Presentation on theme: "Information Security Office Security Awareness Series Office Security, Facility and After Hour Access/ Visitor Control and Guest Procedures."— Presentation transcript:
Information Security Office Security Awareness Series Office Security, Facility and After Hour Access/ Visitor Control and Guest Procedures
Information Security Office Visitor Control and Guest Procedures Commercial or public buildings, like the buildings on campus, are often the target of opportunistic thieves. Thieves take advantage or the fact that many trusting, unaware people often leave their personal belongings in open, visible places. Wallets and checkbooks are sometimes left on a desktop or in a jacket on the back of a chair or door; purses are often on the floor next to a desk.
Information Security Office Visitor Control and Guest Procedures Unfortunately, these habits are an invitation for trouble. No matter what type of security program is implemented, there are no foolproof measures, and nothing is effective without the support of every individual not to violate those measures.
Information Security Office Visitor Control and Guest Procedures GUESTS must be checked in through the proper procedures. This is for the guests' protection as well as the protection of the others. Politely ask anyone suspicious May I help you? REPORT any suspicious unescorted person or stranger at once.
Information Security Office Visitor Control and Guest Procedures DO NOT LEND the keys to your office or your identification card to anyone. UNDER NO CIRCUMSTANCES should you prop open any exterior door. –Although it may seem harmless and convenient, you are endangering both yourself and everyone else. –The exterior doors are locked for your safety. – Neither should interior fire doors be propped open. Doing so eliminates their effectiveness in preventing the spread of fire or smoke.
Information Security Office Office and Building Security
Information Security Office Small offices and casual environment and camaraderie can lead to false sense of security. Office and Building Security
Information Security Office General Rules for Office Security Id Badges worn at all times in visible location. Escort visitors both to and from your office. Prevent access of unauthorized visitors (tailgating and piggybacking). Do not prop secured doors open.
Information Security Office Tailgating and Piggybacking Tailgating occurs when an unauthorized person enters a secure area by following closely behind an authorized cardholder. Piggybacking occurs when an authorized person gains access to a secure area and allows others to followby holding open a secured door, for example.
Information Security Office Dont let anyone in if they cant get in themselves. Everyone must show ID and insist on seeing ID from people you dont know. Dont let strangers mess with anything even if they do have an ID. General Rules for Office Security
Information Security Office If access into your area requires a badge, always keep the door closed. Politely challenge visitors. Employees required to wear badges should have them visible at all times. General Rules for Office Security
Information Security Office Escort visitors to departments. Dont let them wander around. Lock office doors while not there. Lock your workstation when away from desk or cubicle. General Rules for Office Security
Information Security Office Dont leave confidential data at printers, fax and other equipment. Follow your defined process for informing all necessary areas when an employee leaves. –Revoke access immediately when an employee or contractor is terminated or leaves for any reason. General Rules for Office Security
Information Security Office Suggestions To Reduce Your Risk of Theft Keep your purse or wallet in a locked drawer at all times. Carry only as much cash as you need for the day, and only one credit card and check. Don't "flash your cash" or any credit cards or personal information. Make a list of credit cards with pertinent phone numbers and keep it in a safe place. Update the list as needed.
Information Security Office Suggestions To Reduce Your Risk of Theft Don't leave packages or other valuables on or around your desk or work area. Lock them in the trunk of your car. Be attentive to any visitors who seem confused or out of place. Address anyone you don't know who may be wandering or looking around your office. Note their appearance, behavior, etc., and report any unusual activity immediately.
Information Security Office Suggestions To Reduce Your Risk of Theft Immediately report any theft or other criminal activity, inform your supervisor or manager.
Information Security Office After Hour Access After 5:30 PM, or on weekends. Plan in advance. If unplanned after hours access is necessary, let someone know.
Information Security Office Its 9:00 p.m…..do you know where your ID card is? ID Badges
Information Security Office Photo IDs assist in visual identification of individuals at facilities. Worn by all employees. Politely request others to show you their badge if it is not visible. If ID badge is also access card, be aware of access restrictions (after hours, remote sites). Report lost ID badge immediately. Employee Identification
Information Security Office Always escort visitors. Have them wait in lobby for you and escort them back when your business is completed. Politely ask any stranger, May I help you? Encourage sign in and out and return of visitor badge. Notify visitor of applicable security information (emergency exits, etc.) Visitor Control
Information Security Office Planning responses for different violation scenarios in advance – without the burden of an actual event – is good practice. Know who to report any attempted security violation to – keep the number readily available Know what type of information to report (who, what, when, where) Timing is important – you need to be prepared to act quickly and accurately Incident Response
Information Security Office Some Simple Steps To Protect Your Home While On Holidays The holiday season is a wonderful time of year. It is also a time when people may become careless and vulnerable to theft and other crime. Use these tips as a guide to holiday security.
Information Security Office Don't count your money at the ATM machine. If you must use an ATM, choose one that is located inside a police station, mall, or well-lighted location. Withdraw only the amount of cash you need. Do not throw your ATM receipt away at the ATM location. Using the drive-up is usually safer than walking up or into a facility. Remember to scan around you as you make your withdrawal. If anyone is loitering, or you don't like their looks, go to another ATM. Protect your PIN by shielding the ATM keypad from anyone who is standing near you.
Information Security Office When using credit cards, make sure that only one credit slip is printed with your charge card. Also, be sure to tear up any carbons that may be used to complete the transaction. Shop during daylight hours whenever possible. If you must shop at night, go with a friend or family member. If you stop for a bite to eat be especially aware of your wallet or handbag. Don't leave handbags or shopping bags behind you. Place them in front of you where you can see them.
Information Security Office Keys should not be carried in your purse. In the event of a purse snatching, the thief will have your address and keys to your home. At this time of year, "con-artists" may try various methods of distracting you with the intention of taking your money or belongings. Avoid overloading yourself with packages. Be extra careful if you do carry a wallet or purse. They are the prime targets of criminals in crowded shopping areas, transportation terminals, bus stops, on buses and other rapid transit. Notify the credit card issuer immediately if your credit card is lost, stolen or misused. Keep cash in your front pocket. Pay for purchases with a check or credit card when possible.
Information Security Office Carry a minimal amount of credit cards and avoid carrying large sums of cash. Keep a record of all of your credit card numbers in a safe place at home. Do not carry a purse or wallet, if possible. If you carry a purse, keep it in front of you and close to your body. When using public washrooms, use extreme caution. Try to avoid putting your purse on hooks or door handles.
Information Security Office Keep personal items such as wallets, handbags etc. in a locked and secure area. Small electronic items such as laptops, Palm Pilots, etc. should never be left unattended. When leaving your office, even for a short period, secure your valuables and lock your office.
Information Security Office If solicited by an individual for personal charity, don't give cash; offer to buy the individual food or drink or refer them to local assistance resources. Confine your charitable giving to reputable established organizations, preferably those with a local branch. If solicited for an unfamiliar organized charity, ask for literature so you can make an informed decision about giving; any reputable organization will be glad to provide material. If solicited by telephone, do not give out credit card numbers or personal information not listed in the telephone directory, and don't allow the organization to come to your home until you are certain of their reliability. Instead, ask them to send you information so you can make an informed decision and mail in your donation.
Information Security Office SEC- -Y If not you, who? If not now, when?
Information Security Office Resources at the University of Arizona Kerio Firewall https://sitelicense.arizona.edu/kerio/kerio.shtml Sophos Anti Virus https://sitelicense.arizona.edu/sophos/sophos.html VPN client software https://sitelicense.arizona.edu/vpn/vpn.shtml Policies, Procedures and Guidelines http://w3.arizona.edu/~policy/ Security Awareness http://security.arizona.edu/awareness.html
Information Security Office Security Awareness Presentations Customization available
Information Security Office Passwords/ Social Engineering Identity Theft/ Telephone Fraud Passwords/ Social Engineering E-mail Usage and Encryption, E-mail Etiquette PC Security, Workstation and Desktop Security (up to date patching and anti-virus), Password Protected Screensavers, Laptop security, Viruses and Worms Proper/Improper Internet Use, Internet Security and Safe Web Browsing
Information Security Office Software Piracy and Copyright Infringement Blaster Worm and So big Virus Firewall Basics for the beginning user Disaster Recovery/ Data Backups, Incident Reporting, Risk Assessment/ Data Classification Guidelines, Palm Pilots / PDAs / Cell Phones/Wireless Security Security Basics, Privacy in the New Millennium Office Security, Facility and After Hour Access/ Visitor Control and Guest Procedures
Information Security Office University Information Security Office Bob Lancaster 4 University Information Security Officer 4 Co-Director – CCIT, Telecommunications 4 Lancaster@arizona.edu 4 621-4482 Security Incident Response Team (SIRT) 4 firstname.lastname@example.org 4 626-0100 Kelley Bogart 4 Information Security Office Analyst 4 Bogartk@u.arizona.edu 4 626-8232