Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security for CPAs J. Carlton Collins, CPA.

Published byPrimrose Ward Modified over 9 years ago

Similar presentations

Presentation on theme: "Information Security for CPAs J. Carlton Collins, CPA."— Presentation transcript:

1

2 Information Security for CPAs J. Carlton Collins, CPA

3

4 It’s a New World …It’s a YouTube World

5 Unlock car with a tennis ball Open a padlock with a Coke can - I Open a padlock with a shim - II How to make a shim from a Coke can - I Make a shim - II How to hack a Coke machine Pop Corn with a cell phone Unlock car with a tennis ball Open a padlock with a Coke can - I Open a padlock with a shim - II How to make a shim from a Coke can - I Make a shim - II How to hack a Coke machine Pop Corn with a cell phone

6 Legal Issues

7 http://www.ftc.gov/os/2002/05/67fr36585.pdf

8

9 Protecting Your Hard Drive Page 27 4 measures you can take as follows

10 1. BIOS Password Page 28

11 2. Windows Password Page 28 Carlton Collins

12 How Thieves beat BIOS &Windows Passwords 1.Remove Drive 2.Insert in another computer as second drive 3.Second drive becomes completely readable

13 How Thieves beat BIOS & Widnows Passwords 1.Or they use Knoppix

14 4. Encrypt Files or Folders Page 29/30 1.Must use NTFS (in Windows XP) 2.Right click file or folder, Properties 3.Advanced

15 4. Or Use Vista BitLocker Page 30 1.New in Vista

16 4. Or Use TrueCrypt Page 29 and 31 Hard drive is encrypted and decrypted on the fly

17 Encryption Page 14

18 Encrypting Word and Excel Files

19 Encryption Primer Page 17 All encryption is based on two prime numbers:

20 About Bits Page 17 It takes 8 Bits to Form a Single Number 40 Bit123131 second 56 Bit123451319 hours 64 Bit123456137 months 128 Bit12345678912345134.3 quadrillion years 4,300,000,000,000,000 4,594,972,986,357,220,000,000,000,000,000,000,000,000,000,000,000 4,300,000,000,000,000 4,594,972,986,357,220,000,000,000,000,000,000,000,000,000,000,000

21 PGP (Pretty Good Privacy) Phil Zimmerman

22

23 PGP (Pretty Good Privacy)

24

25

26

27

28 E-Mail Encryption Software

29

30

31

32 Is Big Brother Watching You Anyway? ‘Widely Rumored that a master key' exists

33 Strong Passwords

34 3. Use Strong Passwords Page 28 Happy – 5 minutes to break Happy44 – 15 minutes to break hAPP5y44 – Many hours to break (Microsoft recommends using Upper/lower/special characters) I recommend the old phone number method: 9126384822Delta4499 delta delta 4499 912 638 4822 delta 4499

35 Windows Security “Folders” Page 66

36 FAT32 versus NTFS Do Not Choose FAT 32 Do Choose NTFS

37

38 NTFS No Impact on Network NTFS is Also Better in Other Ways: Larger files Larger drive partitions, Has better data compression, Less file fragmentation It’s Easy to Change to NTFS: At Command Prompt type convert c: /fs:ntfs

39 Warning - Hidden Files and Folders Can Still Be Deleted Page 68

40 Don’t Confuse NTFS Share Settings with File Share Settings

41 (NTFS permissions affect access both local and remote users) (Share permissions apply only to network shares)

42

43 Folder Settings

44

45 The Internet can teach a person how to become a hacker Plenty of tools and utilities to make it easy to hack Blocking the Cracking Tools CrackZ HackZ WareZ SerialZ

46 How Serious is the Problem? Page 3

47 Organization: National Institute of Health Date of Theft:February 2008 Type of Data Stolen:Patient data for 2,500 patients over a 7 year period How Stolen: From an employee’s home

48 Organization: Davidson County Election Commission - (Nashville, TN) Date of Theft:December 28, 2007 Type of Data Stolen:Names and complete Social Security numbers for 337,000 registered voters How Stolen: Someone broke into several county offices over Christmas and stole laptop computers

49 Organization: Transportation Security Administration (TSA) Date of Theft:August 10, 2006 Type of Data Stolen:Social Security numbers, payroll information, and bank account data for approximately 133,000 employee records How Stolen: From a government vehicle

50 Organization: Federal Trade Commission (FTC) Date of Theft: June 22, 2006 Type of Data Stolen:Data on about 110 people that was "gathered in law enforcement investigations” How Stolen: Stolen from a locked vehicle

51 Organization: Internal Revenue Service (IRS) Date of Theft:June, 2006 Type of Data Stolen:291 employees and job applicants, including fingerprints, names, Social Security numbers, and dates of birth How Stolen: In transit on an airline flight

52 Organization: AICPA Date of Theft: June, 2006 Type of Data Stolen:Unencrypted hard drive containing names, addresses and Social Security numbers of 330,000 AICPA members. How Stolen: Lost during shipping

53 Organization: US Government Veterans Affairs Administration Date of Theft:May 3, 2006 Type of Data Stolen:26.5 million veterans, their spouses, and active- duty military personnel How Stolen: Laptop stolen from employees home

54 Organization: Citibank Student Loan Corporation Date of Theft:March 8, 2006 Type of Data Stolen:Information on 3.9 million customers How Stolen: Lost in transit while being shipped

55

56 Long List of Documented Thefts of Data Victims Include:

57 Here’s An Even Bigger List

58

59 Organization: Drug Enforcement Agency (DEA) Date of Theft:June 7, 2004 Type of Data Stolen:Laptop of DEA Informants How Stolen: From the trunk of an Auditor’s car while he was at a bookstore coffee shop in suburban Washington

60 System Restore Page 57

61 Understanding the Registry REGEDIT

62

63 Firewalls Page 33

64 Routers and Firewalls Have Opposing Objectives Share information Versus Prevent Sharing of Information

65

66

67

68 Page 37

69 Windows XP & Windows Vista Firewalls Page 52

70 Change the Default SSID (Service Set Identifier) Page 53

71 Disable SSID Broadcast Page 55

72 Do Not Auto-Connect to Open Wi-Fi Networks Page 55

73 Turn Off the Network During Extended Periods of Non-Use Page 56

74 Wireless Security Page 50

75

76

77 Online Security Tests Page 40

78 ShieldsUp! - Port Authority Edition grc.com Broadband Tests and Tools www.broadbandreports.com/tools BrowserSpy gemal.dk/browserspy GFI Email Security Testing Zone www.gfi.com/emailsecuritytest Hacker Whacker www.hackerwhacker.com PC Flank www.pcflank.com PC Pitstop www.pcpitstop.com [Checkup browsercheck.qualys.comgrc.comwww.broadbandreports.com/toolsgemal.dk/browserspywww.gfi.com/emailsecuritytestwww.hackerwhacker.comwww.pcflank.comwww.pcpitstop.combrowsercheck.qualys.com Privacy.net privacy.net/analyzeprivacy.net/analyze

79 Windows Security “Users” Page 60

80 No Security in W95 & W98 User Accounts Now Required - Windows XP and Windows Vista

81

82 1.Accessing User Accounts – The Control Panel - User Accounts 2.Disable the Guest Account in W95, W98, W2000 and Vista 3.Password Protect the Guest Account in Windows XP Turning off hides it from the log in screen – but it still remains active 4.Rename the Administrator Account

83

84 Beware the Hacker Tools

85 Windows Security “Screen Savers” Page 74

86

87 Blocking Pornography Page 78

88

89

90

91 Room full of Naked Blonde Chicks Totally Nude Thumbnail Image of Brad Pitt

92 Computer Bread Crumbs Page 43

93 Recent Applications Game High Scores Search history Browsing History Cookie History Temporary Internet Files Search for JPGs Recycle Bin Password Protected Files Requesting Lost Passwords Review Sent and Received E-Mail Review Deleted E-Mail Folder Review Junk E-Mail Folder Use E-Mail Rules to Track Usage Use E-Mail Server Settings to Track Usage Key Loggers Print Monitor Pro (free) Give Me Do (free) Desktop Spy (free) Hardware Keylogger ($60) Internet Spy (free) Evidence Tracker (free) and Evidence Blaster ($23)

94 Remote Access Page 43

95 1. Lock out keyboard and mouse 2. Blank out screen 3. Increase time out setting

96 Backing Up Your Data

97

98 Computer Viruses Page 8

99

100 1.1986 – First Virus 2.1989 – 6 viruses 3.1999 - $7.6 Billion Cost 4.10 to 15 new viruses a day 5.2008 - $55 Billion Cost (Most Conservative Estimate)

101 1.The Worm Virus a)Uses email addresses from your address book b)Send itself to those people 2.The Trojan Virus a)Disguises itself as a legitimate function. b)Really causes damage or steals data like passwords. a)The Backdoor Trojan Virus a)Takes control of your computer through your network or the internet. b)File Virus a)Attaches to real software. b)Whenever you use the software, it will load into your memory. c)Adware and Spyware a)Adware is basically just advertisements. b)Spyware can log your keystrokes 5 Types of Viruses Page 9

102 Important Virus Tips 1.Backup every week. 2.Backup BIOS before you change it 3.Run virus protection software.

103 Top Virus Protection Products

104

105 Phishers Prey on the Ignorant

106 http://info.org.il/irrelevant/may02-smilepop-soapbox4.swf

107 http://www.themobiletracker.com/english/index.html

108

109 Spy Stuff Page 201

Download ppt "Information Security for CPAs J. Carlton Collins, CPA."

Similar presentations

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.

Windows XP Tutorial Securing Windows. Introduction This presentation will guide you through basic security principles for Windows XP.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
This presentation will take a look at to prevent your information from being discovered by and investigator.

This presentation will take a look at to prevent your information from being discovered by and investigator.
Copyright August 2009 – J. Carlton Collins Information Security for CPAs Southeastern Accounting Show J. Carlton Collins.

Copyright August 2009 – J. Carlton Collins Information Security for CPAs Southeastern Accounting Show J. Carlton Collins.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
How to Protect Your PC Grayware Adware, Malware, Spyware.

How to Protect Your PC Grayware Adware, Malware, Spyware.
Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!

Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!
Operating System & Application Files BACS 371 Computer Forensics.

Operating System & Application Files BACS 371 Computer Forensics.
OS and Application Files BACS 371 Computer Forensics.

OS and Application Files BACS 371 Computer Forensics.
THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.

THE WONDERFUL HISTORY OF COMPUTERS FROM THE BEGINNING HARDWARE, SOFTWARE,SAFTEY, AND COMPUTER ETHICS.
Capturing Computer Evidence Extracting Information.

Capturing Computer Evidence Extracting Information.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Issues Raised by ICT.

Issues Raised by ICT.
With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.

With Microsoft Windows 7© 2012 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Windows 7.
P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

P6 - CONFIGURE THE SOFTWARE. CONFIGURE SOFTWARE Most software can be configured to suit an individual user, for example by changing the appearance of.

Similar presentations

Ads by Google