Information Security Awareness Training - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

Information Security Awareness Training

Description:

Title: A Short Presentation for WLU Author: Grang Li Last modified by: gli Created Date: 4/2/2006 8:26:53 PM Document presentation format: On-screen Show – PowerPoint PPT presentation

Number of Views:1019
Avg rating:3.0/5.0
Slides: 29
Provided by: Gran77
Category:

less

Transcript and Presenter's Notes

Title: Information Security Awareness Training


1
Information SecurityAwareness Training
2
Why Information Security?
  • Information is a valuable asset for all kinds of
    business
  • More and more information related crimes happen
  • Information leakage, damage will impact, even
    finish business

3
Dos and donts
  • Do use licensed and supported software
  • Do have anti-virus tool, keep it up to date, and
    scan portable media before usage

4
Verify your Anti-virus is up to date
5
Verify your Anti-virus is up to date
6
Dos and donts (continued)
  • Do have your Personal Firewall set to ON

7
Verify your Personal Firewall is ON
8
Verify your Personal Firewall is ON
9
Verify your Personal Firewall is ON
10
Verify your Personal Firewall is ON
11
Configure Screen Saver
12
Configure Screen Saver
13
Dos and donts (continued)
  • Do keep Windows XP security patches up to date
  • Do keep software up to date
  • Do choose a strong password, change it
    periodically, and make sure that you are the only
    person that knows it

14
(No Transcript)
15
(No Transcript)
16
Pa55VV0RD!!
  • Don't use your login name in any form
  • Dont use word or words contained in any language
    dictionary
  • Don't use numbers significant to you or someone
    close to you, or associated with the University
  • Don't use passwords based on simple keyboard
    patterns
  • Remember it or keep it in a protected place, such
    as a locked safe

17
Dos and donts (continued)
  • Do use Lauriers resources for business purposes,
    please!
  • Do lock your screen/computer when unattended
  • For laptop users, do keep your eyes on it, use
    chain locks when necessary
  • Do contact the ITS Help Desk when necessary
  • Do report incidents, abnormal things to
    designated people, and leave the scene untouched
    if dont know what to do
  • Do back up your documents
  • Do think about IT security on a regular basis

18
Dos and donts (continued)
  • Do not shut down security applications on your
    computer, including anti-virus tool, Firewall,
    automated update etc
  • Do not let unknown people touch your computer,
    feel free to challenge his/her ID when necessary
  • Do not give out your password to anyone,
    including ITS staff
  • Do not provide your password in an email reply
  • Do not connect personal computing devices to the
    WLU wired network
  • Do not use insecure wireless connections
  • Do not open an email attachment unless you are
    certain of the veracity of its contents
  • Do not open an unknown website or URL unless you
    are certain of its veracity

19
Example
20
Example
21
Example
22
Example
23
Example
24
Social Engineering
  • Social Engineering is the acquisition of
    sensitive information or inappropriate access
    privileges by an outsider, based upon the
    building of an inappropriate trust relationship
    with insiders
  • The goal of social engineering is to trick
    someone into providing valuable information or
    access to that information

25
Suggestion 1
  • If you cannot personally identify a caller who
    asks for personal information about you or anyone
    else, for information about your computer system,
    or for any other sensitive information, do not
    provide the information. Insist on verifying the
    callers identity by calling them back at their
    proper telephone number as listed in telephone
    directory. This procedure creates minimal
    inconvenience to legitimate activity when
    compared with the scope of potential losses.

26
Suggestion 2
  • Remember that passwords are sensitive. A password
    for your personal account should be known ONLY to
    you. Systems administrators or maintenance
    technicians who need to do something to your
    account will not require your password. They have
    their own password with system privileges that
    will allow them to work on your account without
    the need for you to reveal your password. If a
    system administrator or maintenance technician
    asks you for your password, be suspicious.

27
Suggestion 3
  • Systems maintenance technicians from outside
    vendors who come on site should be accompanied by
    the local site administrator. If the site
    administrator is not familiar to you, or if the
    technician comes alone, it is wise to give a call
    to your known site administrator to check if the
    technician should be there. Unfortunately, many
    people are reluctant to do this because it makes
    them look paranoid, and it is embarrassing to
    show that they do not trust a visitor.

28
Thanks for your time !Any questions or
suggestions?To download this slides, go to
computersecurity.wlu.ca, Security Awareness
TrainingRecommend Tips of The Day
Guidelines to Password Selection
  • Grant Li
  • Ex. 2797
  • Email gli_at_wlu.ca
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Information Security Awareness Training" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!