Information Security & Data Security about the internet, daily life usages. The behavior of employees and contractors with access to data affects information systems and assets. The human factor (what employees do or don’t do) is the biggest threat to information systems and assets.
3. Importance of Security Awareness
The behavior of employees and contractors
with access to data affects information
systems and assets.
The human factor (what employees do or
don’t do) is the biggest threat to information
systems and assets.
3
Chandan Singh Ghodela
4. Importance of Security Awareness
Chandan Singh Ghodela 4
“As we tackle #COVID19, many children’s worlds
have shrunk to just their screens. This leaves them
vulnerable to online sexual exploitation, grooming,
violence and bullying.”
5. Importance of Security Awareness
Chandan Singh Ghodela 5
Talk About Internet Safety
Set-Up Parental Controls
Teach Kids About Online Abuse and Boundaries
Nothing is Private
Learn About Ads, Influencers & Sponsorships
Know That Scammers Are Smart, Too
Social Media Unknown Friend
Keep Your Privacy Settings On
Make Sure Your Internet Connection is Secure. Use a Secure VPN Connection
Be Careful What You Download
Make Online Purchases From Secure Sites
Choose Strong Passwords
6. Use Strong Password
• Use unique passwords for all of your
accounts.
• Lengthy
• At least 12, more is better
• Complex
• Mix upper, lower, numbers and
symbols
• Do not use common or predictable
passwords
• Change password periodically (90 days)
• Keep your password secret.
Chandan Singh Ghodela 6
7. Password Protection Standard
• Don’t reveal a password over the phone
to anyone.
• Don’t reveal a password in an mail
message.
• Don’t reveal a password to the boss.
• Don’t talk about a password in front of
others.
• Don’t hint at the format of a password.
• Don’t reveal a password on
questionnaires on security forms.
• Don’t use the “Remember Password”
feature of applications.
• Don’t write passwords down and store
them anywhere in your office.
• Don’t store password in a file on ANY
computer system unencrypted.
Chandan Singh Ghodela 7
8. How to Securely Share a Password with Someone
• Safenote.co
Chandan Singh Ghodela 8
9. Safe Web Browsing
• Before logging into or entering sensitive
information into a website, look for the
security padlock symbol in the URL bar.
• Double clicking the icon will display the
certificate information for the page you
are viewing to guarantee that you’re as a
safe, security website.
• The “https” is another indication that the
page you are viewing is secure.
• Pay attention to the web address – if it
has changed or doesn’t seem right it may
be a fraudulent site.
Chandan Singh Ghodela 9
11. Safe Web Browsing
• How to safely close Scareware Popups
• Hold the Alt+F4 key
• Note: Never click on any of these buttons.
Chandan Singh Ghodela 11
12. Email Security Best Practices
• Don’t use your personal email account
for work purposes.
• Use two-tier authentication.
• Watch our for phishing emails.
• Never open unexpected attachments
without scanning.
• Never access emails from public Wi-Fi.
• Do not open attachment is unfamiliar
emails.
• Do not click on suspicious links.
• Use secure email encryption whenever
sending any restricted or sensitive
information.
Chandan Singh Ghodela 12
13. Mobile Devices
• Protect your devices with a password/PIN
(6 Digit recommended minimum)
• Device encryption, Remote wipe, GPS
Location, physical security
• Do not download apps from unknown
sources.
• Read what others are saying about the
app in the review section.
• Avoid using public Wi-Fi hotspots,
especially when access any password-
protected sites or where you will enter
any personal or confidential information.
Chandan Singh Ghodela 13
14. Malware
• Malware is a malicious software that gets
installed in your device and performs
unwanted tasks.
• Mainly designed to transmit information
about your web browsing habits to the
third party.
Chandan Singh Ghodela 14
15. Crypto Ransomware
• ‘Ransomware’ is a type of malware that
attempts to extort money from a
computer user by infecting and taking
control of the victim’s machine, or the
files or documents stored on it.
• Typically, the ransomware will either ‘lock’
the computer to prevent normal usage,
or encrypt the documents and files on it
to prevent access to the saved data.
Chandan Singh Ghodela 15
16. How to Criminals install Ransomware
• Ransomware generates a pop-up windows, webpage, or email warning from what looks
like an official authority.
• Ransomware is usually installed when you open
• A malicious email attachment.
• Click a malicious link in
• An email message
• An instant message
• On social networking site
• Ransomware can even be installed when you visit a malicious website.
Chandan Singh Ghodela 16
17. How to Prevent Ransomware
• Do not pay the ransom. It only encourages and funds these attackers. Even if the ransom is
paid, there is no guarantee that you will be able to regain access to your files.
• Keep all of the software on your computer up to date.
• Make sure automatic updating is turned on to get all the latest update and browser-
related components.
• Keep your firewall turned on.
• Don’t open spam email message or click links on suspicious websites.
(Cryptolocker spreads via .zip files sent as email attachments, for example)
• Always have a good backup system in place, just in case your PC does become infected
and you can’t recover your files.
Chandan Singh Ghodela 17
18. How to Prevent Ransomware
• Restore any impacted files from a known good backup. Restoration of your files from a
backup is the fastest way to regain access to your data.
• Be sure to contact your IT department if you or your coworkers receive suspicious calls.
• If traveling, alert your IT department beforehand, especially if you’re going to be using
public wireless Internet. Make sure you use a trustworthy Virtual Private Network (VPN) when
accessing public Wi-Fi like Norton Secure VPN.
Chandan Singh Ghodela 18
19. VPN (Virtual Private Network)
• A VPN is a type of private network that uses public telecommunication, such as the
internet, instead of leased lines to communicate.
• It enables a computer or network-enabled device to send an receive data across shared
or public networks as if it were directly connected to the private network, while benefiting
from the functionality, security ana management policies of the private network.
Chandan Singh Ghodela 19
20. 7 Security Tips
• Follow a clean desk policy
• Be aware when creating or disposing
paper documents.
• Consider carefully what information you
put out there.
• Prevent unauthorized people accessing
your company.
• Just because they know you, doesn’t
mean you know them!
• Phishing scams: Don’t bite.
• Prevent damage from malware.
Chandan Singh Ghodela 20
22. Social networking sites
A social networking service is an online platform that is used by people to build social
networks or social relations with other people who share similar personal or career interests,
activities, backgrounds or real-life connections.
Social Networking Sites are the most appalling spying machine that has ever been
invented
Chandan Singh Ghodela 22
23. Privacy Breaches Causes
• Weak Credentials
• Stolen Credentials
• Compromised Assets
• Payment Card Fraud
• Third Party Access
• Mobile Devices
Chandan Singh Ghodela 23