Computer Security

5,633 views

Published on

Computer Security Awareness Training

Published in: Technology
1 Comment
6 Likes
Statistics
Notes
No Downloads
Views
Total views
5,633
On SlideShare
0
From Embeds
0
Number of Embeds
44
Actions
Shares
0
Downloads
580
Comments
1
Likes
6
Embeds 0
No embeds

No notes for slide
  • Hello; Thank you Overview of computer security and good computing practices. This is kind-of a whirlwind overview, so the handout that you have has additional information and details about any of the things that I will be talking about.
  • Computer Security

    1. 1. Good Computer Security Practices Basic Security Awareness
    2. 2. Overview <ul><li>What is Information and Computer Security? </li></ul><ul><li>“ Top 10 List” of Good Computer Security Practices </li></ul><ul><li>Protecting Restricted Data </li></ul><ul><li>Reporting Security Incidents </li></ul><ul><li>Additional Resources </li></ul>
    3. 3. <ul><li>What is Information and </li></ul><ul><li>Computer Security ? </li></ul>
    4. 4. <ul><li>… the protection of computing systems and the data that they store or access. </li></ul><ul><li>Desktop computers Confidential data </li></ul><ul><li>Laptop computers Restricted data </li></ul><ul><li>Servers Personal information </li></ul><ul><li>Blackberries Archives </li></ul><ul><li>Flash drives Databases </li></ul>
    5. 5. <ul><li>Isn’t this just an IT Problem? </li></ul>Why do I need to learn about computer security? Everyone who uses a computer needs to understand how to keep his or her computer and data secure.
    6. 6. Good security practices follow the “90/10” rule <ul><li>10% of security safeguards are technical </li></ul><ul><li>90% of security safeguards rely on us – the user - to adhere to good computing practices </li></ul>
    7. 7. <ul><li>Embarrassment to yourself and/or the University </li></ul><ul><li>Having to recreate lost data </li></ul><ul><li>Identity theft </li></ul><ul><li>Data corruption or destruction </li></ul><ul><li>Loss of patient, employee, and public trust </li></ul><ul><li>Costly reporting requirements and penalties </li></ul><ul><li>Disciplinary action (up to expulsion or termination) </li></ul><ul><li>Unavailability of vital data </li></ul>What are the consequences of security violations?
    8. 8. <ul><li>“ Top Ten List” </li></ul><ul><li>Good Computer Security Practices </li></ul>
    9. 9. <ul><ul><li>Don’t keep restricted data on portable devices. </li></ul></ul><ul><ul><li>2 . Back-up your data. </li></ul></ul><ul><ul><ul><li>Make backups a regular task, ideally at least once a day. </li></ul></ul></ul><ul><ul><ul><li>Backup data to removable media such as portable hard drives, CDs, DVDs, or a USB memory stick. </li></ul></ul></ul><ul><ul><ul><li>Store backup media safely and separately from the equipment. Remember, your data is valuable… don’t keep your backups in the same physical location as your computer! </li></ul></ul></ul>
    10. 10. Data Backups <ul><li>How effective would you be if your email, word processing documents, excel spreadsheets and contact database were wiped out? </li></ul><ul><li>How many hours would it take to rebuild that information from scratch? </li></ul>
    11. 11. <ul><ul><li>3. Use cryptic passwords that can’t be easily guessed and protect your passwords - don’t write them down and don’t share them! </li></ul></ul>
    12. 12. <ul><li>4. Make sure your computer has anti-virus, anti-spyware and firewall protection as well as all necessary security patches. </li></ul><ul><li>5. Don’t install unknown or unsolicited programs on your computer. </li></ul>“ I’ll just keep finding new ways to break in!”
    13. 13. <ul><li>6 . Practice safe e-mailing </li></ul><ul><li>Don’t open, forward, or reply to suspicious e-mails </li></ul><ul><li>Don’t open e-mail attachments or click on website addresses </li></ul><ul><li>Delete spam </li></ul><ul><li>Use secure e-mail system to send confidential information </li></ul>
    14. 14. <ul><li>You receive an e-mail with an attachment from “IT Security” stating that you need to open the attachment. What should you do? </li></ul><ul><li>a) Follow the instructions </li></ul><ul><li>b) Open the e-mail attachment </li></ul><ul><li>c) Reply and say “take me off this list” </li></ul><ul><li>d) Delete the message </li></ul><ul><li>e) Contact Customer Support </li></ul>
    15. 15. <ul><li>You receive an e-mail with an attachment from “IT Security” stating that you need to open the attachment . What should you do? </li></ul><ul><li>a) Follow the instructions </li></ul><ul><li>b) Open the e-mail attachment </li></ul><ul><li>c) Reply and say “take me off this list” </li></ul><ul><li>d) Delete the message </li></ul><ul><li>e) Contact Customer Support </li></ul><ul><li>d) Delete the e-mail message! </li></ul><ul><li>e) Contact Customer Support for further instructions – but do not open, reply to, or forward any suspicious e-mails! </li></ul>
    16. 16. <ul><li>Your sister sends you an e-mail at school with a screen saver attachment. </li></ul><ul><li>What should you do? </li></ul><ul><li>a) Download it </li></ul><ul><li>b) Forward the message </li></ul><ul><li>c) Call a tech-savvy friend to help install it </li></ul><ul><li>d) Delete the message </li></ul>
    17. 17. <ul><li>Your sister sends you an e-mail at school with a screen saver attachment. </li></ul><ul><li>What should you do? </li></ul><ul><li>a) Download it </li></ul><ul><li>b) Forward the message to a friend </li></ul><ul><li>c) Call a tech-savvy friend to help install it </li></ul><ul><li>d) Delete the message </li></ul><ul><li>d) Delete it! Never put unknown or unsolicited programs or software on your computer. Screen savers may contain viruses. </li></ul>
    18. 18. <ul><li>7. Practice safe Internet use ~ </li></ul><ul><li>Accessing any site on the internet could be tracked back to your name and location. </li></ul><ul><li>Accessing sites with questionable content often results in spam or release of viruses. </li></ul><ul><li>And it bears repeating… </li></ul><ul><li>Don’t download unknown or unsolicited programs! </li></ul>
    19. 19. <ul><li>8. & 9. Physically secure your area and data when unattended ~ </li></ul><ul><ul><li>Secure your files and portable equipment - including memory sticks. </li></ul></ul><ul><ul><li>Secure laptop computers with a lockdown cable. </li></ul></ul><ul><ul><li>Never share your ID badge, access codes, cards, or key devices (e.g. Axiom card) </li></ul></ul>
    20. 20. <ul><li>10. Lock your screen </li></ul><ul><ul><li>For a PC ~ </li></ul></ul><ul><ul><li><ctrl> <alt> <delete> <enter> OR </li></ul></ul><ul><ul><li><  > <L> </li></ul></ul><ul><ul><li>For a Mac ~ </li></ul></ul><ul><ul><li>Configure screensaver with your password Create a shortcut to activate screensaver </li></ul></ul><ul><ul><li>Use a password to start up or wake-up your computer . </li></ul></ul>
    21. 21. <ul><li>Which workstation security safeguards are YOU responsible </li></ul><ul><li>for following and/or protecting? </li></ul><ul><li>a) User ID </li></ul><ul><li>b) Password </li></ul><ul><li>c) Log-off programs </li></ul><ul><li>d) Lock up office or work area (doors, windows) </li></ul><ul><li>e) All of the above </li></ul>
    22. 22. <ul><li>Which workstation security safeguards are YOU responsible </li></ul><ul><li>for following and/or protecting? </li></ul><ul><li>a) User ID </li></ul><ul><li>b) Password </li></ul><ul><li>c) Log-off programs </li></ul><ul><li>d) Lock-up office or work area (doors, windows) </li></ul><ul><li>e) All of the above </li></ul><ul><li>ALL OF THE ABOVE! </li></ul>
    23. 23. <ul><li>The mouse on your computer screen starts to move around on its own and click on things on your desktop. </li></ul><ul><li>What do you do? </li></ul><ul><li>a) Show a faculty member or other students </li></ul><ul><li>b) Unplug network cable </li></ul><ul><li>c) Unplug your mouse </li></ul><ul><li>d) Report the incident to whomever supports your computer </li></ul><ul><li>e) Turn your computer off </li></ul><ul><li>f) Run anti-virus software </li></ul><ul><li>g) All of the above </li></ul>
    24. 24. <ul><li>The mouse on your computer screen starts to move around on its own and click on things on Your desktop. What do you do? </li></ul><ul><li>This is a security incident! </li></ul><ul><li>Immediately report the problem to whomever supports your computer. </li></ul><ul><li>Since it is possible that someone is controlling the computer remotely, it is best if you can unplug the network cable until you can get help. </li></ul>
    25. 25. <ul><li>What can an attacker do to your </li></ul><ul><li>computer? </li></ul><ul><li>a) Hide programs that launch attacks </li></ul><ul><li>b) Generate large volumes of unwanted traffic, slowing down the entire system </li></ul><ul><li>c) Distribute illegal software from your computer </li></ul><ul><li>d) Access restricted information (e.g. identity theft) </li></ul><ul><li>e) Record all of your keystrokes and get your passwords </li></ul>
    26. 26. <ul><li>What can an attacker do to your computer? </li></ul><ul><li>a) Hide programs that launch attacks </li></ul><ul><li>b) Generate large volumes of unwanted traffic, slowing down the entire system </li></ul><ul><li>c) Distribute illegal software from your computer </li></ul><ul><li>d) Access restricted information (e.g. identity theft) </li></ul><ul><li>e) Record all of your keystrokes and get your passwords </li></ul><ul><li>ALL OF THE ABOVE! </li></ul><ul><li>A compromised computer can be used for all kinds of surprising things. </li></ul>
    27. 27. <ul><li>Protecting Restricted Data </li></ul>
    28. 28. <ul><li>Restricted data includes, but is not limited to: </li></ul><ul><ul><li>Name or first initial and last name </li></ul></ul><ul><ul><li>Health or medical information </li></ul></ul><ul><ul><li>Social security numbers </li></ul></ul><ul><ul><li>Ethnicity or gender </li></ul></ul><ul><ul><li>Date of birth </li></ul></ul><ul><ul><li>Financial information (credit card number, bank account number) </li></ul></ul><ul><ul><li>Proprietary data and copyrighted information </li></ul></ul><ul><ul><li>Student records </li></ul></ul><ul><ul><li>Information subject to a non-disclosure agreement </li></ul></ul>
    29. 29. <ul><li>Managing Restricted Data </li></ul><ul><li>Know where this data is stored. </li></ul><ul><li>Destroy restricted data which is no longer needed ~ </li></ul><ul><ul><li>shred or otherwise destroy restricted data before throwing it away </li></ul></ul><ul><ul><li>erase/degauss information before disposing of or re-using drives </li></ul></ul><ul><li>Protect restricted data that you keep ~ </li></ul><ul><ul><li>back-up your data regularly </li></ul></ul>
    30. 30. <ul><li>Reporting Security Incidents </li></ul>

    ×