SlideShare a Scribd company logo

Information Security & Compliance Course Updates

I
imc-isec-comp

Hiroshima University Information Security & Compliance 2018

Education
1 of 47
Download to read offline
Information Security & Compliance Follow-up Course2018
Introduction 2 Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors Improving your knowledge of information security
Differences between the 2018 and 2017 version 3 • Why should we disconnect from the network? • The route of virus infection. • Damage from unauthorized apps. • Use a password management tool • Use the Cloud for data storage and sharing • This type of case is an incident. Newly added pages contain this mark Pages displaying updated content contain this mark. UPDATE
4 1 Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
Risks of phishing scams 5 The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
How to identify suspicious emails: Point 6 This is a real email which we have received. http://sprechmanlaw.com/eng.html URL is suspicious. “http” instead of “https” Email address is suspicious. Strange domain UPDATE
Check the URL in the email before clicking. 7 Virus infections are increasing with clicking on the links within emails. Check whether the URL is safe before clicking. / Since it is possible that your account information has been hacked, click this link to change your password. / / / - /- / . ./ ./ / -
Example of clever phishing site 8 Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. It’s difficult to tell if a site is fake!
Countermeasures and Behaviors against phishing scams 9 Check whether your devices are not used by unknown third party. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
Risks of virus infections 10 The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? All the files on the infected PCs are encrypted to make them unusable. à The perpetrator requires a "ransom" to repair your files. Files are encrypted, so they cannot be used!
Examples of ransomware 11 Infection screen of “CryptoLocker” Infection screen of “CYBER POLICE” If your smartphone is infected, you will not be able to boot it. Online banking information was also stolen!
If your PC is infected by viruses 12 • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. • Report the incident to the University. restore Make regular backups in case this ever happens! UPDATE
Why should you disconnect the PC from the network? 13 If you leave a virus-infected PC connected to the network • The PC will download a backdoor tool. • The PC sends information in it to the perpetrator. • The PC is remotely controlled. • The infection may spread to all accessible surrounding PCs.
Virus infection routes 14 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs Forgetting updates • . . • . . UPDATE
Countermeasures and Behaviors against virus infections 15 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
Official sites contain unauthorized apps 16 • Unauthorized apps may be registered on official sites. • Check for unnecessary features. • Confirm your rights to access the apps. , , Delete the apps that request inappropriate rights. , , ,
Check the app before installation. 17 Search the Web and read reviews before installing the app to verify its authenticity. Search the app by its name and look for blogs about it. . . . the name of app unlawful apps 2018 . .
Check whether the app is being used correctly 18 Spoofing user accounts are increasing. Check the service usage history and settings regularly. For example, in the case wherein Twitter is used, the Web browser settings can be checked.
Damage caused by unauthorized access to devices such as PCs, smartphones, and tablets. 19 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites The perpetrator accesses the electronic devices unlawfully. Viewing, modifying, and deleting files Viewing, modifying, and deleting emails UPDATE
Things that increase the risk of unauthorized access 20 Continuing to use old versions of OS and applications Using easy- to-guess passwords Repeatedly using the same password Connecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts activeLetting someone else use your smartphone Not checking the usage status of your services UPDATE PCs containing unlawful apps are included to avoid a license check
Countermeasures and Behaviors against unauthorized access 21 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
22 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
Antivirus software 23 New computer viruses are discovered every day. Set your antivirus software to update automatically! It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
Updating software 24 • Set the “automatic updates” option! • Update your OS as well as your applications! Always use the latest version!
Strong passwords 25 The common password for your HIRODAI ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string It is dangerous to repeatedly use the same password!
Use the Cloud for data storage. 26 Cloud file storage services OneDrive for Business You can view and edit data anywhere.
Regular backups 27 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
Knowing the latest threats and attack methods 28 Make the effort to keep informed about the latest security threats. http://www.ipa.go.jp/security/kokokara/study/international.html
29 3. Additional good behaviors • Use a password management tool. • Use the Cloud to share data. • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
Use a password management tool 30 • Password management tool (password manager) : Saving passwords to a management tool, you can use them from a PC or a smartphone. – passwords for Web servies – passwords for encrypting/dencrypting files, etc. • Important: – Create a backup of the management tool database. – Take care to avoid any information leaks! • A variety of management tools are available. – Free KeePass Password Safe (Win), Keychain access(Mac – Charged 1Password, LastPass, etc. Be sure to remember the master password
Use Cloud services for sharing data 31 Virus infections caused by opening a file attachment are increasingly. When exchanging files, you may place the file in the Cloud service and send the link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20180401ver1.docx
Image of the sharing 32 Only send and share information via email do not attach files File temporary storage and sharing services ownCloud https://share.hiroshima-u.ac.jp/ Location of data View data Download
How to use the “ownCloud” 33 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
Use multi-factor authentication 34 To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in…
Share information with people you know 35 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
Take care to avoid information leaks when using SNS 36 • If you post pictures and messages including the location of your home or office, your private information may be leaked to all over the world. • Be careful of the environment when you post pictures! It may contain confidential information about your workplace or your part-time job employer When using social media, take care not to post inappropriate content or leak sensitive information! UPDATE
Take care to avoid loss or theft of PCs or smartphone 37 • Do not pass or lend the phone to others. – There are cases of it being stolen and a remote management tool being installed. • Back up and initialize old smartphones when changing model. Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended ! Let's encrypt UPDATE
Use safe communication routes. 38 Using public Wi-Fi networks puts you at risk of unauthorized access! Do not exchange sensitive information on there. Free Wi-Fi When connecting from outside, use encryption such as a VPN. https://www.media.hiroshima- u.ac.jp/services/hinet/vpngw Image of VPN You can connect to a VPN using an app. UPDATE hotel Wi-Fi too!
The use of File Sharing Software is prohibited. 39 It is prohibited at Hiroshima University to use of file sharing software sharing files with many and unspecified people! . . l l l l l l l l . UPDATE
Sending SPAM mails from PC Unauthorized access Information leakage Virus infections Symptoms that indicate a security incident 40 I lost my USB memory device containing personal information. My smartphone was stolen. My PC was infected with a virus. There was unauthorized entry into the Server. UPDATE
Promptly reporting security incidents 41 This handy card lists emergency contacts and precautions. The cards are distributed by the Media Center. Carry one with you, together with your student/staff ID! Knowing emergency contacts at all times is a useful security measure .
Counter measures and behaviors 42 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 counter measures 5 behaviors
5 countermeasures 43 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
5 behaviors 44 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check whether your devices are not used by unknown third party. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
Conclusion 45 We are at the end of this online workshop. After this, you must take a verification test. 16 correct answers out of 20 questions is a pass. If you pass the verification test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year
Reference documents and materials 46 • “Top 10 Threats to Information Security 2018,” IPA https://www.ipa.go.jp/security/vuln/10threats2018.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/
47 Issued in April, 2018 Information Media Center, Hiroshima University Attribution 4.0 International

Recommended

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019imc-isec-comp
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalResham Acharya
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger Abhishek Hirapara
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101Travis Good
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02mark scott
 
Understanding SaaS Concepts
Understanding SaaS ConceptsUnderstanding SaaS Concepts
Understanding SaaS Conceptsguest0e7119
 
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesWar on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesDataWorks Summit/Hadoop Summit
 

Recommended

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019imc-isec-comp
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalResham Acharya
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger Abhishek Hirapara
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101Travis Good
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02ITNet
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02mark scott
 
Understanding SaaS Concepts
Understanding SaaS ConceptsUnderstanding SaaS Concepts
Understanding SaaS Conceptsguest0e7119
 
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesWar on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesDataWorks Summit/Hadoop Summit
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreWilliam Mann
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackrohit2495
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying EyesEllie Sherven
 
Cyber modified
Cyber modifiedCyber modified
Cyber modifiedvjom
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc SecurityMallTake
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for StartupsSymosis Security (Previously C-Level Security)
 
Internet safety
Internet safetyInternet safety
Internet safetyjonathancallcott-efc
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHabFg
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of securityCourion Corporation
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareMavrickHost - Reliable Hosting Partner
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
Guide to pc_security
Guide to pc_securityGuide to pc_security
Guide to pc_securityFlora Runyenje
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017CheapSSLsecurity
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017imc-isec-comp
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Symptai Consulting Limited
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 

More Related Content

What's hot

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreWilliam Mann
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackrohit2495
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying EyesEllie Sherven
 
Cyber modified
Cyber modifiedCyber modified
Cyber modifiedvjom
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustrySeqrite
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc SecurityMallTake
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHabFg
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017CheapSSLsecurity
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 

What's hot (18)

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & More
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying Eyes
 
Cyber modified
Cyber modifiedCyber modified
Cyber modified
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail Industry
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc Security
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
 
Internet safety
Internet safetyInternet safety
Internet safety
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, Virus
 
Data breach
Data breachData breach
Data breach
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
 
Guide to pc_security
Guide to pc_securityGuide to pc_security
Guide to pc_security
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 

Similar to Information Security & Compliance Course Updates

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017imc-isec-comp
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Symptai Consulting Limited
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsCyberhunter Cyber Security
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety Sadaf Walliyani
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businessesB2BPlanner Ltd.
 
Back to school - CYBER SAFETY
Back to school - CYBER SAFETYBack to school - CYBER SAFETY
Back to school - CYBER SAFETYSairam
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
cyber safety.pdf
cyber safety.pdfcyber safety.pdf
cyber safety.pdfMILANOP1
 
Why is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldWhy is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldExpeed Software
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial PlannersMichael O'Phelan
 
Class 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crimeClass 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crimeNithilan1
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training OpenFred Beck MBA, CPA
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2NetLockSmith
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 

Similar to Information Security & Compliance Course Updates (20)

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy Basics
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
 
Back to school - CYBER SAFETY
Back to school - CYBER SAFETYBack to school - CYBER SAFETY
Back to school - CYBER SAFETY
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
 
cyber safety.pdf
cyber safety.pdfcyber safety.pdf
cyber safety.pdf
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Why is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldWhy is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital World
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Class 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crimeClass 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crime
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tips
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 

More from imc-isec-comp

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018imc-isec-comp
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017imc-isec-comp
 

More from imc-isec-comp (8)

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017
 

Recently uploaded

BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfakmcokerachita
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 

Recently uploaded (20)

9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR9953330565 Low Rate Call Girls In Rohini Delhi NCR
9953330565 Low Rate Call Girls In Rohini Delhi NCR
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Class 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdfClass 11 Legal Studies Ch-1 Concept of State .pdf
Class 11 Legal Studies Ch-1 Concept of State .pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Tilak Nagar Delhi reach out to us at 🔝9953056974🔝
 

Information Security & Compliance Course Updates

  • 1. Information Security & Compliance Follow-up Course2018
  • 2. Introduction 2 Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors Improving your knowledge of information security
  • 3. Differences between the 2018 and 2017 version 3 • Why should we disconnect from the network? • The route of virus infection. • Damage from unauthorized apps. • Use a password management tool • Use the Cloud for data storage and sharing • This type of case is an incident. Newly added pages contain this mark Pages displaying updated content contain this mark. UPDATE
  • 4. 4 1 Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
  • 5. Risks of phishing scams 5 The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
  • 6. How to identify suspicious emails: Point 6 This is a real email which we have received. http://sprechmanlaw.com/eng.html URL is suspicious. “http” instead of “https” Email address is suspicious. Strange domain UPDATE
  • 7. Check the URL in the email before clicking. 7 Virus infections are increasing with clicking on the links within emails. Check whether the URL is safe before clicking. / Since it is possible that your account information has been hacked, click this link to change your password. / / / - /- / . ./ ./ / -
  • 8. Example of clever phishing site 8 Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. It’s difficult to tell if a site is fake!
  • 9. Countermeasures and Behaviors against phishing scams 9 Check whether your devices are not used by unknown third party. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
  • 10. Risks of virus infections 10 The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? All the files on the infected PCs are encrypted to make them unusable. à The perpetrator requires a "ransom" to repair your files. Files are encrypted, so they cannot be used!
  • 11. Examples of ransomware 11 Infection screen of “CryptoLocker” Infection screen of “CYBER POLICE” If your smartphone is infected, you will not be able to boot it. Online banking information was also stolen!
  • 12. If your PC is infected by viruses 12 • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. • Report the incident to the University. restore Make regular backups in case this ever happens! UPDATE
  • 13. Why should you disconnect the PC from the network? 13 If you leave a virus-infected PC connected to the network • The PC will download a backdoor tool. • The PC sends information in it to the perpetrator. • The PC is remotely controlled. • The infection may spread to all accessible surrounding PCs.
  • 14. Virus infection routes 14 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs Forgetting updates • . . • . . UPDATE
  • 15. Countermeasures and Behaviors against virus infections 15 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
  • 16. Official sites contain unauthorized apps 16 • Unauthorized apps may be registered on official sites. • Check for unnecessary features. • Confirm your rights to access the apps. , , Delete the apps that request inappropriate rights. , , ,
  • 17. Check the app before installation. 17 Search the Web and read reviews before installing the app to verify its authenticity. Search the app by its name and look for blogs about it. . . . the name of app unlawful apps 2018 . .
  • 18. Check whether the app is being used correctly 18 Spoofing user accounts are increasing. Check the service usage history and settings regularly. For example, in the case wherein Twitter is used, the Web browser settings can be checked.
  • 19. Damage caused by unauthorized access to devices such as PCs, smartphones, and tablets. 19 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites The perpetrator accesses the electronic devices unlawfully. Viewing, modifying, and deleting files Viewing, modifying, and deleting emails UPDATE
  • 20. Things that increase the risk of unauthorized access 20 Continuing to use old versions of OS and applications Using easy- to-guess passwords Repeatedly using the same password Connecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts activeLetting someone else use your smartphone Not checking the usage status of your services UPDATE PCs containing unlawful apps are included to avoid a license check
  • 21. Countermeasures and Behaviors against unauthorized access 21 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
  • 22. 22 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
  • 23. Antivirus software 23 New computer viruses are discovered every day. Set your antivirus software to update automatically! It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
  • 24. Updating software 24 • Set the “automatic updates” option! • Update your OS as well as your applications! Always use the latest version!
  • 25. Strong passwords 25 The common password for your HIRODAI ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string It is dangerous to repeatedly use the same password!
  • 26. Use the Cloud for data storage. 26 Cloud file storage services OneDrive for Business You can view and edit data anywhere.
  • 27. Regular backups 27 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
  • 28. Knowing the latest threats and attack methods 28 Make the effort to keep informed about the latest security threats. http://www.ipa.go.jp/security/kokokara/study/international.html
  • 29. 29 3. Additional good behaviors • Use a password management tool. • Use the Cloud to share data. • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
  • 30. Use a password management tool 30 • Password management tool (password manager) : Saving passwords to a management tool, you can use them from a PC or a smartphone. – passwords for Web servies – passwords for encrypting/dencrypting files, etc. • Important: – Create a backup of the management tool database. – Take care to avoid any information leaks! • A variety of management tools are available. – Free KeePass Password Safe (Win), Keychain access(Mac – Charged 1Password, LastPass, etc. Be sure to remember the master password
  • 31. Use Cloud services for sharing data 31 Virus infections caused by opening a file attachment are increasingly. When exchanging files, you may place the file in the Cloud service and send the link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20180401ver1.docx
  • 32. Image of the sharing 32 Only send and share information via email do not attach files File temporary storage and sharing services ownCloud https://share.hiroshima-u.ac.jp/ Location of data View data Download
  • 33. How to use the “ownCloud” 33 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
  • 34. Use multi-factor authentication 34 To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in…
  • 35. Share information with people you know 35 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
  • 36. Take care to avoid information leaks when using SNS 36 • If you post pictures and messages including the location of your home or office, your private information may be leaked to all over the world. • Be careful of the environment when you post pictures! It may contain confidential information about your workplace or your part-time job employer When using social media, take care not to post inappropriate content or leak sensitive information! UPDATE
  • 37. Take care to avoid loss or theft of PCs or smartphone 37 • Do not pass or lend the phone to others. – There are cases of it being stolen and a remote management tool being installed. • Back up and initialize old smartphones when changing model. Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended ! Let's encrypt UPDATE
  • 38. Use safe communication routes. 38 Using public Wi-Fi networks puts you at risk of unauthorized access! Do not exchange sensitive information on there. Free Wi-Fi When connecting from outside, use encryption such as a VPN. https://www.media.hiroshima- u.ac.jp/services/hinet/vpngw Image of VPN You can connect to a VPN using an app. UPDATE hotel Wi-Fi too!
  • 39. The use of File Sharing Software is prohibited. 39 It is prohibited at Hiroshima University to use of file sharing software sharing files with many and unspecified people! . . l l l l l l l l . UPDATE
  • 40. Sending SPAM mails from PC Unauthorized access Information leakage Virus infections Symptoms that indicate a security incident 40 I lost my USB memory device containing personal information. My smartphone was stolen. My PC was infected with a virus. There was unauthorized entry into the Server. UPDATE
  • 41. Promptly reporting security incidents 41 This handy card lists emergency contacts and precautions. The cards are distributed by the Media Center. Carry one with you, together with your student/staff ID! Knowing emergency contacts at all times is a useful security measure .
  • 42. Counter measures and behaviors 42 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 counter measures 5 behaviors
  • 43. 5 countermeasures 43 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
  • 44. 5 behaviors 44 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check whether your devices are not used by unknown third party. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
  • 45. Conclusion 45 We are at the end of this online workshop. After this, you must take a verification test. 16 correct answers out of 20 questions is a pass. If you pass the verification test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year
  • 46. Reference documents and materials 46 • “Top 10 Threats to Information Security 2018,” IPA https://www.ipa.go.jp/security/vuln/10threats2018.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/
  • 47. 47 Issued in April, 2018 Information Media Center, Hiroshima University Attribution 4.0 International