Security, Protection of
Data, Information &
Passwords
COMP2071
Protection Of Data
Company Data:
• Data that belongs to the company. Financial
Statements, etc.
Employee Data:
• Data that...
Protection Of Data
• As the helpdesk analyst it is your job to assist
in the protection of data at all levels
• You may be...
Protection Of Data
• For example, if a manager requests access
to an employees data you would need to
specify what data
(e...
Protection of Information
• Everything we talked towards rings true for
protecting information as well
• The main thing to...
Passwords
• Passwords are very important to keep confidential
• If another employee got your password they could
logon as ...
Passwords
• If users give their passwords to you or you reset a
password without verifying the user, this can mean
an audi...
Encryption
• Most enterprises will have some sort of
encryption built into their architecture
• Some types of encryption y...
Encryption
• Some key things to remember when supporting
encryption are:
– Most of the time the files will be flagged by a...
Lost or Stolen Devices
• You may run into an instance where a user has
lost a device or has been stolen
• In these cases, ...
Hand-held devices
As an extra bit of learning some tools….
• You may also need to help people with the
password to their h...
Hand-held devices
• A pretty cool tool Blackberry offers is a
Blackberry simulator
• For this example you can run the one
...
Upcoming SlideShare
Loading in...5
×

Lesson 4 protection of information

77

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
77
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Lesson 4 protection of information

  1. 1. Security, Protection of Data, Information & Passwords COMP2071
  2. 2. Protection Of Data Company Data: • Data that belongs to the company. Financial Statements, etc. Employee Data: • Data that belongs to the employee. Employee evaluations, personal emails, etc. Customer Data: • Data that is confidential in nature towards a customer. SIN number, phone numbers, etc.
  3. 3. Protection Of Data • As the helpdesk analyst it is your job to assist in the protection of data at all levels • You may be providing services that help other employees protect data or you may be the intermediary of the data • No matter which type of data it is you need to understand your role is to not just provide data for no reason and without approval • Don’t ever give out data or personal details to anyone but the owner
  4. 4. Protection Of Data • For example, if a manager requests access to an employees data you would need to specify what data (email, documents, etc.), then you would request the written approval of the manager of the requestor • To truly cover all issues with granting access you may also be asked to get approval from the head of HR as well • From there you may have to send your ticket to an Nth dept. or you may be able to grant access through the tools in the helpdesk
  5. 5. Protection of Information • Everything we talked towards rings true for protecting information as well • The main thing to remember here, don’t give out any information that is not readily accessible to an employee already • On the other side, don’t give out internal company information to any sales agents, vendors, or telemarketers that may call the helpdesk as well • If in doubt, transfer the call to your second level or team lead
  6. 6. Passwords • Passwords are very important to keep confidential • If another employee got your password they could logon as you and do illegal things such as fraud or even just watch porn which is grounds enough to be fired in some companies • The users are asked to protect their password and it is their responsibility to do so • That being said, users often will give their password to helpdesk staff as there is a feeling of “trust” there • You as the helpdesk analyst will need to know that you should never know or ask a user for their password
  7. 7. Passwords • If users give their passwords to you or you reset a password without verifying the user, this can mean an audit failure for the whole helpdesk department which means your job will be on the line • Most enterprise helpdesks will have some sort of mechanism and policy in place to verify a user for a password reset • This can include secret questions, a users employee number, etc. • You should never give a password through email • And final note, a new password should always be set to expire
  8. 8. Encryption • Most enterprises will have some sort of encryption built into their architecture • Some types of encryption you may support on the helpdesk is: – Encryption of data on a desktop or laptop especially. Here the data would decrypt when the user logs in successfully – USB encryption, where a user’s thumb drive would be encrypted when it plugs into a company device – Encrypted email transmission – Blackberry or other company held devices
  9. 9. Encryption • Some key things to remember when supporting encryption are: – Most of the time the files will be flagged by a word or the colour green – Before you make a copy of a file you must decrypt it first, this is important if backing up a users data before a reimage – Users may put their own personal devices into the network, thus encrypting their personal device. There is no reversing it so you would work with the user to get the data off and they could reformat it at home – Email sent out with encryption is usually easier to get back after it is sent, this can be useful
  10. 10. Lost or Stolen Devices • You may run into an instance where a user has lost a device or has been stolen • In these cases, there is usually a process around this which could include some of the following items: – Remotely wiping a device (if possible) using tools on the helpdesk – Reporting the loss to information security – Ordering new devices • Users will always call the helpdesk for everything so be prepared to assist on all levels
  11. 11. Hand-held devices As an extra bit of learning some tools…. • You may also need to help people with the password to their handheld devices, or just access to email on their devices • The email team has the ability to send out scripts to devices to try and resolve some of these issues but if the user has already begun tinkering with them and set strange passwords on them these scripts often fail • Another interesting thing IT does is the policies on the devices, we will look at some
  12. 12. Hand-held devices • A pretty cool tool Blackberry offers is a Blackberry simulator • For this example you can run the one that’s on Blackboard • Let’s work through this together…..
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×