Staying Safe Online for HR Professionals
•1 like•523 views
Download to read offline
Report
Presented to the Genesee Valley Chapter of the Society for Human Resource Management on June 17, 2015
Recommended
More Related Content
What's hot
What's hot(14)
Viewers also liked
Viewers also liked(6)
Similar to Staying Safe Online for HR Professionals
Similar to Staying Safe Online for HR Professionals(20)
More from Ben Woelk, CISSP, CPTC
More from Ben Woelk, CISSP, CPTC(20)
Recently uploaded
Recently uploaded(20)
Staying Safe Online for HR Professionals
- 2. Introduction
- 3. Awareness is the key Everyone is a target Organized crime funds the attacks
- 4. Threat Landscape— What’s Being Stolen
- 11. Creating and using strong passwords, aka passphrases Length > complexity TIP #1 It was a dark and stormy night becomes ItwasaDark215andStormyNight
- 14. Keep Your Software (and Hardware up to date! TIP #2
- 19. Remember who else is there • Employers • Identity thieves • Online predators TIP #6
- 21. Be wary of others Is this really your friend..? TIP #7
- 23. Guard your personal information Watch out for Facebook applications! TIP #9
- 27. Questions (and maybe some answers) Ben Woelk Ben.woelk@gmail.com Benwoelk.com @benwoelk www.linkedin.com/in/benwoelk/
Editor's Notes
- Hi, I’m Ben Woelk. I’m the Policy and Awareness Analyst in the RIT information Security Office. Part of my role is to build a culture of security awareness. Today we’re going to learn about Shockproofing Your Use of Social Media. In other words, how to stay safe online.
- Does anybody see anything wrong with this picture? Here’s the problem, Everyone is a Target. Identity theft is big business. It’s not done by hackers sitting in their basements. Well maybe some of the people committing identity theft are hackers in their basements, but they’re funded by organized crime.
- Here’s the big problem: You can’t rely on others to protect you. You need to learn to protect yourself. That’s what this presentation is all about—giving you ten tips to stay safe online.
- 2012 Symantec Internet Threat Report You’re vulnerable. What could they want from you? Anoynmizer Identity Theft, Corporate secrets
- 2012 Symantec Internet Threat Report You’re vulnerable. What could they want from you? Anoynmizer Identity Theft, Corporate secrets
- Tip #1: Use a Passphrase. We’ve all heard about passwords. I want you to start using passphrases. Passphrases are long, but easier to remember than a password. Length is more important than complexity. Throw in some numbers and capital letters and the phrase on the screen becomes ItwasaDark215andStormyNight. Easy to remember.
- You may want to use a Password Safe or Vault. Two good ones are Password Gorilla and LastPass, a browser plug in. The vault generates long complex passwords and stores them. You protect your password safe or vault with a long passphrase. When you visit a website, LastPass will supply the password you need to log in.
- Tip # 2: Stay up to date. Attackers exploit vulnerabilities in software. Software vendors release patches to address these vulnerabilities. We all know that we need to keep our operating systems up to date. You also need to keep your applications up to date. Make sure you’ve turned on auto update.
- Tip #3: Use Protection. No, there’s no such thing as an iCondom. However, one of the best ways to protect your computer is to use layers of security. Use anti-virus, a firewall, and anti-spyware. Mac users need antivirus and need to make sure your firewall is enabled. And don’t forget about your mobile devices. They’re starting to become more and more of a target.
- Tip #4: Recognize Phishing and scams. Many of you met Phishy at move in. Phishy is here to help raise our awareness about phishing. It’s pretty basic. Never respond to email requests for your password. (Or over the phone)
- Tip #5: Use Social Networks Safely. Don’t post information about where you live or where you’re going to be on Facebook or Twitter. Yes, it’s rare, but if you have an open profile on Facebook or you’re using FourSquare and tweeting your whereabouts publicly, you’re putting yourself at risk.
- Watch out for phishing on social networking sites. How many of you have a friend whose profile has been compromised because their password was hacked? Have you revealed enough information about yourself that someone could steal your identity? Can they figure out your mother’s maiden name?
- Tip #6: Remember who else is there. Employers will try to find out as much about you as they can online. They may try to access your social media profiles. There was a court case this month, where the court decided that what you post online is not protected. Think before you post about the image you’re portraying.
- Don’t post inappropriate photos. Untag inappropriate photos of you your friends post. Would you hire this guy? People WILL judge you by what you post online. Think before you post! Clean up your profiles now.
- Tip #7: Be wary of others. How do you know the person claiming to be 19 years old isn’t a 40 something who’s masquerading as someone else? How do you know he or she isn’t a wolf in sheep’s clothing? Be careful.
- Tip #8: Search for your name. Set up a Google Alert in Google Dashboard to let you know every day how your name is appearing online. You can set up a search for anything. So if there’s something you want to track online, set up the alert.
- Tip #9: Guard your personal information. Wouldn’t you like to have a guard dog like this protecting your information? Hmm. Maybe not. Protecting your personal information hasn’t been a big deal for you so far. It will be as you develop a credit history.
- Tip #10: Don’t assume privacy. In fact, assume that anything you post online is going to stay private. Think before you post about how information can be used. Do you want Facebook or anyone else tracking everything you do?
- PSI—Personal Software Inspector