Computer Security


Published on

1 Like
  • Be the first to comment

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Disclosure Alteration Destruction
  • Montana Code Annotated – Unlawful use of a computer
  • SSNs, GIDs, Credit Card Numbers
  • Virus – attaches itself to a program or file in order to spread, requires human action Worms – propagate themselves from computer to computer, subclass of virus Trojans – appears to be useful, but does damage when run; known to create backdoos MBC – includes spyware, spread by scripting (ActiveX, Java, etc) Spyware/Adware – unwanted software that may report back to the manufacurer information about your system or habits/that generates pop-up advertisements Hybrid is a mixing of the others properties
  • Compromising your… Confidentiality Integrity Availability
  • CD’s, flash cards & drives; auto-play feature Filtering Only go to known sites (SiteAdvisor or CallingID) Firewall & Patching systems
  • Intrusion detection/prevention systems AV Programs, Ad-Aware, Spybot, Defender Greylisting - [email_address] or [email_address] Several black list services No silver bullet
  • Computer Security

    1. 1. Information Security What You Should Know <ul><li>Fred Pettis </li></ul><ul><li>ITC </li></ul>
    2. 2. Introduction <ul><li>What is Information Security? </li></ul><ul><ul><li>C onfidentiality </li></ul></ul><ul><ul><li>I ntegrity </li></ul></ul><ul><ul><li>A vailability </li></ul></ul><ul><li>Recent Compromises </li></ul><ul><li>Why is This Important? </li></ul>
    3. 3. Vulnerabilities <ul><li>Outdated Systems and Applications </li></ul><ul><li>Configuration Errors </li></ul><ul><li>Mishandled Data </li></ul><ul><li>Lack of Awareness </li></ul>
    4. 4. Exploits <ul><li>Viruses </li></ul><ul><li>Spyware/Malware </li></ul><ul><li>Phishing </li></ul><ul><li>Brute Force </li></ul><ul><li>The Insider Problem </li></ul>
    5. 5. Government Regulation <ul><li>FERPA (Family Education Rights and Privacy Act) </li></ul><ul><li>GLB (Gramm-Leach-Bliley) </li></ul><ul><li>US Privacy Act of 1974 </li></ul><ul><li>MCA 45-6-311 </li></ul>
    6. 6. Policy <ul><li>Board Of Regents </li></ul><ul><ul><li>Data Security / Appropriate Use </li></ul></ul><ul><li>Montana State University </li></ul><ul><ul><li>Computing Policies Manual </li></ul></ul><ul><ul><li>Campus Networking Policy </li></ul></ul><ul><ul><li>Acceptable Use Policy </li></ul></ul><ul><ul><li>Safeguarding Customer Data </li></ul></ul>
    7. 7. Policy <ul><li>MSU Domain Login </li></ul>
    8. 8. Protect Our Information <ul><li>What Is Sensitive Information? </li></ul><ul><li>Data Stewardship </li></ul>
    9. 9. Protect Your Accounts <ul><li>Your Banner Account </li></ul><ul><li>Your Domain Account </li></ul><ul><li>Your MyMSU Portal Account </li></ul><ul><li>Your Password </li></ul>
    10. 10. Stay Safe Online <ul><li>Email Practices </li></ul><ul><li>Web Browsing </li></ul><ul><li>Instant Messaging </li></ul><ul><li>Phishing </li></ul><ul><li>Spyware/Malware </li></ul><ul><li>Downloads </li></ul>
    11. 11. Secure Your Desktop
    12. 12. Secure Your Desktop <ul><li>Threat of Malware </li></ul><ul><li>Malware Capabilities </li></ul><ul><li>Propagation Techniques </li></ul><ul><li>Malware Defense Techniques </li></ul><ul><li>Malware Defense Tools </li></ul>
    13. 13. Threat of Malware <ul><li>Viruses </li></ul><ul><li>Worms </li></ul><ul><li>Trojans </li></ul><ul><li>Malicious browser content </li></ul><ul><li>Spyware/Adware </li></ul><ul><li>Hybrid Threats </li></ul>
    14. 14. Malware Capabilities <ul><li>Destruction of data </li></ul><ul><li>Leaking confidential information </li></ul><ul><li>Altering system configuration </li></ul><ul><li>Providing backdoor access </li></ul><ul><li>Countless other opportunities </li></ul>
    15. 15. Propagation Techniques <ul><li>Removable media </li></ul><ul><li>E-mail attachments </li></ul><ul><li>Web browsing </li></ul><ul><li>Network vulnerabilities </li></ul><ul><li>IM applications </li></ul><ul><li>Peer-to-Peer networks </li></ul>
    16. 16. Malware Defense Techniques <ul><li>Activity monitoring program </li></ul><ul><li>File and resource integrity checking </li></ul><ul><li>Malware scanners </li></ul><ul><li>Email filters & stripping attachments </li></ul><ul><li>Defense-in-depth </li></ul>
    17. 17. Malware Defense Tools (Microsoft) <ul><li>Microsoft/Automatic Updates & Rebooting </li></ul><ul><li>Windows Firewall </li></ul><ul><li>Windows Backups </li></ul><ul><li>System Restore </li></ul><ul><li>Windows Defender </li></ul>
    18. 18. Malware Defense Tools (3 rd Party) <ul><li>Spybot Search & Destroy </li></ul><ul><li>Ad-Aware SE Plus </li></ul><ul><li>McAfee </li></ul><ul><li>SpamBayes </li></ul><ul><li>SiteAdvisor or CallingID </li></ul><ul><li>LANDesk </li></ul><ul><li> </li></ul>
    19. 19. Resources <ul><li>ITC Help Desk </li></ul><ul><ul><li>X1777 </li></ul></ul><ul><ul><li>[email_address] </li></ul></ul><ul><ul><li>75 Renne Hall </li></ul></ul><ul><li>IT Security Web Page </li></ul><ul><li>Enterprise Security Manager </li></ul><ul><li>[email_address] , x5091 </li></ul><ul><li>Desktop Security Specialist </li></ul><ul><li>[email_address] , x6077 </li></ul>
    20. 20. Questions ?