Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protect Your Computer Protect Your Work Computing & Communications.

Similar presentations

Presentation on theme: "Protect Your Computer Protect Your Work Computing & Communications."— Presentation transcript:

1 Protect Your Computer Protect Your Work Computing & Communications

2 We Are All Networked Now!  We connect to networks to do our work.  Read email  Use administrative applications  Browse Web sites  Standalone (not networked) computers are rare.

3 Networked Computers are Vulnerable  Physical locks and a password-protected screensaver are not enough.  Attacks happen through the network:  Through operating system weaknesses  In email attachments  Through shares and peer-to-peer programs

4 Attacked If You Do…  Open an unknown email attachment  Believe everything your read, such as messages that promise wealth if you open an attachment  Believe that your bank account was compromised because an email “from your bank” said so  Download an unknown program from the Web (such as a free screensaver)  Trade lots of unknown files, such as with peer-to-peer programs like Kazaa  Share your password with others

5 Attacked If You Don’t…  Run an anti-virus program  Keep up with anti-virus data updates  Keep up with operating system updates (patches)  Change default passwords (such as password for the administrator account)  Run a firewall either on your computer or on your network

6 Once Infected, Your Computer is Dangerous Your computer...  Could be used to attack and infect other computers  Could be used to send out thousands of spam email messages in your name  Could burden or disrupt campus networks with high volumes of messages  Could cause all of the University’s email to be blocked by major service providers (AOL, Yahoo, Hotmail etc.)

7 Infected Computers May Be Blocked  C&C watches UW networks for infected computers  If infected computers are not cleaned up promptly, their network access may be blocked to protect other UW computers  When the computer is cleaned up, you can request that your network access be unblocked

8 What C&C Is Doing  Scanning UW email for viruses  Removes around 1.6 million viruses a month from UW email  But not all email goes through C&C central systems  Limiting network access or disabling the network wall ports of infected computers  Working with support staff to respond to attacks

9 A Well Managed Computer Is A Secure Computer

10 Who Manages Your Computer?  Generally, people are in one of three situations:  Network-managed workstations  Supported workstations  Do-it-yourself  What you do depends on which situation you are in.

11 Network-Managed Workstations  Software is installed and operating system updates are done through the network.  Example: Nebula (  Your role  Do not install or change anything without explicit permission.  Do not change computer settings, such as turning the firewall on or off.  Do not shut down the computer. Log out instead so that updates can be done while you are gone.

12 Supported Workstations  A specific person comes and does software installs and OS updates  Your role  Discuss with your support person what you should do and what you should not do.  Should you run a firewall?  When are operating system and anti-virus data updated and how are the updates initiated (automatic, manual, etc.)?

13 Do-It-Yourself  You have no assigned support person. You and your friends must do it on your own.  In case of Windows XP, Service Pack 2 (SP2) is your friend. Use the new “Security Center”  Security management is your responsibility  Operating system updates  Software updates  Anti-virus program (get it from the UWICK)  Firewall  Anti-spyware program

14 Which Situation Are You In? Your situationYour Role Network-Managed Workstations Do not change anything without explicit permission Supported WorkstationsTalk to your support person about what your role is Do-it-YourselfGet patches from OS Vendor

15 Managing a Computer  Every computer needs management!  BEFORE YOU CONNECT – Things to do before you connect a new or rebuilt computer to UW Networks  HAVE PROTECTION – Establish a security routine  BE PREPARED – Be prepared for possible trouble  BE SKEPTICAL – Don’t be fooled into helping attackers

16 BEFORE YOU CONNECT BEFORE connecting to any network, take the following steps:  Apply operating system updates  Install anti-virus program  Reset default passwords  Turn off file sharing  Turn on a firewall The UWICK the anti-virus program.

17 HAVE PROTECTION  Establish a security routine.  Automate your operating system updates  Automate your anti-virus updates  Use the XP SP2 Security Center to manage your security settings  Regularly do software updates  Regularly run an anti-spyware program  Run a firewall  Do not use accounts with administrator rights to do your daily work

18 BE PREPARED  Be ready for failures and infections.  Backup your files regularly  Be prepared to rebuild  Have installation CDs and software  Have a plan for getting OS updates  In case of infection  Obtain the most recent anti-virus updates  Run scan/reboot/scan/reboot… until fixed  You may have to rebuild your system  Plan for upgrading  Support is fading for Win98 and MacOS8, Win2K or XP without any service packs

19 BE SKEPTICAL  Do not open unexpected attachments  Do not download unknown programs from the Web (such as free screensavers)  Do not trade lots of unknown files, such as with peer- to-peer programs like Kazaa  Do not share your password with anyone  Do not “shoot the cockroach to get a free iPod” – do not click on pop-up “free offers”  Do not believe in amazing offers and unlikely stories

20 Which Situation Are You In? Your situationYour Role Network-Managed Workstations Do not change anything without explicit permission Supported WorkstationsTalk to your support person about what your role is Do-it-YourselfGet patches from OS Vendor Again...

21 Our Greatest Vulnerabilities  Unmanaged computers  Spyware, “Spam-Bots” and Viruses  Social Engineering  Visitors Computers  Donated, unsupported software

22 Unmanaged Computers  Computers that are not receiving regular, systematic care  Personal computers  Home computers  Older computers kept around “for whoever needs them”  The UWICK has anti-virus software

23 Spyware, “Spam-Bots” and Viruses  Spyware can disclose personal information such as passwords, credit card numbers, SSN, or PHI to third parties  “Spam-Bots” infect computers and relay thousands of spam emails through them, causing all of UW to become “blacklisted” by other email providers  Viruses can destroy data, open computers to outside control and cause network outages

24 Social Engineering  Attackers try to tempt or fool users into running malicious programs on their computer  Opening an infected attachment will run the file it contains  Do not download and install unknown software  Cute screensavers can bring along nasty viruses and spyware  Looking authentic is not the same as being authentic  Microsoft never sends out fixes by email  Banks never send out email asking you to verify your account data online  Be suspicious of anyone who asks for your credit card number, Social Security number, or PIN number  C&C consultants never ask for your password

25 Visitors’ Computers  Visitors’ infected computers will try to attack other computers once they connect to our networks  Salesmen  Visiting professors or speakers  Visitors often not aware of security issues  You are responsible if you help them connect  Is their operating system up-to-date?  Are they running anti-virus software?  Is their computer behaving oddly

26 Donated and Unsupported Software  Distributing software without good information on how to properly manage it is dangerous  If you provide software for students or staff, you are responsible for security issues  May require updates after installation to be secure  Example: SQL Server 2000 is susceptible to the Slammer worm unless it is updated (patched)  Do not recommend software you have not carefully evaluated  Much shareware comes with hidden spyware or viruses

27 Summary  Every computer connecting to UW networks should be managed  Be cautious  Be suspicious  Work together A Well Managed Computer Is a Secure Computer

28 C&C Security Team

Download ppt "Protect Your Computer Protect Your Work Computing & Communications."

Similar presentations

Ads by Google