Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Awareness at MU Becky Thurmond Fowler April 7, 2005.

Published byLucy Sea Modified over 9 years ago

Similar presentations

Presentation on theme: "Security Awareness at MU Becky Thurmond Fowler April 7, 2005."— Presentation transcript:

1 Security Awareness at MU Becky Thurmond Fowler April 7, 2005

2 Why Do We Care About Security Education? Importance of average user to security of the network as a whole Secure environment required to conduct business (education) Many users already care about security, they just lack the necessary knowledge

3 How Can We Educate Users? Start a security awareness program!

4 You Are the Key to Security! IAT Services Security Awareness Training Winter 2004

5 MU Security Awareness Program Two main components of program – Activities based on monthly topics – Security awareness training Trying to reach varied audiences – Faculty/Staff – On-campus students – Off-campus students

6 Choosing the Right Topics Listed known weaknesses in our environment and compared with industry trends Researched federal laws that apply to the University Looked at industry leaders to see what they considered important

7 Possible Topics Best Practices Physical Security Identity Theft Digital Millennium Copyright Act (DMCA) Workstation Security Internet Threats –Phishing, Spyware, Keylogging

8 August/September ’04Best Practices October ’04Identity Theft November ’04Awareness Day December ’04Safe Shopping / Fraud January/February ‘05DMCA March ’05Internet Threats April ’05AntiVirus Protection May ’05IM Security

9 Delivery Methods Posters Table tents (dining halls) Technology newsletter articles Security Awareness web page Payroll stuffers Training courses Guest speakers, special events

10 Best Practices Poster campaign Best Practices Web Page

11 Identity Theft Table tents in dining halls Guest speaker –Officer Jenna Redel, MUPD –Announced via mass e-mail –One hour presentation ID Theft Presentation

12 Digital Millennium Copyright Act Poster campaign TechKnowledge Newsletter Article DMCA Online Quiz

13 MU Security Awareness Day Security Awareness Day Webpage Free one-day workshop –Guest speakers Department of Justice, FBI, MOREnet, Apple, Cisco, Microsoft and Symantec Identity theft, cyber terrorism, online safety for kids, security initiatives of key technology companies Raffle prizes to encourage attendance

14 Security Awareness Training One hour instructor led course – Password safety – Workstation security – Physical security – Internet and e-mail security – Social Engineering/Principle of least privilege – FERPA/HIPAA overview Online course in development – Same topics as instructor led course – Student version and faculty/staff version

15 Lesson 2: Password Safety & Security

16 Key Points Don’t use your PawPrint and password on external entities. Always choose a secure password!

17 # of Characters26(abc)36(abc123)52(AaBbCc) 6 51.5 minutes3.74 hours13.7 days 7 22.3 hours9.07 days3.91 months 8 24.2 days10.7 months17.0 years 9 1.72 years32.2 years8.82 centuries 10 44.8 years1.16 millennia45.8 millennia 11 11.6 centuries41.7 millennia2,384 millennia 12 30.3 millennia1,503 millennia123,946 millennia Password Cracking – It’s Easier Than You Think!

18 What Could Someone Do If They Had Your Password? Send threatening e-mail on your behalf Access Web sites on which you have enabled one-click ordering and purchase items with your credit card

19 What Could Someone Do If They Had Your Password? Connect to MU e-mail servers and spam thousands of people Gain access to the MU network and attack other entities on your behalf

20 Characteristics of A Secure Password Easy to remember Can be typed quickly without having to look at the keyboard Mix of apparently random letters, digits, and punctuation

21 Xms25thoD* = “Christmas is on the 25 th of December*” Ihomdf5y. = “I have owned my dog for 5 years.”

22 UMC PawPrint Password Requirements Your password MUST: – Consist of between 8 and 26 characters – Contain at least one character from each of the following: Lowercase letters: a-z Uppercase letters: A-Z Digits: 0-9 Special Characters: ( * & ) = ? | ^ } / _ > # : - + ; ] ~, [ <.

23 UMC PawPrint Password Requirements Your password MAY NOT: – Be a word found in a dictionary – Be the same as your PawPrint – Contain a space – Contain symbols other than the approved special characters – Contain UMC related terms (tiger, truman, jesse, etc)

24 Things To Avoid When Choosing a Password Simple keyboard patterns University or state team names Use of the word “password” or “secret”

25 Password Safety Never share your password with anyone! There are other methods of granting access to data and systems if there is a legitimate need.

26 Password Safety (Continued) Change your password regularly using the Password Manager. Don’t record your passwords any place they could be vulnerable, including Web pages that can store your login ID and password.

27 Treat Your Password Like Your Signature Your password is the major form of protection for your computer account and the University resources that you have permission to access.

28 Web CT Course Course covers same topics as in-person training Ideal for departments/groups not based on campus Flexible for those with limited time

29 Obstacles Requests for training customization –Meet with department/student representative prior to training to go over content Scheduling Issues –Require minimum of 20 people per session

30 Obstacles Communicating with faculty/staff and off-campus students –Working closely with internal marketing group to leverage non-standard avenues of communication –Encourage departmental IT professionals to communicate with faculty & staff Metrics

31 Lessons Learned Intra-departmental cooperation is vital Success requires a long term commitment Flexibility is important because of the rapidly changing environment One size does not fit all

32 Future Goals Improve metrics to measure effectiveness of program Increase visibility of program on campus Make WebCT course mandatory for students

33 Future Goals Continue to revise the security awareness program to make it relevant for the current user

34 Questions or Comments? Becky Thurmond Fowler becky@missouri.edu http://iatservices.missouri.edu/safe-computing

Download ppt "Security Awareness at MU Becky Thurmond Fowler April 7, 2005."

Similar presentations

Online Privacy A Module of the CYC Course – Personal Security 8-9-10.

Online Privacy A Module of the CYC Course – Personal Security
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.

Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
STOP.THINK.CONNECT™ A NATIONAL CYBERSECURITY AWARENESS CAMPAIGN OLDER AMERICANS PRESENTATION.

STOP.THINK.CONNECT™ A NATIONAL CYBERSECURITY AWARENESS CAMPAIGN OLDER AMERICANS PRESENTATION.
Tom Parker Project Manager Identity Management Team IT Security Group.

Tom Parker Project Manager Identity Management Team IT Security Group.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
August 15 click! 1 Email Basics Kitsap Regional Library.

August 15 click! 1 Basics Kitsap Regional Library.
Digital Self Defense How well do YOU know Information Security? How well do YOU know Information Security?

Digital Self Defense How well do YOU know Information Security? How well do YOU know Information Security?
1 Ben Woelk RIT Information Security Office Advancing Digital Self Defense Establishing a Culture of Security Awareness at the Rochester Institute of Technology.

1 Ben Woelk RIT Information Security Office Advancing Digital Self Defense Establishing a Culture of Security Awareness at the Rochester Institute of Technology.
How to Secure the “End-User”: Same Goal, Varied Approaches Carrie McCoy – University of Missouri-Columbia Rebecca Fowler – University of Missouri-Columbia.

How to Secure the “End-User”: Same Goal, Varied Approaches Carrie McCoy – University of Missouri-Columbia Rebecca Fowler – University of Missouri-Columbia.
1 WELCOME TO BASIC EMAIL Instructor Donna DeMedicis ♦ 22 Years of Library Service ♦ BPL Support Staff In Opening The Regional Library Computer Center (Gates.

1 WELCOME TO BASIC Instructor Donna DeMedicis ♦ 22 Years of Library Service ♦ BPL Support Staff In Opening The Regional Library Computer Center (Gates.
Security Awareness Norfolk State University Policies.

Security Awareness Norfolk State University Policies.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
What is E-commerce Safety Precautions Password Strengths

What is E-commerce Safety Precautions Password Strengths

Similar presentations

Ads by Google