Presentation is loading. Please wait.

Presentation is loading. Please wait.

UNIT 4 Security Protocols. Seminar Topics Assignments this week Metadata – what is it? Security Protocols Next week—no seminar, no discussion—MIDTERM!!!

Published byWhitney Kennedy Modified over 8 years ago

Similar presentations

Presentation on theme: "UNIT 4 Security Protocols. Seminar Topics Assignments this week Metadata – what is it? Security Protocols Next week—no seminar, no discussion—MIDTERM!!!"— Presentation transcript:

1 UNIT 4 Security Protocols

2 Seminar Topics Assignments this week Metadata – what is it? Security Protocols Next week—no seminar, no discussion—MIDTERM!!!

3 Assignments This Week 1 seminar Discussion (1 question) (graded) Test

4 Why is Information Security Important? Legal professionals and clients depend on computers and technology to communicate about their cases Because of this, law offices, courts, and clients depend upon computers to keep cases moving along It’s vital that the information that is disseminated via the computer remains as secure as possible so that client confidences and not revealed

5 Metadata Metadata is data about data Metadata is typically hidden from average user Can disclose work product or client confidences Metadata tracks info. about documents attached to electronic file

6 Different kinds of Metadata System Metadata -data such as file names, size, and location Content Metadata -Information about the contents of a document.

7 System Metadata

8

9 Content Metadata Word Document Example

10 Content Metadata Word Document Example

11 Content Metadata Word Document Example

12 Metadata of IRS 1040 Form

13 Metadata & Social Networking Facebook: photos uploaded are “tagged” Websites in search engines use “tags” (keywords) Susceptible to malicious software Not very secure Compromises security of your address book and contact lists People aren’t always cautious about what they post # judges & attorney suspensions reported

14 Metadata in Photos More cameras collect large amount of potentially powerful metadata that can be viewed in Photoshop, Acrobat or Windows Much harder to remove Can be VERY useful info.

15 Content Metadata – how to “Scrub” Inspect for Metadata

16 Content Metadata Inspect for Metadata

17 Content Metadata Inspect for Metadata

18 Producing Metadata in eDiscovery Forensic data gathers all data initially, and exactly as it was on the media imaged Forensic data gathering through vendor is more expensive than in-house copying of files by client List of specialists located at: http://www.datarecoverycompanies.com/computerfo rensics.html http://www.datarecoverycompanies.com/computerfo rensics.html

19 Metadata in Courts Issue: whether metadata is part of public record and must be preserved by federal government when responding to requests for information filed under Freedom of Information Act (FOIA)? Government: FOIA requests to discovery in civil litigation Answer: N.Y., W.A., & A.Z. say “yes” Reason: “[C]ertain metadata is an integral or intrinsic part of an electronic part of an electronic record.” –N.Y. District Court (2/7/11)

20 Ethical Issues – Removing Metadata What ethical considerations do you think are involved with removing metadata in a law firm? Are there any ethical considerations for not removing it?

21 Security Protocols The term “security protocols” refers to securing communications between points within a computer network and across the Internet. There are software programs that can limit the ability to access a file server, workstations, printers, etc. that are on the network.

22 Network Rights and Privileges How can the right to access the server and other devices be limited to maximize security? First, who has access can be indicated. Network administrators have the most rights. Second, it can be designated just what type of information can be stored on the server. Third, how the information is disseminated can also be restricted.

23 Passwords Restricting network access by requiring passwords can add security Writing down your passwords can increase risk of unauthorized use VPN – Virtual Private Network, a secure connection to a secure network, such as the office network. This acts as a tunnel to the secure network. What about “thumbprint devices” and “retinal scans?”

24 Permissions A set of attributes that specifies what kind of access a user has to data or objects in a database

25 Firewalls Firewalls serve to limit access to a computer or a system by those outside the computer or system with unauthorized access But sometimes firewalls can prevent you from accessing some information that you need or working from an offsite location

26 Antivirus Plus Firewall Example (FREE)

27 Viruses Programs that destroy or compromise the running of computer programs and operating systems are known as computer viruses Antivirus programs work to prevent viruses from attacking a computer beforehand Some viruses can cause a computer to be completely ruined or can slow a computer’s speed

28 Antivirus Example

29 Prevention from Downloading Viruses Be careful when opening attachments on email. If the source is unknown, you may not want to open or download that. Update your antivirus software frequently. Most are set to expire or have automatic updates to remind you.

30 Email I received Recently!

31 Windows Updates

32 Backing Up Data One of the most important things to remember to do is to back up your work while you are working and when you are done. USB sticks are great for storing data, but many computers also have an internal recovery system that works well too.

33 Data Breaches Mean More Than Bad Publicity Hannaford Brothers Co. On March 17, 2008, Hannaford announced that cyberbandits had breached its system, obtaining access to personal-financial information of nearly 4.2 million customers. Just three days after the announcement, plaintiffs' lawyers filed four class actions against Hannaford. Since then, lawyers have filed an additional 12 complaints, requiring Hannaford to defend litigation from Florida to Maine.

34 TJX TJX, a retailer that operates T.J. Maxx and Marshall's stores, faced a federal investigation and an onslaught of follow-on civil litigation after announcing a breach widely reported as the largest data-security breach in U.S. history where computer "hackers" stole at least 45.7 million credit and debit records.

35 State Laws State laws also help to guide how to proceed once a security breach has occurred. For a listing of every state’s laws on this subject, go to http://www.consumersunion.org/campaigns/Breach_law s_May05.pdf http://www.consumersunion.org/campaigns/Breach_law s_May05.pdf

36 Practice Questions

37 Practice Question # 1 ABC Law Firm has 20 associates and 5 legal assistants. Every associate and secretary has a computer that is part of a network. To make things easy, they give everyone the same password, and the password never lapses or expires. What is wrong with this?

38 Answer to Practice Question # 1 An outsider can readily obtain access to internal systems because password policies are weak. User accounts could be compromised and full access to network controllers can be had by some not authorized to use the network.

39 Practice Question # 2 Suppose the ABC law firm gave everyone in the office administrator access. What is the problem with this?

40 Answer to Practice Question # 2 Once on the network, any staff member could then defeat security settings and could potentially access all information on the network. Merely assigning administrator access inside the firm would not enable outside hackers unless staff gave out the information.

41 Practice Question # 3 As a regular part of doing business, the ABC law firm sends and receives attachments via email without routinely running an antivirus program. What is wrong with this?

42 Answer to Practice Question # 3 Attachments sent via email may carry viruses. Viruses and worms can spread quickly to large numbers of computers. An intruder finding a hole somewhere in the network could easily jump straight to the core of the system.

43 Do you have any questions?

Download ppt "UNIT 4 Security Protocols. Seminar Topics Assignments this week Metadata – what is it? Security Protocols Next week—no seminar, no discussion—MIDTERM!!!"

Similar presentations

Business Development Suit Presented by Thomas Mathews.

Business Development Suit Presented by Thomas Mathews.
Mr C Johnston ICT Teacher

Mr C Johnston ICT Teacher
Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an email from a stranger – it may contain viruses that.

Internet Safety Basics Never share names, schools, ages, phone numbers, or addresses. Never open an from a stranger – it may contain viruses that.
Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.
Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.

INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the common cold of modern technology. One e-mail in every 200 containing.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.

INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Quiz 2 - Review. Identity Theft and Fraud Identity theft and fraud are: – Characterized by criminal use of the victim's personal information such as a.

Quiz 2 - Review. Identity Theft and Fraud Identity theft and fraud are: – Characterized by criminal use of the victim's personal information such as a.
 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.

 Lesson 05: Computer Maintenance. Keep Software Up-To-Date Patches Security Holes Improves Software Stability Improves Software Performance Adds.
New Data Regulation Law 201 CMR 17.00. TJX Video.

New Data Regulation Law 201 CMR TJX Video.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Chapter 11 Security and Privacy: Computers and the Internet.

Chapter 11 Security and Privacy: Computers and the Internet.
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
Data Security.

Data Security.
Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.

Staying Safe. Files can be added to a computer by:- when users are copying files from a USB stick or CD/DVD - downloading files from the Internet - opening.
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.

Similar presentations

Ads by Google