Introduction to IT Security and Desktop PC Protection

Slides:



Advertisements
Similar presentations
Keep Your PC Safe (Windows 7, Vista or XP) Nora Lucke 02/05/2012 Documents - security.
Advertisements

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Let’s Talk About Cyber Security
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
ITS Offsite Workshop 2002 PolyU IT Security Policy PolyU IT/Computer Systems Security Policy (SSP) By Ken Chung Senior Computing Officer Information Technology.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.
Incident Response Updated 03/20/2015
Digital Certificate Installation & User Guide For Class - 2 Certificates.
Internet safety By Lydia Snowden.
Internet Safety Basics Being responsible -- and safer -- online Visit age-appropriate sites Minimize chatting with strangers. Think critically about.
E-business Security Dana Vasiloaica Institute of Technology Sligo 22 April 2006.
Contents  Viruses Viruses  Computer Worms Computer Worms  Trojans Trojans  Spyware Spyware  Adware Adware  Spam Spam  Hoaxes and Scams Hoaxes and.
Security for Seniors SeniorNet Help Desk
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.
IT Security for Users By Matthew Moody.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
1.1 System Performance Security Module 1 Version 5.
Staying Safe Online Keep your Information Secure.
Windows Vista Security Center Chapter 5(WV): Protecting Your Computer 9/17/20151Instructor: Shilpa Phanse.
Protecting Your Information Assets
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
DIGITAL SECURITY PART 2 TOOLS. phising  Internet criminals can steal your personal and banking information without you ever noticing – they can do it.
Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.
Types of Electronic Infection
Information Security Sharon Welna Information Security Officer.
3.05 Protect Your Computer and Information Unit 3 Internet Basics.
What is Spam? d min.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Security and Ethics Safeguards and Codes of Conduct.
“Lines of Defense” against Malware.. Prevention: Keep Malware off your computer. Limit Damage: Stop Malware that gets onto your computer from doing any.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
ONLINE SECURITY Tips 1 Online Security Online Security Tips.
E-Commerce & Bank Security By: Mark Reed COSC 480.
Computer Security Sample security policy Dr Alexei Vernitski.
Phillip Schneider Information Services Librarian Gail Borden Public Library District Cybersecurity: Keeping Your Computers & Devices Safe.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.
Information Technology Acceptable Use An Overview
Digital Security Identity theft Copyright Laws Plagiarism, and More.
Introduction to IT Security and Desktop PC Protection
TECHNOLOGY GUIDE THREE
OWASP CONSUMER TOP TEN SAFE WEB HABITS
Home Computer Security
Protect Your Computer Against Harmful Attacks!
Cybersecurity Awareness
Part 3.
Information Security Awareness
HOW DO I KEEP MY COMPUTER SAFE?
Bethesda Cybersecurity Club
Premier Employee Program Version 4.0
Presentation transcript:

Introduction to IT Security and Desktop PC Protection Speaker: Stone Miu

Agenda WHY WE ARE HERE? SECURE YOUR DESKTOP PC INTERNET SECURITY PROTECTION HOW TO IDENTIFY AND HANDLE FAKE EMAIL AND WEBSITE INTELLECTUAL PROPERTY RIGHTS FOR SOFTWARE AND INFORMATION PHYSICAL SECURITY

WHY WE ARE HERE? What is Information Security? CIA Model Confidentiality Integrity Availability Importance of Information Security How to Achieve a Satisfied Level of Information Security? Roles and Responsibilities Policy and Guidelines in HKUST

Confidentiality Protecting information from being disclosed to unauthorised parties. Examples: Personal: When submitted to a website, your personal data should only be used or accessed exclusively by designated staff in that company for the purposes agreed. No one else should be allowed to use your data for illegal purposes, or view the data out of curiosity. Business: Sensitive information, such as sales figures or client data, should only be accessed by authorised persons such as senior management and the sales team, and not other operations or departments.

Integrity Protecting information from being changed by unauthorised parties. Examples: Personal: When submitted to a website, your personal data should not be altered in any way during data transmission, or by the website company. Business: Important documents or figures should not be changed or altered by unauthorised persons without prior notice.

Availability To the availability of information to authorised parties only when requested. Examples: Personal: You should be able to access and check your personal data kept on a website at any time. Business: Authorised senior management personnel should be able to access sales figures when needed; or clients should be able to access any of their data kept by the company when they request it.

Importance of Information Security Protect organizations and companies data and assets from insider or outsider attacks. Prevent unauthorized people to  access our valued information’s, to manipulate with it or steal it ,  by using( black/gray) hat hacking, viruses, Trojan , malware ,or even to bring the system down (DOS) . Protect your sensitive data from natural disaster and accidental risks by using business continuity and disaster recovery management.

How to Achieve a Satisfied Level of Information Security? Keep The System Up-to-date Make Sure Firewall Is Enabled Install Only Application Software You Need and Remove Software No Longer In Use Stay Aware Of Security

SECURE YOUR DESKTOP PC Password Protection How to create secure Passwords? Importance of Changing Passwords frequently Data Security -> LOGOFF when you are away from your PCs Basic Security Settings of a PC e.g. firewall DEMO Software firewall Hardware firewall How to Avoid from Virus Attacks? E.g. Anti-Virus Program DEMO How can Antivirus Software Protect your Computer? How to Install Antivirus Software and Virus Signature Update in HKUST? Backup and Restore The Importance of Backup and Recovery Steps for Backup & Recovery Protections of Data/ Files e.g. file encryption Windows Update

The Importance of Backup and Recovery Protecting you in the event of hardware failure, accidental deletions or disaster; Protecting you against unauthorised changes made by an intruder; Providing you with a history of an intruder's activities by looking through archived, older backups.

Steps for Backup and Recovery

INTERNET SECURITY PROTECTION Security Settings of a Web Browser Demo Attentions Needed when Surfing Web Pages Software Update Management e.g. Adobe pdf, Java, Thunderbird, Firefox, etc Cookies Closing Saved Password Pop-up Blocker How to determine the website is safe to browse? http://google.com/safebrowsing/diagnostic?site= hpHosts Norton Safe Web Unmasked Parasites AVG LinkScanner AVG's free Mobilation Android app Lookout Mobile Security

HOW TO IDENTIFY AND HANDLE FAKE EMAIL AND WEBSITE What is Scam Email? How to Handle Scam Email? What is Email Spoofing / Phishing? How to Handle Email Spoofing / Phishing? Preventive Measures Detective Measures Responsive Measures What is Digital Signature & how it is used in HKUST?

Example

Preventive Measures Do not follow URL links from un-trusted sources or emails such as spam emails to avoid being re- directed to malicious websites by malicious links looking seemingly legitimate. Do not visit suspicious websites or follow the links provided in those websites. Do not follow links to log on banking or financial organisations from search engines result. Open email attachment with extreme care. Always check the attachment's extension. Never open attachment with "pif", "exe", "bat", ".vbs" extension. Type the URL manually or follow the bookmarks you have made previously when visit websites. Avoid conducting online banking or financial enquiries/transactions from a public terminal or unsecured terminals such as those terminals in cafe shops or in libraries. Hacking or Trojan programs may be installed to these public terminals. Do not open other Internet browser sessions and access other websites while you are performing online financial transactions/enquiry through the Internet. Remember to print or keep the copy of transaction record or confirmation notice for checking. Always be wary when giving off sensitive personal or account information. Banks and financial institutions seldom ask for your personal or account information through email. Consult the relevant organisation if in doubt. Always ensure that your computer is applied with the latest security patches and virus signature to reduce the chance of being affected by fraudulent emails or websites riding on software vulnerabilities. This also helps to protect your computer from other security or virus attacks. Consider using desktop spam-filtering products to help detecting and blocking fraudulent emails but beware of false alarms. Recommend to learn the technical abilities that are essential for deploying these products in an effective manner.

Detective Measures Review your credit card or bank account statements as soon as you receive them to check for any unauthorised transactions or payments. Log into your accounts regularly to check for the account status and last login time to determine whether there is any suspicious activity. Verify the legitimacy of the website of an organisation such as banks by contacting the organisation through its address or telephone number.

Responsive Measures Change the password immediately if you suspect that your have already been defrauded (e.g. responded to phishing emails or supplied your personal/financial information to the fraudulent websites). Check your account status and contact the relevant organisation and/or report to the police immediately. Send the phishing emails to the relevant organisation and/or the police for their investigation.

INTELLECTUAL PROPERTY RIGHTS FOR SOFTWARE AND INFORMATION Freeware Shareware Liteware

INCIDENT HANDLING PROCEDURES Basic Concept of Incident Handling E.g. Task Manager Common Incident Handling Handling Procedure of Security Incidents Loophole Warning

PHYSICAL SECURITY Clear Screen Protection Protection of External Device Disposal of Computer Equipment Delete and Format Commands Overwriting Degaussing Physical Destruction

Protection of External Device When configuring your mobile device Enable a power-on password or other device password management tool if available. Configure the mobile device in such a way that it locks automatically after some inactive time. Install mobile security software, such as anti-virus software and firewall on mobile device if available. Apply the latest patches and fixes for your mobile operating system and related backup/synchronisation software. Upgrade the software to its latest version where applicable. Scrutinise thoroughly all permission requests, for example those involving privileged access, when installing applications/services. Use encryption to lock sensitive data stored on the mobile device and removable media, if available. Set up a remote data wiping feature if available. Turn off wireless connections such as Wi-Fi, Bluetooth and/or infrared connectivity when not in use. Turn off location services setting in your mobile device if it is not necessary to run location-based application.

Protection of External Device When using your mobile device Do not leave a mobile device unattended, even for a moment. Do not process sensitive data in the mobile device unless with encryption feature on or secure end-to-end connection. Do not open or follow links in SMS/MMS or email from misleading URL, suspicious or un-trusted sources. Do not download or accept programs and content from unknown or un-trusted sources. Be cautious when connecting to publicly available Wi-Fi hotspots, and avoid access sensitive data unless with adequate security protection.

Protection of External Device When backup data in your mobile device Turn on the encryption option in the backup/synchronisation software for storing the data in encrypted mode if available. Make sure the backup copies are encrypted no matter stored in desktop PC or in removable media.

Protection of External Device When disposing your mobile device Completely clear all data and settings on your mobile device before disposal.

Protection of External Device At ALL time Keep your mobile devices in a secure place, especially when not in use. Stay alert on security vulnerability on mobile devices, and apply the latest patches and fixes when available. Do not install illegal or unauthorized software on the mobile device. Do not allow wireless connections from unknown or un-trusted sources on your device.

Useful Links Change User Account Password Security Tips for Email http://itsc.ust.hk/services/general-it-services/user- account-management/change-user-account-password/ Security Tips for Email http://itsc.ust.hk/services/general-it- services/communication-collaboration/email/security- tips-for-emails/ Get Ready for Signed Email in HKUST http://itsc.ust.hk/services/it-infrastructure/hkust-ca- certificates/get-ready-for-signed-email/ HKUST PKI http://itsc.ust.hk/services/it-infrastructure/hkust-ca- certificates/ HKUST http://www.ust.hk/ Information Technology Services Center (ITSC) http://itsc.ust.hk/ ITSC Policies and Guidelines http://itsc.ust.hk/it-policies-guidelines/ ITSC A-Z Guide http://itsc.ust.hk/a-z/ IT Security Web Site http://itsc.ust.hk/services/it-security/campus/ IT Security Guidelines http://itsc.ust.hk/it-policies-guidelines/information- technology-security-guidelines/ Anti-Virus In Campus http://itsc.ust.hk/services/it-security/anti-virus-in- campus/ http://itsc.ust.hk/services/it-security/anti-virus-in- campus/virus-definition-update/ How to Protect Your Computer? http://itsc.ust.hk/services/it-security/security- awareness/protecting-your-computer/ Guidelines and Tips on Using USB Drive http://itsc.ust.hk/services/it-security/campus/usb- drive/ How to Dispose your hard disk securely? http://itsc.ust.hk/services/it-security/campus/dispose- harddisk/ Be Aware of Fake mail http://itsc.ust.hk/beware-of-fake-mail-20130718/ Phishing Sample Emails http://itsc.ust.hk/services/general-it- services/communication-collaboration/email/phishing- samples/ Java Security Alert http://itsc.ust.hk/java-security-alert/ Windows 7 http://itsc.ust.hk/services/general-it- services/procurement-licensing/windows7/ Windows XP http://www.ust.hk/itsc/windowsxp/

Q & A

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.