Introduction to Computer Security PA Turnpike Commission.

Slides:

Advertisements

Similar presentations

Woodland Hills School District Computer Network Acceptable Use Policy.

Advertisements

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

The Financial Modernization Act of 1999, also known as the Gramm-Leach-Bliley Act (GLBA) UNDERSTANDING AND DEVELOPING A STRATEGIC PLAN TO BECOME COMPLIANT.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

2 Issues of the information age Computer _______ and mistakes –Preventing computer related waste & mistakes Computer crime –Computer as tool to commit.

Mr C Johnston ICT Teacher

Good Computer Security Practices Basic Security Awareness September 10, 2007 School of Nursing Office of Academic and Administrative Information Systems.

Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.

SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

Module #1: Introduction to Cyber Security

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Chapter 16 Security. 2 Chapter 16 - Objectives u The scope of database security. u Why database security is a serious concern for an organization. u The.

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Factors to be taken into account when designing ICT Security Policies

HFS DATA SECURITY TRAINING

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

Security Awareness Training PA Turnpike Commission.

Internet Security PA Turnpike Commission. Internet Security Practices, rule #1: Be distrustful when using the Internet!

10 Essential Security Measures PA Turnpike Commission.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.

Protecting Sensitive Information PA Turnpike Commission.

Program Objective Security Basics

Information Security Technological Security Implementation and Privacy Protection.

Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.

Network Security Policy Anna Nash MBA 737. Agenda Overview Goals Components Success Factors Common Barriers Importance Questions.

“ Technology Working For People” Intro to HIPAA and Small Practice Implementation.

IT Security for Users By Matthew Moody.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

1 General Awareness Training Security Awareness Module 1 Overview and Requirements.

Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.

1 Ethics For the Employee Benefits Agent.  Ethics – defined as a principle of right or good conduct; a system of moral principles or values; the rules.

How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.

Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.

ISO27001 Introduction to Information Security. Who has day-to-day responsibility? All of us! Why Information Security? Control risk, limit liability What.

SECURITY ENGINEERING 2 April 2013 William W. McMillan.

April 14, A Watershed Date in HIPAA Privacy Compliance: Where Should You Be in HIPAA Security Compliance and How to Get There… John Parmigiani National.

Information Security Awareness Training. Why Information Security? Information is a valuable asset for all kinds of business More and more information.

Patient Data Security and Privacy Lecture # 7 PHCL 498 Amar Hijazi, Majed Alameel, Mona AlMehaid.

PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.

What are the rules? Information technology is available to every student, faculty and staff member in support of the essential mission of the University.

Security Policies and Procedures. cs490ns-cotter2 Objectives Define the security policy cycle Explain risk identification Design a security policy –Define.

Educational Computing David Goldschmidt, Ph.D. Computer Science The College of Saint Rose CIS 204 Spring 2009.

Security Policies. Threats to security and integrity  Threats to information systems include  Human error –keying errors, program errors, operator errors,

Information Security IBK3IBV01 College 2 Paul J. Cornelisse.

Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.

Computer Security By Duncan Hall.

? Moral principles of right and wrong Used by individuals/organisations To guide behaviour.

Welcome to the ICT Department Unit 3_4 Code of Conduct.

Computer Laws Data Protection Act 1998 Computer Misuse Act 1990.

Woodland Hills School District Computer Network Acceptable Use Policy.

Cyber Security. Objectives To understand: 1.Definition of Cyber Crime 2.Classification of Cyber crimes 3.Computer Intrusions and Hacking 4.Computer Security.

Confidentiality, Integrity, Awareness What Does It Mean To You.

Mr C Johnston ICT Teacher BTEC IT Unit 09 - Lesson 11 Network Security.

1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.

1 HIPAA Information Security Awareness Training “Good Computing Practices” for Confidential Electronic Information For All NXC Employees October 2011.

BizSmart Lunch & Learn Webinar Information Security and Protecting your business With the increased risk of some sort of cyber- attack over the past few.

Welcome to the ICT Department Unit 3_5 Security Policies.

Explaining strategies to ensure compliance with workplace legislation

Good Computer Security Practices Basic Security Awareness

Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek

Move this to online module slides 11-56

is not secure is not secure..

Disability Services Agencies Briefing On HIPAA

Confidentiality.

Mohammad Alauthman Computer Security Mohammad Alauthman

Presentation transcript:

Introduction to Computer Security PA Turnpike Commission

What is Computer Security?

Computer security is concerned with controlling the risks that are associated with computer use. The goal is to protect computer systems and the information that they store or access.

Why is computer security important? Computer security allows the PTC to carry out its mission by: Enabling people to perform their jobs. Supporting critical business processes. Protecting customer and personal information.

Quiz: What could happen if my computer gets hacked? (select all that apply ) a) It could be used to hide programs that launch attacks on other computers. b) It could be generating large volumes of unwanted traffic, slowing down the entire system. c) Someone could be distributing illegal software from my computer, without my realizing it. d) Someone could access restricted or personal information on my computer (e.g. identity theft). e) Someone could record all of my keystrokes and get my passwords. See next page for answer

Of course, the answer is “All of the above.” A compromised computer can be used for all kinds of surprising and inappropriate activities.

But why do I have to learn about computer security? Isn’t it just an IT problem?

Good security practices follow the 90 / 10 Rule 10% of security safeguards are technical. 90% of security safeguards rely on the user, (you), to follow good security practices. Example: The lock on the door is 10%, (technical). You remembering to lock the door, checking to see if the door is closed, ensuring that others don’t prop the door open, and controlling access to keys, is the 90%. The 10%, technical, is worthless without you!

So what does this me for me? This means that everyone who uses a computer needs to understand how to keep their computer and data secure. Information Security is everyone’s responsibility. Everyone at the PTC is responsible for familiarizing themselves and complying with all policies, procedures and standards relating to information security. Go to the PTC Intranet at for additional information.

Security Objectives Learn good computing practices. Policies. Procedures. Security web site. Security communications. Incorporate these practices into your everyday routine. Report potential security incidents. If you suspect that there is an issue, it just may be a problem.

What are the consequences for security violations? Risk to security and integrity of personal or confidential information. e.g. identity theft, data corruption or destruction, unavailability of critical information in an emergency, etc. Loss of valuable business information. Loss of employee and public trust, embarrassment, bad publicity, media coverage, news reports. Costly reporting requirements in the case of a compromise of certain types of personal, financial and health information. Internal disciplinary action(s) up to and including termination of employment, as well as possible penalties, prosecution and the potential for sanctions / lawsuits.

The different modules of this tutorial will: Discuss the risks to your computer and the data it contains. Provide some guidelines for avoiding risks. Suggest some practical and easy solutions. Please review these modules at your convenience.