Security Challenges Facing IT 2005 Farm Credit Learning Conference - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Security Challenges Facing IT 2005 Farm Credit Learning Conference

Description:

Server Security. Operating System. Win2003 SP1 useful lockdown tools. Security Patches ... Spyware/Malware capture keystrokes. Recent attacks: ... – PowerPoint PPT presentation

Number of Views:51
Avg rating:3.0/5.0
Slides: 13
Provided by: tomst8
Category:

less

Transcript and Presenter's Notes

Title: Security Challenges Facing IT 2005 Farm Credit Learning Conference


1
Security Challenges Facing IT2005 Farm Credit
Learning Conference
  • Tom Stegman
  • VP Technical Services
  • AgVantis, Inc.

2
Security Challenges Facing ITBeyond the Firewall
  • Server Security
  • Worms, Viruses, Trojans
  • Phishing and Pharming
  • Social Engineering
  • Confidential (Borrower) Data

3
Server Security
  • Operating System
  • Win2003 SP1 useful lockdown tools
  • Security Patches
  • Stay informed use security bulletins
  • Microsoft http//www.microsoft.com/security/bullet
    ins/alerts.mspx
  • SANS https//portal.sans.org/preferences.php
  • Dont allow physical access

4
Worms, Viruses, Trojans
  • Virus protection on client, server, email
  • Stay informed
  • Symantec https//enterprisesecurity.symantec.com/C
    ontent/Subscribe.cfm
  • Trend Micro http//www.trendmicro.com/subscription
    s/default.asp
  • Use multiple layer email detection
  • Firewall
  • Email Server

5
Phishing and Pharming
  • Phishing methods
  • Email notice capture info via web link
  • Spoofed links use financial institution name
  • Spyware/Malware capture keystrokes
  • Recent attacks
  • Paypal - 'Unauthorized Account Access'
  • SouthTrust - 'Important Security Issue !!!'
  • eBay - 'UpdateYour Account'
  • Paypal- 'Update Account.'
  • Phishing attacks up sixfold this year

6
(No Transcript)
7
How to Avoid Phishing Scams
  • Be suspicious of email with urgent requests
  • Phishers include exciting (but false) statements
  • Typically ask for information such as account
    numbers, etc.
  • Don't use links in email to get to web pages
  • Call or log onto the website directly
  • Dont complete forms in email asking for
    financial information
  • Use a secure website when submitting sensitive
    information
  • Check for "https//" and the lock icon
  • EarthLink ScamBlocker http//www.earthlink.net/ear
    thlinktoolbar
  • Regularly log into your online accounts
  • If anything is suspicious, contact your bank and
    all card issuers
  • Ensure that your browser is up to date and
    security patches applied
  • Microsoft Security home page --
    http//www.microsoft.com/security/
  • Report "phishing" or spoofed e-mails to the
    following groups
  • reportphishing_at_antiphishing.com
  • Federal Trade Commission at spam_at_uce.gov
  • To the "abuse" email address at the spoofed
    company (e.g. spoof_at_ebay.com)
  • File a complaint on the FBI website
    www.ifccfbi.gov

8
Phishing and Pharming
  • Pharming method
  • Redirect real URL to hacker site
  • DNS hijack or cache poisoning
  • What To Do If You've Been Caught
  • http//www.antiphishing.org/consumer_recs2.html
  • Cancel accounts as quickly as possible
  • Credit card liability is 50
  • Bank account liability can be up to total account
  • Check out www.antiphishing.org

9
Social Engineering
  • Used in various ways
  • Get recipient to open attachments
  • Deals too good to pass up just provide bank
    account information
  • Used by hackers to obtain inside info
  • Can be used to gain physical access to servers or
    data
  • One of the easiest methods for hacking

10
Confidential Data
  • Encrypt or destroy confidential data
  • Email
  • Laptop, CDROM, USB key
  • Mail, FedEx, UPS
  • Old hard drives
  • Trash
  • Laptops
  • Encrypt data
  • MS Encrypting File System (EFS)

11
Confidential Data
  • Educate staff and borrowers
  • Fraudulent schemes know the right URL
  • SSL encryption look for lock in browser
  • Know the law and regulations
  • California SB 1386
  • FCA regulations

12
Security Challenges Facing IT
  • Threats arrive from all sides
  • Continuous monitoring required
  • Need to stay informed
  • And know when to inform others
  • Biggest challenge is education
  • Everyone is responsible for security
Write a Comment
User Comments (0)
About PowerShow.com