1 / 24

Security Liaisons Information Presentation

Security Liaisons Information Presentation. <Security Liaison’s Name> <Date>. Introduction. What’s the big deal with computer security? Don’t we have an IT security department to take care of this? [Explain users’ role in IT Security] [Who you are]. Facts.

hamal
Télécharger la présentation

Security Liaisons Information Presentation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Liaisons Information Presentation <Security Liaison’s Name> <Date>

  2. Introduction • What’s the big deal with computer security? Don’t we have an IT security department to take care of this? • [Explain users’ role in IT Security] • [Who you are]

  3. Facts • Major security breaches are the result of users: • Not protecting credentials • People responding to phishing • Responding to pop up “your computer is at risk” ads • Losing cell phones and laptops, with no password protection • Let’s break it down into some statistics: • About 63% of all major security breaches are caused by user error http://www.channelbiz.co.uk/2012/06/12/internal-security-breaches-cause-businesses-most-concern/ • Worldwide about 23% of people will respond to spear-phishing attacks, with 70% of people responding to directed phishing attacks http://www.scmagazine.com/infosec-23-percent-of-users-fall-for-spear-phishing/article/128480/

  4. Facts (cont’d) • More statistics (http://www.verizonbusiness.com/about/events/2012dbir/) : • 96% of all data breaches were not highly difficult • 97% were avoidable through simple or intermediate controls • 69% incorporated malware • 81% of incidents used a form of hacking (through phishing, drive-by downloads, etc) • 79% of victims were targets of opportunity

  5. Things You Can Do • Secure your computer • Use strong passwords • Watch for phishing • Use social networking cautiously • Do not store highly sensitive data • How? • Contact your Security Liaison for additional resources or contact the ITU Support Center for more information on how to protect yourself and your data!

  6. Phishing

  7. Phishing • What is phishing? • Phishing is a form of social engineering that uses e-mail or malicious websites to solicit personal information by posing as a trustworthy organization. • What does a phishing email look like? • False Sense Of Urgency • Suspicious-Looking Links • Not personalized • Misspeld or Pooooorly Written • Sender not known

  8. Phishing (cont’d)

  9. Phishing (cont’d)

  10. Phishing (cont’d) • What can happen? • Phishing Attacks Lead to Identity Theft - When users respond with the requested information, attackers can use it to: • Empty your bank account • Open new credit cards • Gain employment • Give your name to the police during an arrest • Specific to Mason: • Your Mason UserID gives access to: • Patriotweb/Internet Native Banner • Student/Employee Personal information • Financial information • Mason Money • MyMason

  11. Phishing (cont’d) • How to protect yourself: • Be cautious about opening attachments in e-mails • Be very cautious about downloading files • Be suspicious of unsolicited e-mails asking for information • If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company. • Pay attention to the URL of a website • Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net).

  12. Password Security

  13. Password Security • Use a secure password • Length first, then complexity • At least 10 characters • Mixed alphanumeric, upper/lower and special characters • Try using a passphrase instead – makes it harder to crack! • Use a password safe to store your passwords • Never use chain-link passwords – i.e. never use the same password for all your accounts • Never link accounts

  14. Securing Your Web Browser

  15. Securing Your Web Browser • Web browser security: • Understand what risky behavior is • Beware of untrusted web sites • Don’t click the fake anti-virus button, instead end the process – do not just close your browser. • Beware of downloading plugins and add-ons • Secure your internet browser • Manage plugins • Disable Java**, JavaScript, and ActiveX • For more details, please visit http://itsecurity.gmu.edu/Alerts/upload/Securing-Home-Network-Part2.pdf

  16. Social Networking

  17. Social Networking • What is social networking? • Social networking service is defined as an “online service, platform, or site that focuses on facilitating the building of social networks or social relations among people who, for example, share interests, activities, backgrounds, or real-life connections.” (http://mashable.com/follow/topics/social-networking/) • Social Networking Sites (to name a few): • Facebook • Twitter • LinkedIn • MySpace • Google + • Pinterest

  18. Social Networking (cont’d) • Privacy settings are key: • Why do we need them? • Won’t that make it harder for people to find us and friend us? • How do they work? • What do I need to do?

  19. Social Networking (cont’d) • Tips for safely using social networking: • Be conscious of what you write. It’s the internet, nothing is ever truly private. • Avoid posting your plans, particular personal information, etc. • Do not state your location. • Make sure you have your privacy settings in place. • Be careful what you allow your friends to tag you in. • Don’t accept friend requests from people you don’t know. • Be careful when playing games and apps that ask for personal information. They can sell that to third-party vendors. • Make sure your passwords are strong and are not the same for every site. • Never use your Facebook or Twitter as logins for other sites.

  20. Social Networking (cont’d) • Social Networking • Proof that nothing is private: • “We Know What You’re Doing” – http://www.weknowwhatyouredoing.com • Takes revealing posts and makes them public, proving you’re not always as private as you would like to hope. Again, think before you type. • Failbook – http://failbook.com • Embarrassing and funny Facebook statuses. If you’re not careful, you could end up on this site. • Again, THINK BEFORE YOU POST.

  21. Things You Can Do

  22. Things You Can Do • Secure your computer • Use strong passwords • Watch for phishing – DO NOT respond • Use social networking cautiously • Do not store highly sensitive data

  23. If you think there is a problem… • Contact the IT Support Center if there is a suspected problem, or if you know you have a problem. • ITU Support Center x3-8870 support@gmu.edu

  24. Important Contacts • <Security Liaison Name, Title> <SL email> <SL extension> • IT Support Center support@gmu.edu 3-8870 http://itservices.gmu.edu • Sarah Morehouse, Communications Coordinator, IT Security and Project Management Office smoreho3@gmu.edu 3-2906 http://itsecurity.gmu.edu

More Related