INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,

Slides:

Advertisements

Similar presentations

HIPAA Security.

Advertisements

COMPLYING WITH PRIVACY AND SECURITY REGULATIONS Overview MHC Privacy and Security Committee Revised 1/17/11.

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

HIPAA Training. What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in It provides the ability to transfer.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

P ASSWORD S ECURITY. I F SOMEONE HAS YOUR PASSWORD, EITHER FROM YOU GIVING IT OUT OR THEM FIGURING OUT, THEY COULD : 1.Send abusive or threatening .

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

1 Identity Theft and Phishing: What You Need to Know.

Online Course START Click to begin… Module 2 General Information Security.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

8 Mistakes That Expose You to Online Fraud to Online Fraud.

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

Security Awareness Lloyd Guyot – Steelcase Ed Jaros – Tenundra Inc. July 17, 2003.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

Network & Computer Security Training.  Prevents unauthorized access to our network and your computer  Helps keep unwanted viruses and malware from entering.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

IT Security Essentials Ian Lazerwitz, Information Security Officer.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Joel Garmon, Director, Information Security Mike Rollins, Security Architect Jeff Teague, Security Analyst, Senior 1

Securing Information in the Higher Education Office.

Program Objective Security Basics

General Awareness Training

Have You Lost Your Identity? By Sierra Bowland. Deter Detect Defend.

IT Security Awareness: Information Security is Everyone’s Business A Guide to Information Technology Security at Northern Virginia Community College.

Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 2 This material was developed by Oregon Health & Science University,

ESCCO Data Security Training David Dixon September 2014.

1.1 System Performance Security Module 1 Version 5.

IT Security Essentials Lesley A. Bidwell, IT Security Administrator.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS). SELECT AND USE APPROPRIATE METHODS TO MINIMISE SECURITY RISK TO IT SYSTEMS AND DATA 1.1 I can describe.

©Holm Publications Security Awareness Presentation.

Use of U.T. Austin Property Computers: Security & Acceptable Use The University of Texas at Austin General Compliance Training Program.

Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

System Security Chapter no 16. Computer Security Computer security is concerned with taking care of hardware, Software and data The cost of creating data.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.

Security Training USAID Information Security.

What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.

Information Systems Security

Incident Security & Confidentiality Integrity Availability.

INTERNET SAFETY FOR KIDS

Protecting Your Identity: Information Security Basics Presented by:Barbara D. Kissner SVP & CIO International Fidelity Insurance Company March 18, 2014.

Joel Rosenblatt Director, Computer and Network Security September 10, 2013.

INTERNAL CONTROLS What are they? Why should I care?

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.

WHAT IS CYBER SECURITY? Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great.

August Millhopper Montessori School is excited to announce new procedures for troubleshooting computer issues. A new Help Desk has been created.

OCTOBER IS CYBER SECURITY AWARENESS MONTH. October is Cyber Security Awareness Month  Our Cyber Security Awareness Campaign focuses on topics such as.

ONLINE SECURITY Tips 1 Online Security Online Security Tips.

SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #

Technological Awareness for Teens and Young Adults.

Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.

8 – Protecting Data and Security

ISMS Information Security Management System

Staying Austin College

Things To Avoid: 1-Never your password to anyone.

Lesson 2: Epic Security Considerations

Lesson 2: Epic Security Considerations

Lesson 2: Epic Security Considerations

Handling Information Securely

Presentation transcript:

INFORMATION SECURITY

WHAT IS IT?

Information Security The protection of Information Systems against unauthorized access to or modification of information, whether in storage, processing or transit, and against the denial of service to authorized users or the provision of service to unauthorized users, including those measures necessary to detect, document, and counter such threats. Reference- NSTISSI 4009

In other words… The Protection of of university information  Availability  Confidentiality  Integrity

The Need for Security Education Many users believe they have nothing of importance on their computer This belief is false! Even if your machine doesn’t contain important information, your machine may still be used by intruders or unauthorized persons to access other machines on the network that do contain important information.

Many believe technology can solve security problems The Need for Security Education Again false! Technology is ever changing; therefore, it is only as good as the people that use it

The Need for Security Education Internal Threat vs. External Threat Most are aware of external threats but internal threats are even more of a security problem because most wrong- doers already have access and are not easily detected

Top Security Mistakes Opening attachments from unknown sources Unsecured work space Leaving computers on and unattended Poor password management Lack of anti-virus protection Out of date patches/updates Unsecured laptops; PDAs Lax physical security Throwing sensitive data in the trash Using default system configurations

USC War Stories

Employee steals s from department server then posts derogatory messages about other employees Employee leaves computer on overnight causing 6 computers containing sensitive data in the building to become compromised Employee disciplined for telephone misuse gains access to monthly telephone bills and alters them to cover-up long distance calls Employee uses procurement card to purchase personal items in excess of $1800 Employee and temporary worker involved in check fraud Ex-Spouse gains access to employee workplace vandalizing and stealing personal property

So, do you think information security doesn’t apply to you?

THINK AGAIN!

What Information Needs Protection? Do you use any of these forms of information to perform your job functions?  Budget information  Financial data/transactions  Student records  Faculty/Staff personal information  SSNs  Loan documents  Intellectual property

If so, then just ask yourself… What if this information is lost or stolen?

If so, then just ask yourself… What if someone sees this information who should not have access to it?

If so, then just ask yourself… Would either of these scenarios be a problem for you or your supervisor?

When you leave home you… Secure your house Right?

When you leave your car you… Lock the doors Right?

Well, What About Work? Protect the university Protect yourself =

Or… Protect university information just as you would your personal information

What can you do to protect university information? Lock doors and cabinets Don’t leave sensitive information in open view

Lock Your Computer You never know who may enter your office while you step away from your desk Protects the confidentiality of your data from: unauthorized viewing unauthorized use What can you do to protect university information? Tips: Use password protected screen savers Press ctrl + alt + delete then enter (PC)

Don’t leave sensitive data in your car! An employee working in the financial department trying to meet a deadline decided to take her work home. Before going home, she stopped off at the grocery store. To her dismay, she came out of the store to find her car had been stolen! What can you do to protect university information? Properly secure information taken outside of the office!

Protect Your Password NEVER SHARE! Don’t post-it! Don’t use default passwords At least 8 characters in length (letters, numbers and caps) Meaningful but not easily guessed What can you do to protect university information?

REMEMBER, IS NOT A SECURE MEANS OF COMMUNICATION! Do not forward s: With suspicious or virus attachments From unknown sources Containing personal information Containing sensitive/confidential data

What else can you do to protect university information?  Maintain an inventory of technology-related assets  Refrain from speaking in public places about sensitive/confidential information  Use your anti-virus software  Patch and update your system regularly  Follow document retention procedures  Secure laptops and PDAs  Secure your workspace  Report security violations

Each of us has a responsibility to treat information responsibly!

InfoSec Policies The Office of Information Security in conjunction with the Information Security Working Group and Information Security Liaison Committee are currently writing information security policies addressing many of these areas. These policies are being developed to assist you in making sure you and your environment are secure.

Do you need additional assistance? Pleasecall the USC Office of Information Security at: Do you need additional assistance? Please call the USC Office of Information Security at: or us at