Your SlideShare is downloading. ×
eSecurity! Keeping your Business and Customers Safe
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

eSecurity! Keeping your Business and Customers Safe

199
views

Published on

As if running a business isn't hard enough! …

As if running a business isn't hard enough!
AVG (AU/NZ)'s Security Advisor, Michael McKinnon, presents 10 simple tips to secure your business from online threats.

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
199
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. eSecurity! Keeping your Business andCustomers SafeMichael McKinnon, Security Advisormmckinnon@avg.com.au
  • 2. Let’s Work Together to Protect UsA little bit about AVG Australia New Zealand• We are an Avalanche Technology Group company, has been operating in Bayside suburbs for many years.• Our AVG Free Edition product is widely known throughout the world with over 98 Million Users• What will we be covering tonight? • How can I protect my business and customers? • Why is it important to do so? • Top 10 Practical Tips to Secure your Business • An exclusive offer for BBN Members, supporting local bayside businesses  2
  • 3. As if running a Business isn’t Hard Enough!As more Businesses take advantage of the booming Interneteconomy, so too do the criminals, intent on getting what theycan... Often at the sacrifice of your Reputation, your Money, oreven-worse your entire Business. 3
  • 4. The Stakes are Higher Than EverDistribute I.T. PtyLtd, started in 2002 andcollapsed in June 2011 dueto a Hacking Incident... 4
  • 5. What are the Threats?• Vectors: • Payloads: • Web Pages • Malware • E-mail Attachments • Trojan horses • Pop-Up Windows • Worms • Network Based • Spyware • Instant Messaging • Password Stealers • Chat Rooms • Keyboard Loggers • Deception 5
  • 6. Growth of Malicious Computer Code 6
  • 7. 10 Tips to Secure Your Business1. Use Secure Passwords2. Control your Internet Connection3. Secure your Wireless Networks4. Secure your Mobile Devices5. Apply all Software Updates on all Computers6. Prevent Viruses & Malware7. Reduce Spam8. Smart settings on your Internet Browsers9. Secure Internet Banking10. Be Aware of Scams and Social Engineering Tactics 7
  • 8. #1 Passwords – Back to BasicsWhat should be aim for in a password?• Should be easy to remember• Should be hard to guess (and “brute-force”) 8
  • 9. #1 Passwords – World’s Top 10 Most Used• 123456 • 12345• 123456789 • Password123• Password • 1234567• 12345678 • abc123• 654321 • Qwerty 9
  • 10. Can you guess their password? 10
  • 11. #1 Passwords – Rank in order of Strength1. E56#av+Yb!2. Password1233. aaaaaAAAAA#####434. 1234565. lucasjames 11
  • 12. #1 Passwords – Why Size Matters!Length is more important than randomness...0 – 9 = 10A – Z = 26a – z = 26#$%^ etc. = 10That’s 72 combinations for each letter of your password, for a 10 letter password that’s 72^10 12
  • 13. #1 Passwords - Summary• Never, never, ever give your password to someone else!• Absolute minimum of 10 characters• Use a mix of UPPER and lowercase; and at least one numeral; and At least one symbol character• Remember: Length is always better than Randomness!• MUST BE EASY TO REMEMBER – so you don’t have to write them down• Strongly advise separating passwords between all different sites, just needs a few characters different. 13
  • 14. #2 Control your Internet Connection• Change the default password on your Routers/Firewalls• Only allow Outgoing connections for known services – generally this means choosing the highest security level in the Firewall• Consider turning off the Internet when it is not being used – i.e. Weekends• If unsure of the setup or configuration, always consult with an IT Professional and ask for them to explain how they are making it secure. 14
  • 15. #3 Secure your Wireless Networks• Amazing how many• Never use “WEP”, always use “WPA” or “WPA2”• If you have visitors that want wireless access, have an IT professional setup a “DMZ” wireless network that only provides Internet access only – and not into your internal network• Exception to our Password Rule here – the wireless encryption key should NOT be easy to remember (it will be too long), and should be written down somewhere safe 15
  • 16. #4 Securing Mobile Devices for Business• Use of these devices has grown at an astonishing rate, and attacks are starting to appear• Always turn-on PIN number locking features• iPhone users can use Apple’s “Find My iPhone” application to recover a lost/stolen device or remote wipe.• Android phone users can use AVG Mobilation to recover lost/stolen phone or remote wipe. 16
  • 17. #5 Always Apply Software Updates• Why are so many people afraid of Software Updates?• Rule No. 1 – Always Install the Latest Updates• Rule No. 2 – Refer to Rule No. 1• Turn On Automatic Updates• This applies to updates for EVERYTHING, including: • Windows or Mac OS-X • Adobe Flash and PDF Reader • Java, and Internet Web Browsers (Firefox, Chrome etc.) 17
  • 18. #6 Prevent Viruses and Malware• Use an Internet Security solution that includes: • Scanning of e-mail attachments • Scanning of web-links that blocks access to pages • Regular scheduled scanning of files on your computer• Never, never, ever, use Peer to Peer networks like BitTorrent• Don’t forget to install an Antivirus software on the office File Server! 18
  • 19. #7 Reduce Spam• If you don’t know who sent you and e-mail, delete it. • Far easier to say, much harder to do! • Need to be vigilant• Have an Anti-spam software solution in place• Reduce Spam for others as well by protecting your own business domain • Implement Sender Policy Framework (SPF) or Domain Keys (DKIM) – speak to an IT professional • Change your e-mail account passwords regulary (especially POP and IMAP accounts) 19
  • 20. #8 Use Smart settings on Internet Browsers• Which Browser do you use? • Internet Explorer, Firefox, Chrome, Safari…• Is it up to date? Make sure it is!• Don’t let the browser remember passwords, because if it gets hacked all your passwords can be stolen! 20
  • 21. #9 Secure your Bank Accounts• Know the web address (URL) of your Internet Banking website – be aware of any misspelling or anything unusual• Always make sure your Internet Banking website is secured by HTTPS (Secure) – look for padlock• Insist on “Two-Factor” authentication for Business Banking; either a security token or SMS response code is OK• Contact your bank ASAP if you find anything unusual 21
  • 22. #10 Be Aware, Be Very AwareGreat Sources of Information• Latest security news www.avg.com.au• Information on Scams www.scamwatch.org.au• How to Clean an Infected Computer www.icode.net.au• Improving Security at Home www.cybersmart.gov.au• Defence Signals Directorate www.dsd.gov.au/infosec 22
  • 23. Who needs to know all of this stuff?• Business Owners• All Staff• Temps and Contractors• Everyone!• Don’t underestimate the power of some basic IT knowledge when it comes to improving security! 23
  • 24. What is your Business Risking?• Data / Information • Trade Secrets, things you don’t want competitors to know • Financial Data, could be deleted or tampered with • Payroll Information, could be shared with staff • Any number of items!• Money • Available through your Internet Bank Accounts • Credit Card Details 24
  • 25. Questions? Thank you  And who won the door prize? Michael McKinnon Security Advisor mmckinnon@avg.com.au 25