1 / 20

Computer Security Beyond the Serpentine Walls

Computer Security Beyond the Serpentine Walls . New Horizons Conference May 23 rd , 2007 Shirley Payne & Marty Peterman UVa IT Security and Policy Office. Agenda. Vulnerabilities and Risks Tips and tools before you go Device Requirements on the road Checklist Q&A throughout.

Roberta
Télécharger la présentation

Computer Security Beyond the Serpentine Walls

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Computer Security Beyond the Serpentine Walls New Horizons Conference May 23rd, 2007 Shirley Payne & Marty Peterman UVa IT Security and Policy Office

  2. Agenda • Vulnerabilities and Risks • Tips and tools before you go • Device Requirements on the road • Checklist • Q&A throughout

  3. Serious Security Vulnerabilities • Out of date software • Lack of effective anti-virus and anti-spyware software • Weak security settings on browsers • Weak passwords • Software firewalls not activated

  4. Serious Security Vulnerabilities - continued • Unencrypted sensitive data • Use of unsecured wireless • Use of improperly maintained public computers • Unattended mobile devices and electronic media

  5. Risk of Exploited Vulnerabilities Can Vary With Location • University provides: • “More Secure Network” that prevents certain attacks • Automatically updated software • Encrypted wireless network (“cavalier” & “jefferson”) • Encrypted wired connection to email, home directory, and other services

  6. Contrast to….

  7. Or...

  8. Vulnerabilities Increase the Risk of: • Mobile devices being stolen • Computer being rendered unusable by virus or worm • Private data being captured by stealth, keylogging software • Sensitive data being copied, modified or deleted by or exposed to unauthorized individual

  9. Risk To Sensitive Data Is Huge! • A total of 1.9 billion reported compromised records from 1980-2006¹ • Trend is toward: • More sophisticated criminal attacks • Increasing # of incidents where motive is exploit of personal data for profit • However, there are many steps individuals can take to prevent such attacks ¹Source: Phil Howard & Kris Erickson, University of Washington study, March 12, 2007

  10. Before You Go, Secure Your System • Configure operating system, browser, word processing and other software to automatically update. • Obtain free anti-virus and anti-spyware software for office and home computers. Configure for automatic update and regular device scans. • Set security settings in browser to “medium-high” or “high”

  11. Before You Go, Secure Your System - continued • Properly configure the firewall • Use strong passwords • Tips for securing systems - http://www.itc.virginia.edu/security/device-requirements.html

  12. Before You Go, Secure Your Data • Delete or de-identify non-essential sensitive data • Common sense tips - http://www.itc.virginia.edu/security/ • Examples of legally protected data -http://www.itc.virginia.edu/security/ • Tool - Spider will search for hard drive data appearing to be SSNs or credit card #s - https://www.itc.virginia.edu/security/identityfinder

  13. Before You Go, Secure Your Data - continued • Encrypt sensitive data that cannot be removed • Encryption Guidance - http://www.itc.virginia.edu/security/mobile/encryption.html • Create data backup and store in safe place

  14. Before You Go, Prep for Secure Remote Access • Install UVA-Anywhere to enable: • Remote use of the Home Directory Service • Access to UVa-licensed online databases, news resources, and software • Encrypted data transmission • Access to UVa Email server without reconfiguration • Tips and tool - http://www.itc.virginia.edu/network/vpn/

  15. Off You Go!

  16. When On The Road, • Be wireless wary. Prevent unintentional connections to untrustworthy wireless networks • Disable file and print sharing • Device Requirements - http://www.itc.virginia.edu/security/

  17. When On The Road, • Never key passwords or other sensitive information into public computers that may not be properly secured. Hidden software that captures every keystroke may be installed. • Keep mobile devices and electronic media with you at all times or under lock and key • Call UVa if you suspect or know your password or sensitive data have been stolen or otherwise compromised

  18. Checklist • Software up to date • Anti-virus and anti-spyware software installed • Strong security settings on browser • Strong passwords • Software firewall activated

  19. Checklist - continued • Sensitive data purged or encrypted • Data backup stored in safe • Got UVa-Anywhere • Choosing wireless networks carefully • Steering clear of improperly maintained public computers • Watching mobile devices and electronic media like a hawk

  20. IT Security and Policy Office it-spo@virginia.edu

More Related