Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (16)
Similar to Information Security for the Jobseeker
Similar to Information Security for the Jobseeker (20)
Information Security for the Jobseeker
- 1. Information Security for the Jobseeker Allison R. Peirce III, CISSP, GSLC May 9, 2016 Allison R. Peirce III - 2016
- 2. Security is a choice –make the choice and protect yourself Security through obscurity is really no security at all DO NOT SHARE CREDENTIALS!!!! Information Security for the Jobseeker Allison R. Peirce III - 2016
- 3. Information security – a modern necessity Imposed in the workplace Instituted by function (online banking, Amazon, etc.) Ignore the excuses ‘Nobody wants to hack me’ ‘It takes too much time – it’s too complicated’ ‘Why does my password have to be so hard?’ Introduction Allison R. Peirce III - 2016
- 4. The 2015 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 12.7 million U.S. consumers in 2014, compared with $18 billion and 13.1 million victims a year earlier. There was a new identity fraud victim every two seconds in 2014. Data breaches totaled 1,540 worldwide in 2014 -- up 46 percent from the year before -- and led to the compromise of more than one billion data records. Reality I Allison R. Peirce III - 2016
- 5. You are outside of your comfort zone with modified behavior. You are not aware of who is watching you. What is the impact of a job search Short term Long term Focus on the Jobseeker Allison R. Peirce III - 2016
- 6. What is involved? Environments to consider Hardware Desktop Laptop Mobile Router/Modem/Printer Webcam Software (OS, Browser, Tools) The Internet Personal Information Security Allison R. Peirce III - 2016
- 7. Multiple users (what have the others been doing) Static network connection Firmware not an issue Insure power on/BIOS settings are what you want Boot order Eligible boot devices Security settings Hardware - Desktop Allison R. Peirce III - 2016
- 8. Laptop Multiple accounts (and/or users) Multiple network connections defined Firmware – only from OEM site Check BIOS settings Mobile – Tablets and smartphones Multiple admin accounts Multiple network connections Hardware - Portable Allison R. Peirce III - 2016
- 9. Router/Modem/Printer Router configuration Printers are web enabled Webcam Can be hacked and used without notice Preference – disable integrated webcam, use external via USB connection Hardware – Peripheral Allison R. Peirce III - 2016
- 10. Acceptable Windows 7, 8, 8.1, 10 Current Linux distro (Linux Mint, Ubuntu, etc.) Unsupported Windows Vista Run Away, Run Away Windows XP, ME, 98 Software Environment - OS Allison R. Peirce III - 2016
- 11. Chrome (1a – 1b) FireFox (1a – 1b) Opera IE 11 (support ended for IE 8, 9 and 10 - 1/12/2016) Edge (windows 10) – lightweight but some driver issues Do not use unsupported browsers! Browsers, Browsers, Everywhere Allison R. Peirce III - 2016
- 12. Default Browser – this will not change ‘by itself’ Default Search Provider Privacy and History settings ‘Delete my browser history…….’ Security Settings Extensions, add-ons, BHO’s Maintain currency – check for updates Browser Settings Allison R. Peirce III - 2016
- 13. Personal exercise – map your usage Review your habits Blogging, YouTube posting, eBay and Amazon accounts Social media activity Facebook, Twitter, Instagram (most cameras are GPS enabled and embed data in photo) Private or Incognito browsing does not equal security! Beware clickbait Chrome - Adblock The Internet Allison R. Peirce III - 2016
- 14. Safety video Allison R. Peirce III - 2016
- 15. Disable Guest accounts Change default accounts – ID if possible, password change mandatory Verify software source before download or install Keep patching up to date Validate external storage – disk, DVD/CD, Flash drive Router – use password for network access, different password for router admin account Not necessary to hide SSID of network Safe Practices Allison R. Peirce III - 2016
- 16. Email – spoofing vs hacking (check sent folder on client and host) Use integral spam filters – set high as comfortable If unknown – DO NOT OPEN Use rules for routing/sorting Archive (but don’t go crazy) – use archive to delete Do not click on ‘unsubscribe’ button Do not reply with personal data Email practices - 1 Allison R. Peirce III - 2016
- 17. Attachments Only accept from trusted sources No .zip, .msi, .exe files Office files (.doc/x, .xls/x, .ppt/x) may contain macros – do not enable by default Hover over attachment – view true name Email practices - 2 Allison R. Peirce III - 2016
- 18. Sharing – not recommended on a default basis Bluetooth – turn off or restrict – not secure Webcams – keep under control – external preferred Remote Support – disable and deny any request for this level of access GoTo Meeting – Exercise extreme caution PC Anywhere – NO! (It’s dead, Jim) Additional practices Allison R. Peirce III - 2016
- 19. It’s Tool time Tools you can use (and they’re free) Firewall (ZoneAlarm, windows 10 firewall) Anti-virus Panda, AVG, Avast, ZoneAlarm (FW+AV) Malwarebytes (2nd level support) (not free) System tools Ccleaner, Spybot, Windows Defender More is not better – overhead and conflict can let attackers through Allison R. Peirce III - 2016
- 20. Software – verify source prior to download/install Beware of BHO and ‘companion’ products Watch for excessive permission requests (smartphones) Job search sites Indeed, CareerBuilder, Dice, Monster Valid company career sites General Practices Allison R. Peirce III - 2016
- 21. Personal VPN’s – should you use? Free and paid versions Overhead considerations – YMMV Encryption MS Office, Bit Locker, Axcrypt Research and decide Social Media Watch your posts Control access to your content Last notes Allison R. Peirce III - 2016
- 22. Questions? Allison R. Peirce III - 2016