Security Awareness 101a - PowerPoint PPT Presentation

1 / 46
About This Presentation
Title:

Security Awareness 101a

Description:

Viruses and worms either standalone or carried by a program, document, or image ... Spybot Search & Destroy: http://security.kolla.de ... – PowerPoint PPT presentation

Number of Views:58
Avg rating:3.0/5.0
Slides: 47
Provided by: wayned1
Category:

less

Transcript and Presenter's Notes

Title: Security Awareness 101a


1
Security Awareness 101a
  • Wayne Donald
  • Information Technology Security Officer
  • Randy Marchany
  • Director Information Technology Security Lab

2
Why Todays Presentation?
  • Creating an awareness of the technology risks is
    a step in helping the Virginia Tech user
    community take necessary precautions
  • There is a need to be more proactive when it
    comes to technology security
  • We need to understand that in many cases,
    technology alone cannot solve security problems
  • Providing users with information that can be used
    to help make their technology environment more
    secure is a win-win situation

3
Technology Issues in Higher Education
  • Laptop with 98,000 names stolen at UC-Berkeley
  • University of Northern Colorado missing hard
    drive with personal information
  • Boston College reveals alumni data breach
  • Students use smart phones to get answers to
    test
  • Southern University says hundreds altered grades
  • Hackers set up shop in State agencys server
  • Tufts warns 106,000 alumni donors of security
    breach
  • Auditors find sensitive data on surplus computer
  • Student installs device on teachers computer to
    sell tests
  • An externally managed server at Tufts University
    compromised by hackers
  • Carnegie Mellon business school reports data
    breach
  • Hackers plot more phishing, mobile viruses

4
(No Transcript)
5
(No Transcript)
6
(No Transcript)
7
A Growing Concern Malware
  • A generic term for bad software that ends up on
    computers
  • Viruses and worms either standalone or carried
    by a program, document, or image
  • Trojan horses malicious software that looks
    like youre downloading something good
  • Adware designed to enhance the effectiveness of
    targeted advertising
  • Spyware gathers information about you and sends
    to it someone else then comes the spam
  • As much as 80-90 of todays email is spam

8
(No Transcript)
9
(No Transcript)
10
(No Transcript)
11
A Growing Concern Phishing
  • A scam technique that seeks to get personal
    information (bank account, credit card, users
    password, etc.)
  • Basically a malicious form of spam
  • Emails that appear to come from legitimate
    sources (online retailers, banks, etc.)
  • Many will direct the user to a fake website
  • Confirmation of your address may be made by you
    clicking on the unsubscribe option

12
(No Transcript)
13
(No Transcript)
14
Additional Security Threats
  • Tiny storage devices such as pocketsize hard
    drives, USB hard drives, and other memory media
    present new challenges
  • Digital cameras as well as new smart phones
    provide hackers and cheaters with additional
    tools
  • Handheld devices (Blackberrys, for example) that
    provide users with even greater access
    capabilities are another threat
  • User logon and password values give someone easy
    access and the opportunity to impersonate

15
(No Transcript)
16
What Needs to be Done to Ensure YOU Have a More
Secure Computing Environment
17
Operating System
  • An updated operating system helps protect your
    computer from viruses, worms, and other threats
    as they are discovered
  • With Windows you can utilize the Automatic Update
    feature
  • Click Start, and then click Control Panel
  • If there is not an Automatic Update icon, click
    on the System icon and then click on Automatic
    Updates
  • If your preference is to do the updates manually,
    visit the Windows Update site
    http//windowsupdate.microsoft.com

18
(No Transcript)
19
(No Transcript)
20
Operating System
  • You can schedule updates for any time of the day
  • However, your computer must be on for the updates
    to be installed
  • Also recommend it not be a time when you might be
    doing other tasks
  • If you do select Automatic Updates and forget to
    leave your computer on, you will receive a
    notification and will have to install manually

21
Internet Firewall
  • An internet firewall can help protect your
    computer against hacker attacks
  • You can purchase firewall software but new
    systems (both Windows and Mac) now come with
    build-in firewall software
  • Click Start, and then click Control Panel you
    can then click on the Windows Firewall icon to
    see the status
  • The firewall settings will prevent certain tasks
    so each individual user may have to determine an
    acceptable risk level

22
(No Transcript)
23
(No Transcript)
24
Antivirus
  • Antivirus software helps protect your computer
    from known viruses
  • Antivirus software works by comparing files on
    your computer against a file containing known
    virus definitions
  • Click Start, and then click Programs to see if
    you have antivirus software installed
  • NOTE Having two different antivirus programs
    installed on one computer can cause problems
  • Check the Virginia Tech antivirus site to
    download free Symantec software
    http//antivirus.vt.edu

25
(No Transcript)
26
(No Transcript)
27
Other Precautions
  • Dont assume physical security
  • A regular backup routine can ensure recovery from
    an incident
  • A secure password is the first line of defense
  • Remember email is not secure
  • Be aware of social engineering activities
  • Accessing the web can bring unwanted results

28
Passwords Help Ensure Privacy
  • The purpose of a login process is to establish
    who you are, and establish a level of security
  • If someone learns of your password, they can log
    on as you (and even share your password)
  • If a person does something malicious while logged
    on as you, it will likely be blamed on you
  • If you think someone knows your password CHANGE
    IT!
  • Password rules have become essential to help
    ensure privacy

29
Other Precautions
  • Dont assume physical security
  • A regular backup routine can ensure recovery from
    an incident
  • A secure password is the first line of defense
  • Remember email is not secure
  • Be aware of social engineering activities
  • Accessing the web can bring unwanted results

30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
(No Transcript)
37
(No Transcript)
38
(No Transcript)
39
(No Transcript)
40
(No Transcript)
41
(No Transcript)
42
Helpful References
  • Primary Virginia Tech machine vendors
  • http//www.microsoft.com/security/it
  • http//www.apple.com/security
  • Spyware tools
  • Ad-aware http//www.lavasoftusa.com
  • Spybot Search Destroy http//security.kolla.de
  • Safe Networking http//www.safenetworking.org
  • MacScan http//macscan.securemac.com/
  • Virginia Tech sites
  • Security site http//security.vt.edu
  • Computing site http//computing.vt.edu
  • Engineering and Agriculture Life Sciences sites

43
Other Helpful References
  • CheckNet individual system scanning available
    from IT Security Lab
  • VA SCAN Virginia Alliance for Secure Computing
    and Networking
  • http//www.vascan.org/
  • List of 100 best web site for security
  • http//www.uribe100.com/index100.htm
  • Professional Associations
  • http//www.educause.edu/security/
  • http//www.sans.org/
  • http//www.cisecurity.org/index.html

44
IT Security Lab
  • The laboratorys mission
  • Design, develop and implement training materials
    and classes for University technical and general
    users
  • Test computer hardware and software for security
    vulnerabilities and provide guidance for
    addressing these vulnerabilities

45
In Summary
  • Absolute security is unattainable
  • However, its important we take a proactive
    approach to technology security
  • Understand the risks in using technology and what
    puts you at danger
  • Users should consider making security an integral
    part of their daily plans
  • Utilize available security tools
  • We dont have all the answers

46
Contact Information
  • Security web site http//security.vt.edu
  • VT Computing site http//computing.vt.edu
  • IT Security Office and IT Security Lab
  • 1300 Torgersen Hall
  • Wayne Donald wdonald_at_vt.edu
  • Randy Marchany marchany_at_vt.edu
Write a Comment
User Comments (0)
About PowerShow.com