Security Awareness http:security'nsu'edu - PowerPoint PPT Presentation

1 / 42
About This Presentation
Title:

Security Awareness http:security'nsu'edu

Description:

Security Awareness http:security'nsu'edu – PowerPoint PPT presentation

Number of Views:142
Avg rating:3.0/5.0
Slides: 43
Provided by: rak4
Category:
Tags: awareness | cub | edu | http | nsu | security

less

Transcript and Presenter's Notes

Title: Security Awareness http:security'nsu'edu


1
Security Awarenesshttp//security.nsu.edu
  • Protect Your PC

2
Security AwarenessProtect your PC Update
  • Update your OS
  • Operating Systems are not perfect. As they get
    older, vulnerabilities and errors are found and
    exploited.
  • Updates are intended to fix these.
  • Windows has a built in feature called Automatic
    Updates. Enabling it will ensure your system
    stays up to date.
  • http//windowsupdate.microsoft.com
  • Update all other Software
  • Microsoft Office can be updated online.
  • Most other third party applications contain a way
    to update them. Many are automated.

3
Security AwarenessProtect your PC Update
4
Security AwarenessProtect your PC Passwords
  • Passwords are a primary way of accessing your or
    your institutions data. They need to be strong.
    Make sure all accounts have one.
  • Do not use personal information. Names,
    addresses, nicknames, hobbies, etc are easy to
    guess.
  • Do not use the same password for everything
  • When asked to change, do not use the same
    password with a minor change.

5
Security AwarenessProtect your PC Passwords
  • Strong passwords are comprised of
  • Minimum of 8 characters
  • Combination of at least three of the following
  • Lower case letters a b c
  • Upper case letters A B C
  • Numbers 1 2 3
  • Symbols ! _at_

6
Security AwarenessProtect your PC Passwords
  • Passphrases can used
  • Take a phrase and use the first letter of each
    word.
  • Punctuation marks can be used
  • Capitalize some of the letters
  • Switch symbols for letters

7
Security AwarenessProtect your PC Passwords
  • Passphrase example
  • Mary had a little lamb, its fleece was white as
    snow.
  • M h a l l , i f w
    w a s .
  • Mhall,ifwwas.
  • Mh411,!fWW45gt

8
Security AwarenessProtect your PC Login
  • Disable Automatic Login
  • For newer versions of Windows, setting a password
    will prevent the system from booting into an
    account
  • Disable the Welcome Screen
  • This is will cause Windows to use the classic
    login screen instead of advertising accounts that
    are available.

9
Security AwarenessProtect your PC Login
10
Security AwarenessProtect your PC Accounts
  • Windows has two administrator accounts for users
    when installed.
  • Set strong passwords for both
  • Only use admin accounts for admin tasks like
    installing software or making operating system
    changes
  • Create user accounts for all users
  • This adds privacy and security to individuals
    data
  • Prevents unauthorized users from installing
    software or changing the operating system
  • When online, some sites will attempt to install
    software, some of it is malicious in nature
  • Disable the Guest account
  • This is the default state for newer operating
    system, so verify

11
Security AwarenessProtect your PC Accounts
12
Security AwarenessProtect your PC Firewall
  • Windows has a built in Firewall.
  • Firewalls prevent unauthorized traffic from
    entering the computer
  • Example PCs can be remotely controlled. A
    firewall can prevent remote users from doing this
  • Verify the Windows Firewall is enabled
  • Enabled by default in service pack 2 and above
  • There are third party firewalls available
  • ZoneAlarm
  • Free for personal use
  • http//www.zonelabs.com
  • Hardware based firewalls can be incorporated into
    routers
  • Used predominantly with home networks
  • Only use one at a time

13
Security AwarenessProtect your PC Firewall
14
Security AwarenessProtect your PC Anti-Virus
  • Virus is a term that is used to refer to
    malicious software. In reality, it is one of
    many types of software that has malicious intent
    (malware).
  • Viruses
  • Worms
  • Trojan Horses
  • Key-loggers
  • etc
  • Can
  • Destroy data
  • Cause hardware failure
  • send sensitive information to others
  • etc

15
Security AwarenessProtect your PC Anti-Virus
  • Malware is spread through
  • Email
  • Web Browsing
  • Intentionally included in what looks like
    legitimate software. The user is usually
    prompted for installation.
  • Example Gator is part of some screensaver
    installs
  • Intentionally included in web site
  • Web site is hacked and when visited, malware is
    downloaded
  • External data devices
  • CDs
  • External Hard Drives
  • Floppy
  • Flash (USB) drives
  • Remote attacks

16
Security AwarenessProtect your PC Anti-Virus
  • Protect your PC by installing an Anti-Virus
    program
  • Update it daily, automatically if possible.
  • Scan your PC on a regular basis. If possible,
    setup automatic scanning.
  • Although it is possible, it is not recommended to
    use multiple AV programs on the same PC at the
    same time.
  • Some Manufacturers will include AV software in a
    suite that provides other protection
  • Example Nortons Internet Security includes
  • Firewall
  • Spam filter
  • Parental Controls

17
Security AwarenessProtect your PC Anti-Virus
  • Available
  • Free
  • AVG
  • Free for personal use
  • http//free.grisoft.com
  • Avast
  • Free for Personal use
  • http//www.avast.com
  • Nominal Fee
  • McAfee
  • Can be purchased as part of a security suite
  • Http//www.mcafee.com
  • Norton
  • Can be purchased as part of a security suite
  • http//www.symantec.com

18
Security AwarenessProtect your PC Anti-Virus
19
Security AwarenessProtect your PC Anti-Virus
20
Security AwarenessProtect your PC Anti-Spyware
  • Spyware is another type of Malware. The main
    purpose behind Spyware is to monitor your
    activities and transmit them to a third party,
    usually, without your consent.
  • Example Popup Ads
  • Spyware is generally installed via malicious or
    hacked web sites, but, it is possible to get
    spyware the same way as a virus.
  • Example Cool Web Search Toolbar

21
Security AwarenessProtect your PC Anti-Spyware
  • Install an Anti-Spyware Program.
  • In most cases, more than one can be used.
  • Keep it up to date. Automatic updating is
    available in some.
  • Scan your PC on a regular basis. If possible,
    setup automatic scanning.
  • Micorsoft provides an Anti-Spyware program called
    Windows Defender. It is currently in Beta, which
    means it is still being tested, but available to
    general public without warranty.
  • Updated via Automatic Updates
  • http//www.microsoft.com/athome/security/spyware/s
    oftware/default.mspx

22
Security AwarenessProtect your PC Anti-Spyware
  • There are many free third party Anti-Spyware
    programs available. (Be careful though, some
    spyware programs are actually spyware.)
  • Spybot Search and Destroy
  • Free
  • http//www.safer-networking.org/
  • Lavasofts Ad-Aware
  • Free for Personal Use
  • http//www.lavasoft.com
  • SpywareBlaster
  • Free
  • Prevents Spyware from being installed.
  • http//www.javacoolsoftware.com/spywareblaster.htm
    l

23
Security AwarenessProtect your PC Anti-Spyware
24
Security AwarenessProtect your PC Anti-Spyware
25
Security AwarenessProtect your PC Anti-Spyware
26
Security AwarenessProtect your PC Lock-it or
Logout
  • Lock your PC when you leave it unattended.
  • Many times, users will be working on sensitive
    information and leave for a break, meeting or
    other need, leaving this and other potentially
    sensitive data accessible from their desk.
  • Lock the screen by
  • Press and release, at the same time, the
    CTRLALTDEL keys (not the key) to bring up
    the Window Security window and click Lock
    Computer
  • Set up a screensaver, set it for a short period
    of time (5 minutes) and set it to prompt for a
    password on resume.
  • Press and release, at the same time, the
    WindowsL keys.
  • If you dont want to lock-it, then logout or
    shutdown.
  • If the PC is off, people cant attack it or
    access its data.

27
Security AwarenessProtect your PC Lock-it or
Logout
28
Security AwarenessProtect your PC Lock-it or
Logout
29
Security AwarenessProtect your PC
Lock-it/Logout
30
Security AwarenessProtect your PC Wireless
  • Wireless home
  • Use encryption
  • Changes the format of the data between the access
    point and your PC
  • WEP Wired Equivalent Privacy (insecure)
  • WPA Wi-Fi Protected Access
  • Uses a passphrase/pre-shared key
  • WPA2
  • Use preferred networks
  • Those that you setup or know who owns them
    (NSUWIFI)
  • Use access points, not PC to PC communication (ad
    hoc)
  • Public access points allow anyone to connect,
    which means anyone can see what you are sending
  • Disable your wireless network adapter when not in
    use
  • Using another persons access point without their
    consent is illegal

31
Security AwarenessProtect your PC Wireless
  • NSUWIFI provides wireless access for faculty,
    staff and students
  • Information available at http//www.nsu.edu/wifi/
  • WPA2 is used for encryption
  • TKIP (Temporal Key Integrity Protocol)
  • Changes keys dynamically to prevent attackers
    from finding the (single) key used for
    encrypting data
  • NSU userid and password required to gain access
    to the wireless network
  • NSU monitors for unauthorized access points
  • Future plans for guest access

32
Security AwarenessProtect your PC Wireless
  • Bluetooth
  • Designed for short wireless communications over
    short distances
  • Bluesnarfing
  • Acquiring phonebooks, pictures, calendar
  • Paris Hiltons phone was cracked
  • Bluetracking
  • Tracking your movement based on the unique
    address of the device
  • Bluebugging
  • Send commands to a bluetooth device
  • Make it call you which means an attacker could be
    listening
  • Bluetooth sniper rifle
  • How To Building a BlueSniper Rifle - Part 1
  • http//www.tomsnetworking.com/2005/03/08/how_to_bl
    uesniper_pt1

33
Security AwarenessProtect your PC Parental
Controls
  • Parental Controls allow parents to control what
    their children do online.
  • Block web sites, chat, pop-ups
  • Allows you to monitor activity
  • Web sites visited
  • Keyloggers
  • A few that get decent ratings and are a nominal
    fee
  • CyberPatrol (Appears to be the highest rated
    overall)
  • http//www.cyberpatrol.com/
  • CYBERsitter
  • http//www.cybersitter.com/
  • NetNanny
  • http//www.netnanny.com

34
Security AwarenessProtect your PC Add-ons
  • Many Web sites or files require additional
    software to be installed in order to view.
  • These viewers are usually free and easily
    accessible.
  • Adobe Acrobat Reader is needed to view PDF
    documents.
  • Windows Media Player or QuickTime may be required
    to watch certain videos or listen to music
  • Other sites may have programs that will improve
    your computing experience
  • Firefox is another popular web browser
  • Google Toolbar will prevent pop-ups in Internet
    Explorer while providing a quick way to search
    the internet.
  • To get these, go directly to the manufacturers
    site.
  • Acrobat Reader is available from Adobe
  • The latest version of Windows Media Player is
    available through Microsoft
  • QuickTime is available through Apple
  • If not sure, research the program. If still not
    sure, dont install.

35
Security AwarenessProtect your PC Browsing
  • Be careful when browsing
  • Misspelling or mistyping a word, even one
    character off, can take you to a web site that
    may be objectionable or malicious in nature.
  • Use an alternate browser.
  • Helps avoid site redirects or phishing.
  • Prevents certain sites from taking advantage of
    flaws in Internet Explorer
  • Firefox has additional add-ons that can be used
    for additional security
  • Free
  • Second most used web browser (behind Internet
    Explorer) and gaining more ground each day.
  • http//www.getfirefox.com
  • Watch for redirection. Redirection is when you
    click a link on a site and end up at another web
    site. Phishing scams can take advantage of this.
  • Watch the contents of the location or address
    bar. This is where you will detect the
    redirection.
  • When going to a site that may need personal
    information, go directly to the web site.
  • Disable pop-ups.

36
Security AwarenessProtect your PC Browsing
37
Security AwarenessProtect your PC Email
  • Be wary of email from addresses you do not know.
  • Typically SPAM or phishing attempts
  • Use caution with attachments.
  • Programs should not be sent through email.
  • Avoid sending personal information through email.
  • Email is in clear text.
  • Do not send social security numbers or credit
    card info.
  • Do not send usernames or passwords.
  • Do not click links for banking institutions.
  • Financial Institutions do not ask for personal
    information through email. It is only used to
    distribute information.
  • Contact your financial institution in person or
    telephone.
  • There are alternative email clients available,
    but they may require additional computing skills.

38
Security AwarenessProtect your PC Backup
  • Backup your data regularly
  • Windows has a built in backup utility.
  • Backup programs with automation are available.
  • Simple methods include
  • Burning specific files to CD.
  • Copying them to flash (USB) drives or memory
    cards.
  • Copy the data to another computer
  • Fee based subscriptions are available online.
  • Floppy Disks are too small for most data.

39
Security AwarenessProtect your PC NSU Policies
  • NSU policies are available from
  • http//www.nsu.edu/policies
  • Policy 60.201 Acceptable Use of Technology
    Resources
  • Policy 62.002 Computer Systems Passwords
  • http//www.nsu.edu/forms
  • Resource Authorization Request / OIT Request Form
    Information Security Access Agreement
  • http//www.nsu.edu/oit/policies
  • Policy 61.002 Electronic Data Privacy and
    Ownership

40
Security AwarenessProtect your PC Further Info
  • Credit Reports
  • 1 free report per year
  • https//www.annualcreditreport.com
  • Symantec Security Check
  • Online check for exposure and or common viruses
  • http//security.symantec.com/sscv6
  • National Security Agency Security Configuration
    Guide
  • http//www.nsa.gov/snac
  • National Institute of Standards and Technology
    (NIST) Computer Security Resource Center (CSRC)
  • http//csrc.nist.gov/
  • National Do Not Call Registry
  • http//www.donotcall.gov
  • Child Safety Online
  • http//www.fbi.gov/publications/pguide/pguidee.htm
  • http//www.microsoft.com/athome/security/children

41
Security AwarenessProtect your PC Advanced
  • These options are available, but, generally
    recommended for advanced users
  • Disable/Remove Windows Components
  • Disable unnecessary Windows services
  • Use alternate email client
  • Thunderbird
  • http//www.getthunderbird.com
  • Enable Auditing
  • Microsoft Baseline Analyzer
  • Port Reporter and Parser
  • Root Kit Detection tools
  • HiJackThis.exe
  • Use encryption for files and email
  • Use GeSWall

42
Security AwarenessProtect your PC Advanced
  • Advanced options
  • USE LINUX
Write a Comment
User Comments (0)
About PowerShow.com