Cyber Security Awareness

1
Cyber Security Awareness

• May 3, 2004
• Dr. Dan Manson
• dmanson_at_csupomona.edu

2
When We Use The Internet

• Everything we do on a computer is at the mercy of
  viruses and hackers
• Our passwords
• Our email
• Our instant messages
• Confidential data
• Our reputation

3
What Makes Us Vulnerable?

• Out of date anti-virus software
• Out of date operating software
• Spyware
• Poor passwords on Windows NT, 2000, and XP
  desktops
• Too much file sharing

4
Out of Date Anti-Virus Software

• Viruses and worms cost billions of dollars each
  year
• New computer viruses are released almost daily
• Without continual updates anti-virus software
  will not protect us from new viruses
• IIT eHelp Virus Information Page -
  http//www.csupomona.edu/ehelp/antivirus/

5
Out of Date Operating System

• Microsoft Protect Your PC Page -
  http//www.microsoft.com/security/protect/default.
  asp
• IIT eHelp Protect Your Mac Web Page -
  http//www.symantec.com/mac/security/open_door.htm
  l
• Your local campus tech can help you keep your
  Operating System up-to-date

6
Personal Firewalls

• A personal firewall is installed directly on your
  computer.
• It monitors traffic into and out of your
  computer. Lets you know when there is something
  going on.
• Free ZoneAlarm Firewall - http//www.zonelabs.com/
  store/content/company/products/znalm/freeDownload.
  jsp?lidzadb_zadown

7
What is Spyware?

• Spyware is technology that aids in gathering
  information about a person or organization
  without their knowledge
• If the following occurs, you may have spyware
• Toolbars in your Internet Explorer that you
  didn't intentionally install
• Your browser start page has changed without your
  knowing
• Even if you do not see anything, you may be
  infected

8
How Do I Check for Spyware?

• Ad-aware spyware remover
• SpyBot spyware remover
• Your local campus tech can help you check for and
  remove Spyware

9
SpyBot SearchDestroy Screenshot
10
Gator Spyware

• Gator collects which webpages your computer views
  and how much time you spend at those sites, your
  response to the ads it displays, the software on
  your computer, your first name, your country,
  your five-digit ZIP code, and your system
  settings
• Many popular file-sharing programs install Gator

11
SPAM Protection

• IIT eHelp Web Site Manage Your Spam Page -
  http//www.csupomona.edu/ehelp/spam/index.html

12
Windows Desktop Passwords

• If the Windows Administrator account does not
  have a password, or has a weak password, anyone
  on the network can take complete control of the
  computer.
• Set a strong password on the Administrator
  account on all Windows NT/2000/XP Professional
  systems.

13
What is a Strong Password?

• Not easy to guess (no dictionary words)
• Not too short (at least eight characters)
• Not too simple (include uppercase, lowercase,
  numbers and punctuation marks)
• A sentence can remind you of your password
• The new CLA Japanese Garden looks great!
  (TnCLAJGlg!)
• My office is in Building 94. (MoiiB94.)

14
Passwords are like Underwear

• Change them often
• Do not share with friends
• Do not leave yours lying around
• The longer the better
• Be mysterious

15
Too Much File Sharing

• Computers allow us to share folders on our
  computers
• Make sure you don't give away more than you
  intend by following these steps
• Never share an entire hard drive
• Create specific folders to share rather than
  sharing existing ones
• Be careful what you put in shared folders
• Be careful about letting others store files in
  your folders without a password
• Your local campus tech can help you with shared
  folders

16
Alternatives to Security Awareness

• When user behavior is not enough, we use
  additional technology and policy
• Firewalls and Virtual Private Networks (VPN) can
  be used to restrict communications and
  applications
• Computer and application configurations and
  choices can be restricted and locked down
• Additional procedures and approval processes can
  be created.
• We can reduce but never eliminate security threats

17
Bottom Line Reality

• We all live and work in a world of confidential
  information.
• By virtue of our jobs, we are custodians of that
  information and must follow the laws, policies
  and procedures related to safeguarding the
  information.
• Additional restrictions and laws surrounding
  privacy are forthcoming.
• Identity fraud is nations top consumer fraud
  complaint.

Source Sonoma State University Confidential
Information Systems Access Agreement, March
28,2003
18
Information Security Contact Information

• Dr. Dan Manson dmanson_at_csupomona.edu (909)
  869-3244
• Know your local tech
• To report computer abuse abuse_at_csupomona.edu
• SANS On-Line Security Awareness Training
• Security Awareness Video -http//www.csupomona.edu
  /an/portfolio/Computer20Security/main.swf