LimKokWing University<br />Security and Windows 7<br />SanjayW – MVP (Security)<br />Azra Rizal – MVP (Security)<br />
Topics<br />Why anyone should care about information security?<br />Introduction & Goals<br />The 10 security misconceptio...
Why anyone should care about information security?<br />Just about every professional  discipline uses computers<br />Keep...
Introduction<br />
Our Goal<br />
Top ten security myths<br />I’ve got antivirus, I’m good to go<br />I have a strong password on my laptop, no one can acce...
Top ten security myths –Cont’d<br />I never visit “bad” internet sites, I will be safe<br />I hide all my stuff in hidden ...
Why Antivirus alone isn’t enough?<br />Antivirus rely on patterns, i.e. it’s as good as the pattern you use<br />Worms can...
P@sswords?<br />What constitute a good password?<br />Definitely not a passWORD, should a passPHRASE instead<br />FACT! - ...
Security problems are everywhere, anywhere..<br />Which is more secure? Unix/Linux or Windows? Or Mac?<br />Security is as...
Wired/Wireless Network<br />Which is “better”?<br />Use of public networks (e.g. hotspots)<br />Do’s <br />Don’ts<br />
Organizational security<br />Protects a lot but not enough<br />The perimeter should be your own machine<br />Moving out o...
Threats come uninvited (too)<br />Almost 50% of threats finds its own way to you<br />The rest are probably invited ones ...
Obscurity <br />Security through obscurity is not security<br />It’s merely hiding<br />E.g. hiding a folder in your compu...
Online Friends<br />The issue is not whether who you add or allow to see your private data<br />Social networking,  blogs,...
Beefing up security<br />The fact is, the more you have isn’t always the best when the sum of it matters<br />That doesn’t...
Mobile storage<br />Easiest way to access your data<br />Does not carry any security by default<br />Password protection o...
New and emerging threats<br />Social networking<br />Mobile devices<br />Web 2.0<br />
Social Networking<br />Facebook/Tweeter – The open book of one’s life<br />Be careful what you post and update in there<br...
Read the prints<br />Always check what an application, website etc is asking you for..<br />
Read the prints<br />Google’s ad sensing technology<br />Google scans the text of Gmail messages in order to filter spam a...
Mobile devices<br />PDA/Smartphones<br />iPods etc…<br />Any device that has data, and its mobile and it can connect to th...
Web 2.0<br />Blogs, youtube, photos, online spaces, virtual worlds<br />Try searching yourself from here<br />www.123peopl...
Other stuff that make it to the headlines<br />
How much information you can deduce from this..?<br />A facebook status message I saw 2 days ago..<br />“We are packed and...
How much information you can deduce from this..?<br />The person is not contactable<br />The person will most likely be aw...
Upcoming SlideShare
Loading in...5
×

Lkw Security Part 1_MVPs Azra & Sanjay

768
-1

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
768
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • Its hard to find professional jobs that do not use themWhat you don’t share is probably private, lets keep it that wayTakes just about 20 minutes for a computer to get infected or compromised onlineSimple examples – Bank scenario …e.g. helpdesk asking for passwordPeople will do just about anything to pin you down, why make it easy for them?It’s knowledge that you can benefit from, just like driving a car, for a lifetime
  • You ..begins with someoneYour data - When you start having data, over the internet, email, phones, PDA, laptops, thumbdrives, shared drives etcYour network – Both physically, metaphysical, virtual and human interactions transformed into digital dataExposures – Information gets leakedExploit – Malicious intent with your data and information
  • Show you how Windows 7 helpsYou – empower you with knowledgeAzra will show you how you can secure your dataHelp you make intelligent decisions on what to share and what not to shareShrink unwanted exposure to virtually zeroDestroy possibilities of data exploits
  • - Antivirus -
  • Patterns - until you don’t have the newest pattern, you won’t know you are infected or vulnerable
  • Wifi doAlways ask if that is the SSID (the broadcast) name actually belong to that providerRequest if you can use itWifi don’tIf it’s public, avoid private sites, banking sites if possibleWhen accessing anything that require passwords, make sure its HTTPS/FTP etc, otherwise, do it later
  • - Information disclose
  • Not much security emphasis is given on these devicesWhile “browsing in starbucks over a unauthenticated bluetooth connection”
  • Lkw Security Part 1_MVPs Azra & Sanjay

    1. 1. LimKokWing University<br />Security and Windows 7<br />SanjayW – MVP (Security)<br />Azra Rizal – MVP (Security)<br />
    2. 2. Topics<br />Why anyone should care about information security?<br />Introduction & Goals<br />The 10 security misconceptions<br />New and emerging threats<br />Protecting privacy and information with Windows 7 and other Microsoft solutions<br />Demos<br />Certifications – Your competitive advantage<br />
    3. 3. Why anyone should care about information security?<br />Just about every professional discipline uses computers<br />Keeping your data, yours<br />The Internet<br />Social engineering<br />Knowledge is power<br />Threat of espionage <br />If you don’t then who will?<br />It is your responsibility, legally speaking!<br />It’s a lifelong benefit<br />
    4. 4. Introduction<br />
    5. 5. Our Goal<br />
    6. 6. Top ten security myths<br />I’ve got antivirus, I’m good to go<br />I have a strong password on my laptop, no one can access my data<br />I don’t use Windows, I’m already secure<br />No one can see what I do in a public/private WiFi/network<br />The campus IT guys got me covered<br />
    7. 7. Top ten security myths –Cont’d<br />I never visit “bad” internet sites, I will be safe<br />I hide all my stuff in hidden folders and such, my data is safe<br />I never add anyone Idon’t know on socialnetworking sites, blogs, etc..<br />I install lots of security software, I think I am fine<br />I store all my data externally and I carry that everywhere safely<br />
    8. 8. Why Antivirus alone isn’t enough?<br />Antivirus rely on patterns, i.e. it’s as good as the pattern you use<br />Worms can potentially disarm protection and access to security websites<br />Thus, most exploits become successful because of one primary thing:<br />Lack of patching, both application and OS<br />
    9. 9. P@sswords?<br />What constitute a good password?<br />Definitely not a passWORD, should a passPHRASE instead<br />FACT! - Longer passwords are better than short complex ones<br />5 characters (all lowercase) takes about a minute to crack @ 500,000 passwords/sec<br />10 characters (all lowercase) would take approximately 10 years @ 500,000 passwords/sec<br />Of course, don’t use known (dictionary) words la..<br />
    10. 10. Security problems are everywhere, anywhere..<br />Which is more secure? Unix/Linux or Windows? Or Mac?<br />Security is as strong as it’s weakest link<br />Sometimes (actually most of the time) it’s the human factor<br />E.g. lack of patching<br />E.g. lack of security updates in applications<br />E.g. use of weak passwords<br />
    11. 11. Wired/Wireless Network<br />Which is “better”?<br />Use of public networks (e.g. hotspots)<br />Do’s <br />Don’ts<br />
    12. 12. Organizational security<br />Protects a lot but not enough<br />The perimeter should be your own machine<br />Moving out of the org<br />Using 3G modems, wireless peer, 3rd party connectivity<br />
    13. 13. Threats come uninvited (too)<br />Almost 50% of threats finds its own way to you<br />The rest are probably invited ones <br />Plug an unpatched, unprotected computer out on an unprotected internet connection<br />Takes approximately 20 minutes to get it ridiculed with worms and viruses<br />
    14. 14. Obscurity <br />Security through obscurity is not security<br />It’s merely hiding<br />E.g. hiding a folder in your computer<br />Using “hide tools”<br />Hiding is fine, just as long you know, it’s not securing<br />
    15. 15. Online Friends<br />The issue is not whether who you add or allow to see your private data<br />Social networking, blogs, picture sites etc..<br />It’s human to trust friends, disallowing people you don’t know<br />Thin line between friends and foes<br />
    16. 16. Beefing up security<br />The fact is, the more you have isn’t always the best when the sum of it matters<br />That doesn’t also mean, the less is better<br />The important thing to remember, the easier the better<br />That you understand, you best use<br />That you don’t you may misuse<br />
    17. 17. Mobile storage<br />Easiest way to access your data<br />Does not carry any security by default<br />Password protection on those drives can be easily defeated<br />
    18. 18. New and emerging threats<br />Social networking<br />Mobile devices<br />Web 2.0<br />
    19. 19. Social Networking<br />Facebook/Tweeter – The open book of one’s life<br />Be careful what you post and update in there<br />There’s always search engines to profile you<br />
    20. 20. Read the prints<br />Always check what an application, website etc is asking you for..<br />
    21. 21. Read the prints<br />Google’s ad sensing technology<br />Google scans the text of Gmail messages in order to filter spam and detect viruses, just as all major webmail services do. Google also uses this scanning technology to deliver targeted text ads and other related information. This is completely automated and involves no humans.<br />
    22. 22. Mobile devices<br />PDA/Smartphones<br />iPods etc…<br />Any device that has data, and its mobile and it can connect to the internet<br />
    23. 23. Web 2.0<br />Blogs, youtube, photos, online spaces, virtual worlds<br />Try searching yourself from here<br />www.123people.com<br />
    24. 24. Other stuff that make it to the headlines<br />
    25. 25. How much information you can deduce from this..?<br />A facebook status message I saw 2 days ago..<br />“We are packed and ready for Singapore. Peace and quiet!<br />Then, some friends replied, including this..<br />“Don’t worry bro, Goggles is in good hands..”<br />
    26. 26. How much information you can deduce from this..?<br />The person is not contactable<br />The person will most likely be away on a holiday/not working<br />He’s not travelling alone<br />They have not left *yet*, safe bet, 1 day top<br />Most likely Fluff is dog/cat/fish, and his house will be empty!!!!! <br />His pet’s name is Googles<br />His friend (probably a neighbor) will either frequent the house to feed the animal..<br />
    1. A particular slide catching your eye?

      Clipping is a handy way to collect important slides you want to go back to later.

    ×