Title: Kelley Bogart, CISSP Sr. Information Security Specialist Information Security Office
1Kelley Bogart, CISSPSr. Information Security
SpecialistInformation Security Office
Free Tools and Helpful Resources for Securing
Your Computer and Data _at_ UA
2Defense in Depth
Wireless Security
Wired/ Wireless Network
Anti-Virus
Anti-Spyware
Computer
Online Security
Account Security
Software
Password Security
Messaging Security
Physical Security
Software Updates
Backups
3ua.InfoSec's Top Ten
- Update Software
- Use Antivirus Software
- Use Anti-Spyware
- Use Strong Passwords
- Secure Your Accounts
- Secure Your Physical Environment
- Keep Wireless Devices Secure
- Practice Online Safety
- Send and Receive Secure Messages
- Back Up Your Data
4 Update Software
- Operating Systems and Applications
- Auto update
- Sign up for update/patch notifications
- Limit what you download
Restart computer? YES!!!
5Use Antivirus Anti-spyware Software
- Keep it up to date
- Configured properly
- Scan Regularly
- Sophos Antivirus
- Download
- https//sitelicense.arizona.edu/sophos/
- Installation Documentation
- https//sitelicense.arizona.edu/sophos/sophos_ins
tall.html - Free Anti-spyware - Spybot Search and Destroy,
Windows Defender, Adaware - free for home personal use only
6 Use Strong Passwords
- Passwords are the keys to many things
- your bank account, your computer, your email,
- a server on a network.
- Your password controls who can
-
- access your account (financial, email, etc)
- modify or destroy your files
- send malicious e-mail such as spam or threats in
your name - commit fraud while masquerading as you
- use your computer to store and/or distribute
illegally files such as movies, songs or worse
(child pornography)
7What is a strong password?
- At least eight characters (but more is highly
recommended) with 4 variables - 10 characters with 3 variables
- 12 or more characters with 2 variables
- What do we mean by variable
- Both upper and lower case letters
- At least one number
- At least one special character
- (e.g., !_at_()_-"'ltgt?,./)
- Longer is Stronger
8Tips for Creating a Strong Password
- How to create strong passwords that are easy to
remember but hard to guess ? - Use a phrase, sentence or question
- Why did the chicken cross the road?
- The cow jumped over the moon!
- Use a fake
- Website (time4anewpwagain.com)
- Email (Passwords_at_stupid.com)
- File (passwords/make/me/crazy)
- Address 4223westmyhouse
9Secure Your Accounts
- Limit use of Privileged Accounts
- Do not share your password
10Secure Your Physical Environment
- Use of Open Access Computers
- Dont save your logon information
- Limit what you do
- Dont leave the computer unattended when logged
into an account with sensitive data (Student
Link, Banking, Email, etc.) - Erase your tracks (clear history)
- IE (Tools, Internet Options, General tab, Delete
Browsing History) - Firefox (Tools, Options, Privacy tab, clear
private data) - Watch for over the shoulder
11Physical Environment (contd)
- Session Controls
- Password protected screensaver
- Ctrl-Alt Delete (enter) or Windows L
- Theft of Portable Devices
- Laptops
- IPhones
12Keep Wireless Devices Secure
- Wireless on Campus
- Use only (not public)
- Security (WPA2 PEAP)
- No Rate or Port limitation
- http//uawifi.arizona.edu
13Wireless (contd)
- Other
- Airports
- Hotels
- Free WiFi Hotspots
- Coffee Shops
- Bookstores
- Neighbors
14Wireless (contd)
- Use UAs site licensed VPN
- http//sitelicense.arizona.edu/vpn
- https//vpn.arizona.edu
- Limit what you do when connected
- Do not access sensitive data unless the website
is secure
15Practice Online Safety
- Only download what you trust, and even then be
wary! - Limit what you download to your computer
- Dont take downloads from strangers
- What else are you getting with the free stuff?
- Free music file sharing programs are wide
open doors for hackers - Read End User Agreements
16Surf Safer
http//www.siteadvisor.com/
17(No Transcript)
18Send Receive Secure Messages
- Email
- Attachments
- Spam
- Social Engineering
- Phishing
- Targeted or Spear Phishing
19Latest Phishing Attempts
20Latest Phishing Attempts
21Backup Your Data
Its not a matter of IF, its a matter of when!
22If the situation seems hopeless
23Resources
- 24/7 IT Support Center
- http//the247.arizona.edu
- UA InfoSec
- http//security.arizona.edu/basics
- Computer Resources (handout)
- http//www.security.arizona.edu/files/UA20Resourc
es.pdf