SlideShare a Scribd company logo

Secure End User

Download as PPTX, PDF
Muhammad Salahuddien
Muhammad Salahuddien

How to make a secure end-user environment and activity within the organization, to prevent a cyber attack

Technology
1 of 14
SECURE END USER EMPOWERING THE LEAST SECURITY POINT
EVENT PREPAREDNESS
SHIT ONLY HAPPENS TO OTHER PEOPLE • No hackers limit their operation just to the secret or crucial information. Certain data which the general user does not consider to be that crucial might catch the eye of a hacker. • It is essential that every individual considers their device to have crucial data and keep it secure. • Security: Protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology. • According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  IM Clients  Web Applications  Excessive User Rights
PASSWORD MANAGEMENT • Even though longer passwords are a bit difficult to remember, their complexity and length make the task of cracking these passwords a lot difficult. As it is known to all, hacking the password of any account gives the hacker complete control over the account. There are a few guidelines related to setting up passwords which we are going to discuss. It is always considered safe to have a password of length varying between 15 and 20 characters. It is advisable that the password must contain a unique alphanumeric combination of upper case and lower-case letters along with special characters. It is advisable that no two accounts over the Internet should have same or even similar passwords. It is also a wise practice to change the passwords of all the accounts including the ones of the personal devices periodically and take care that the passwords are not repeated. • Combination of Something You Know or Something You Have with Something You Are.
ALWAYS LOCKED YOUR DEVICES • Leaving your mobile device or computer unattended is yet another common mistake which most end users end up committing unintentionally. Whether you are at a friend’s place or a cafe, whether you need to attend an important call, or you need to go to the washroom quick, the first thing you need to do before leaving your device is locking it. Failing to do so, you not just keep your device and all the accounts being accessed through it vulnerable to foreign access but also render the efforts taken by yourself in setting up the password as useless.
EMPLOY SECURE / PRIVATE NETWORK • Avoid doing crucial transactions over a public network. Any network other than your home or work network is an insecure network. Even though the data over your device is encrypted, it is not necessary that the connected network transfers the data in an encrypted format. Moreover, there is a constant risk that the public network you connect with may be tapped thereby proving a risk to the data being exchanged over the network. Before using any connection other than trusted networks, always make sure that you secure the connection using appropriate VPN settings.
ACCESS THE INTERNET CAUTIOUSLY • Always be aware of identity theft. Not always will hacker approach you or your system to get crucial data from you. Many times, it is just your personal information which they are interested in. This information then comes in handy while creating alias accounts and identities which are then utilized for hacking. Apart from identity theft, yet another thing which is sought after and can be stolen without your notice is the IP address of your web devices. This cannot just be used to track your location but can also be used as an alternate device ID when the hackers invade other crucial systems. The major part of the solution set to this problem includes steering clear from websites and pop-ups which demand your personal information. Beware of malicious Online Survey, Quizzes, Fun Games e.g. match couple, etc. collecting your Personal Identifiable Data/Information (PID/I) and credentials. Also, avoid clicking links to the phishing websites which can be identified by their general randomness. • Identity theft, not just limited to the Internet. The end users must also be aware of the unexpected and unknown phone calls relating themselves to different lotteries and contests and thereby gather crucial personal information from you.
NO PIRATES AND CRACKED SOFTWARE • Avoid usage of pirated and cracked software and/or others Potentially Unwanted Application (PUA). Although these software’s are meant to be used unrestricted without the need to purchase the software from the manufacturer, they come with their own set of issues. No hacker would develop a crack for any software unless there is any hidden intention and gain behind it. The cracked versions of software’s do contain some malware in them and this malware may either affect the performance of your device or even leak out crucial device information such as your IP address. The malware also possesses a risk of affecting the system files of your device thereby corrupting your device data. Moreover, using a pirated software for professional purposes also poses a risk of legal actions over your firm and thereby cost you much higher than the software license itself.
EMPLOY END POINT SECURITY • An End point Security Agent including cloud based antivirus and antimalware gives you optimum protection against potential malware, ransomware and bugs. Even though antivirus programs claim they provide optimum malware protection, it is imperative to keep the virus database regularly updated for it to function efficiently. Just like other paid software’s, there are cracked versions of antivirus as well. As discussed earlier in the article, you must steer clear from such free wares. Always remember to not click on the pop-ups claiming a virus attack on your PC while browsing. That is not how your antivirus program operates, and such click pages are certain links to phishing websites.
KEEP UPDATED INCLUDING SECURITY • Updating antivirus database is not just the key to a healthy system. It is essential to keep the operating system as well as the third-party software’s well updated. The system and software updates not just contain performance optimizations but also a few security related updates which not just protect the software but also the user data related to the application as well as related antivirus patches. • Beware of Zero Day vulnerability and social engineering exploitation.
KEEP PERIMETER SECURITY ACTIVE • Every computer is protected by a firewall. This firewall controls the flow of data over any network. It is the preliminary protection offered by any operating system. Though firewall is the most secure feature in data protection is used, it is a bit cumbersome process to use a firewall. Many times, a few applications are denied access through the firewall, and hence, it cannot be used all time. With the development in the field of information and technology, many loopholes in the firewall have developed. Hence, these days third-party firewalls provided mainly by the antivirus developing companies are used. The firewalls not only provide optimum data transfer security but also give the users a high level of customization for ease of use.
MULTIPLE BACKUP AND AWAY STORAGE • Even though your device has an antivirus, is password protected, is connected to a secure data connection or protected by a firewall, it is always a wise move to keep your critical device data secure. The best practice to secure sensitive data is to securely remove the data from the device and store it over a protected external storage device. It is advisable that the storage device is not just password protected but is also protected by encryption layers. Along with encryption of external storage, it is also advisable to encrypt the device data and make sure it is duly encrypted during transfer. • Do backup 3 times with different external media and keep it safe at several places. • Backup cost is always cheaper than recovery cost. • Do highest secure wiping procedures for disposal.
REFERENCES • Ten Crucial End User Security TIPS • Cybersecurity Primer – The Information Security Awareness (PPTX)
THANK YOU! • CSIRT.ID • Indonesia Cyber Security Independent Resilience Team • Sudirman Tower, 19th Floor, Jl. Jenderal Sudirman Kav. 60 • Jakarta Selatan, DKI Jakarta 12830 14 16-Sep-22 CSIRT.ID

Recommended

It security,malware,phishing,information theft
It security,malware,phishing,information theftIt security,malware,phishing,information theft
It security,malware,phishing,information theftDeepak John
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
3 steps security
3 steps security3 steps security
3 steps securitybrightfire-slides
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guideNguyen Xuan Quang
 
Cyber pledge infoMagnum
Cyber pledge infoMagnumCyber pledge infoMagnum
Cyber pledge infoMagnumARUN REDDY M
 
Digital Security and Hygiene.pptx
Digital Security and Hygiene.pptxDigital Security and Hygiene.pptx
Digital Security and Hygiene.pptxUltimate Multimedia Consult
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityAdeel Younas
 

Recommended

It security,malware,phishing,information theft
It security,malware,phishing,information theftIt security,malware,phishing,information theft
It security,malware,phishing,information theftDeepak John
 
Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02Onlinesecurityrecomendations2014 141230081030-conversion-gate02
Onlinesecurityrecomendations2014 141230081030-conversion-gate02amiinaaa
 
3 steps security
3 steps security3 steps security
3 steps securitybrightfire-slides
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationPriyanka Aash
 
Document safer online for nonprofits guide
Document safer online for nonprofits guideDocument safer online for nonprofits guide
Document safer online for nonprofits guideNguyen Xuan Quang
 
Cyber pledge infoMagnum
Cyber pledge infoMagnumCyber pledge infoMagnum
Cyber pledge infoMagnumARUN REDDY M
 
Digital Security and Hygiene.pptx
Digital Security and Hygiene.pptxDigital Security and Hygiene.pptx
Digital Security and Hygiene.pptxUltimate Multimedia Consult
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityAdeel Younas
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Executive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfExecutive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfTechSoup
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
How to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudHow to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudNordic Backup
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppWeSecureApp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of securityCourion Corporation
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityTechvera
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Presentation 10.pptx
Presentation 10.pptxPresentation 10.pptx
Presentation 10.pptxmishogelashvili28
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4leahg118
 
10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber SecurityThrottleNet, Inc
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
spyware
spyware spyware
spyware maaza mohammed
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 

More Related Content

Similar to Secure End User

Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Executive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfExecutive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfTechSoup
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
How to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudHow to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudNordic Backup
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppWeSecureApp
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityTechvera
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness TrainingRandy Bowman
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4leahg118
 
10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber SecurityThrottleNet, Inc
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101mateenzero
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesAugmentedWorldExpo
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptxCharithraaAR
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 

Similar to Secure End User (20)

Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Executive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdfExecutive Directors Chat:It's easy to stay safe online.pdf
Executive Directors Chat:It's easy to stay safe online.pdf
 
Internet security
Internet securityInternet security
Internet security
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
How to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the CloudHow to Bulletproof Your Data Defenses Locally & In the Cloud
How to Bulletproof Your Data Defenses Locally & In the Cloud
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
 
The 10 Commandments of Computer Security
The 10 Commandments of Computer SecurityThe 10 Commandments of Computer Security
The 10 Commandments of Computer Security
 
Information Security Awareness Training
Information Security Awareness TrainingInformation Security Awareness Training
Information Security Awareness Training
 
Presentation 10.pptx
Presentation 10.pptxPresentation 10.pptx
Presentation 10.pptx
 
Stackfield Cloud Security 101
Stackfield Cloud Security 101Stackfield Cloud Security 101
Stackfield Cloud Security 101
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 
10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security10 Tips for Improving Small Business Cyber Security
10 Tips for Improving Small Business Cyber Security
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart GlassesPete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
Pete Wassell (Augmate Corportation) Security in the Enterprise Smart Glasses
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
 
spyware
spyware spyware
spyware
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 

Secure End User

  • 1. SECURE END USER EMPOWERING THE LEAST SECURITY POINT
  • 3. SHIT ONLY HAPPENS TO OTHER PEOPLE • No hackers limit their operation just to the secret or crucial information. Certain data which the general user does not consider to be that crucial might catch the eye of a hacker. • It is essential that every individual considers their device to have crucial data and keep it secure. • Security: Protect our computers and data in the same way that we secure the doors to our homes. • Safety: We must behave in ways that protect us against risks and threats that come with technology. • According to the SANS Institute, the top vectors for vulnerabilities available to a cyber criminal are:  Web Browser  IM Clients  Web Applications  Excessive User Rights
  • 4. PASSWORD MANAGEMENT • Even though longer passwords are a bit difficult to remember, their complexity and length make the task of cracking these passwords a lot difficult. As it is known to all, hacking the password of any account gives the hacker complete control over the account. There are a few guidelines related to setting up passwords which we are going to discuss. It is always considered safe to have a password of length varying between 15 and 20 characters. It is advisable that the password must contain a unique alphanumeric combination of upper case and lower-case letters along with special characters. It is advisable that no two accounts over the Internet should have same or even similar passwords. It is also a wise practice to change the passwords of all the accounts including the ones of the personal devices periodically and take care that the passwords are not repeated. • Combination of Something You Know or Something You Have with Something You Are.
  • 5. ALWAYS LOCKED YOUR DEVICES • Leaving your mobile device or computer unattended is yet another common mistake which most end users end up committing unintentionally. Whether you are at a friend’s place or a cafe, whether you need to attend an important call, or you need to go to the washroom quick, the first thing you need to do before leaving your device is locking it. Failing to do so, you not just keep your device and all the accounts being accessed through it vulnerable to foreign access but also render the efforts taken by yourself in setting up the password as useless.
  • 6. EMPLOY SECURE / PRIVATE NETWORK • Avoid doing crucial transactions over a public network. Any network other than your home or work network is an insecure network. Even though the data over your device is encrypted, it is not necessary that the connected network transfers the data in an encrypted format. Moreover, there is a constant risk that the public network you connect with may be tapped thereby proving a risk to the data being exchanged over the network. Before using any connection other than trusted networks, always make sure that you secure the connection using appropriate VPN settings.
  • 7. ACCESS THE INTERNET CAUTIOUSLY • Always be aware of identity theft. Not always will hacker approach you or your system to get crucial data from you. Many times, it is just your personal information which they are interested in. This information then comes in handy while creating alias accounts and identities which are then utilized for hacking. Apart from identity theft, yet another thing which is sought after and can be stolen without your notice is the IP address of your web devices. This cannot just be used to track your location but can also be used as an alternate device ID when the hackers invade other crucial systems. The major part of the solution set to this problem includes steering clear from websites and pop-ups which demand your personal information. Beware of malicious Online Survey, Quizzes, Fun Games e.g. match couple, etc. collecting your Personal Identifiable Data/Information (PID/I) and credentials. Also, avoid clicking links to the phishing websites which can be identified by their general randomness. • Identity theft, not just limited to the Internet. The end users must also be aware of the unexpected and unknown phone calls relating themselves to different lotteries and contests and thereby gather crucial personal information from you.
  • 8. NO PIRATES AND CRACKED SOFTWARE • Avoid usage of pirated and cracked software and/or others Potentially Unwanted Application (PUA). Although these software’s are meant to be used unrestricted without the need to purchase the software from the manufacturer, they come with their own set of issues. No hacker would develop a crack for any software unless there is any hidden intention and gain behind it. The cracked versions of software’s do contain some malware in them and this malware may either affect the performance of your device or even leak out crucial device information such as your IP address. The malware also possesses a risk of affecting the system files of your device thereby corrupting your device data. Moreover, using a pirated software for professional purposes also poses a risk of legal actions over your firm and thereby cost you much higher than the software license itself.
  • 9. EMPLOY END POINT SECURITY • An End point Security Agent including cloud based antivirus and antimalware gives you optimum protection against potential malware, ransomware and bugs. Even though antivirus programs claim they provide optimum malware protection, it is imperative to keep the virus database regularly updated for it to function efficiently. Just like other paid software’s, there are cracked versions of antivirus as well. As discussed earlier in the article, you must steer clear from such free wares. Always remember to not click on the pop-ups claiming a virus attack on your PC while browsing. That is not how your antivirus program operates, and such click pages are certain links to phishing websites.
  • 10. KEEP UPDATED INCLUDING SECURITY • Updating antivirus database is not just the key to a healthy system. It is essential to keep the operating system as well as the third-party software’s well updated. The system and software updates not just contain performance optimizations but also a few security related updates which not just protect the software but also the user data related to the application as well as related antivirus patches. • Beware of Zero Day vulnerability and social engineering exploitation.
  • 11. KEEP PERIMETER SECURITY ACTIVE • Every computer is protected by a firewall. This firewall controls the flow of data over any network. It is the preliminary protection offered by any operating system. Though firewall is the most secure feature in data protection is used, it is a bit cumbersome process to use a firewall. Many times, a few applications are denied access through the firewall, and hence, it cannot be used all time. With the development in the field of information and technology, many loopholes in the firewall have developed. Hence, these days third-party firewalls provided mainly by the antivirus developing companies are used. The firewalls not only provide optimum data transfer security but also give the users a high level of customization for ease of use.
  • 12. MULTIPLE BACKUP AND AWAY STORAGE • Even though your device has an antivirus, is password protected, is connected to a secure data connection or protected by a firewall, it is always a wise move to keep your critical device data secure. The best practice to secure sensitive data is to securely remove the data from the device and store it over a protected external storage device. It is advisable that the storage device is not just password protected but is also protected by encryption layers. Along with encryption of external storage, it is also advisable to encrypt the device data and make sure it is duly encrypted during transfer. • Do backup 3 times with different external media and keep it safe at several places. • Backup cost is always cheaper than recovery cost. • Do highest secure wiping procedures for disposal.
  • 13. REFERENCES • Ten Crucial End User Security TIPS • Cybersecurity Primer – The Information Security Awareness (PPTX)
  • 14. THANK YOU! • CSIRT.ID • Indonesia Cyber Security Independent Resilience Team • Sudirman Tower, 19th Floor, Jl. Jenderal Sudirman Kav. 60 • Jakarta Selatan, DKI Jakarta 12830 14 16-Sep-22 CSIRT.ID