym
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGHuman Capital Media
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Supporttodd.lewis
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceRingLead
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end usersProgressive Integrations
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfinfosec train
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeAngela Williams
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipseGrabber
 
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 

More Related Content

Similar to Make Your Employees More Security Aware

How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdfAliza Oscar
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag501 Commons
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordNicholas Davis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityEvernym
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGHuman Capital Media
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Supporttodd.lewis
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceRingLead
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfinfosec train
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeAngela Williams
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipseGrabber
 

Similar to Make Your Employees More Security Aware (20)

How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secure
 
Spring Security
Spring SecuritySpring Security
Spring Security
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More Usable
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a Password
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Support
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and Salesforce
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end users
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdf
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And Time
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationships
 

More from PortalGuard dba PistolStar, Inc.

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 

More from PortalGuard dba PistolStar, Inc. (11)

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Password Management
Password ManagementPassword Management
Password Management
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 
Password management
Password managementPassword management
Password management
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 

Recently uploaded

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 

Recently uploaded (20)

Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 

Make Your Employees More Security Aware

  • 1. Top 10 Ways to Make Your Employees More Security Aware 2:00PM EDT, Thursday August 26th, 2010 Presented By: Gregg Browinski CTO, PistolStar Inc. Moderated By: Kimberly Johnson Marketing Associate, PistolStar Inc.
  • 2. Welcome to the Event • Setting Your Expectations: – Objective is to give you “food for thought” • Housekeeping Points • Introducing the Speaker: Gregg Browinski, CTO PistolStar, Inc.
  • 3. Security Awareness o Many organizations tend to overlook o Forms the first line of defense against attacks o Security Awareness Programs = Headaches o Arm your employees with 10 tips to be more aware
  • 4. Tip #1: Provide Credentials on HTTPS Protected Sites o Users should get in the habit of looking at a URL before logging in o HTTPS is Hypertext Transfer Protocol layered on an encrypted SSL/TLS o Prevents “eavesdropping” attacks
  • 5. Tip #2: Creating Strong Passwords – Give Them a Clue o Provide a visual clue for employees when creating passwords o Avoids risks associated with weak passwords o Standards for passwords ever increasing – demands for “super passwords” o Pass “Phrases”
  • 6. Tip #3: Watch for Your Personal Watermark Going to the beach is the best! o Provides compliance when multi-factor authentication is required o Another visual clue for the user o Usually used by financial institutions o Mutual authentication - proves server’s identity to user
  • 7. Tip #4: Look at Your Last Login Date and Time o Provides a quick check for fraudulent logins o Can be a log or a simple phrase
  • 8. Tip #5: Password History Policies o The challenge is to maintain usability while increasing compliance and security o Enforce only when appropriate o Expiration interval and password history limit are inversely proportional
  • 9. Tip #6: Using Security Question(s) Examples: Bad Question: What was your first pet? Good Question: Who was your first kiss? o Use mandatory or optional sets of questions o It is better to require more answers o Can be used to reset passwords or to augment login security
  • 10. Tip #7: Avoid Password Lockout – Stop Logging In! o Caused by users’ habit of repeatedly trying to login with the same credentials o Configure Password Lockouts to expire o Use helpful warning messages to educate and reduce Help Desk calls
  • 11. Tip #8: Watch for Trouble Spots & Malicious Activity o Points throughout a user’s day where security is the weakest o Educate employees about attacks and how to watch for them
  • 12. Tip #9: Use Virtual Keyboard When Available o Avoid keystroke logging attacks – educate users o Implement a virtual keyboard for password and/or challenge answer fields
  • 13. Tip #10: Avoid Concurrent Login Sessions o Prevent concurrent login sessions • Inactivity timeouts • Logging in invalidates pre-existing sessions • Logging in not possible until previous sessions are logged out o Tailor to the required level of data protection
  • 14. Please Answer Based on a Scale from 1 to 5: Short Q&A Session: 1. How much of an overall concern is security Thank You for Your Answers awareness and authentication in your organization currently? In order to help us provide our audience with the Please Choose One Answer for the Following: appropriate information for 2. Out of these four business drivers which one future events, please take resonates the most with you and in your a moment to respond with environment? your answers to the a) Usability following questions via b) Security Instant Message. c) Auditing d) Compliance Your answers are greatly 3. Out of these four feature categories which one appreciated. Thank you. resonates the most with you and in your environment? e) Password Management f) Self-service g) Audit/Logging h) Stronger Authentication
  • 15. Q&A • Q&A Session • Thank You for Attending • Please email Kjohnson@pistolstar.com with any questions, comments or feedback you may have • For more information on this series and other webinars such as: “Securely Manage Your Corporate Portal Login: Take a Look at How the Financial Industry is Leading the Way” Please Visit: http://portalguard.com/learn-more.html