1 / 32

Information Security at Alamo Community College District

Information Security at Alamo Community College District. How important is security?.

olina
Télécharger la présentation

Information Security at Alamo Community College District

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Information Security at Alamo Community College District

  2. How important is security? "A survey by Forrester Group showed that the average company's percentage revenue spend on IT security was 0.025%. This is less than they spend on coffee. At this rate they not only will be hacked but they deserve to be hacked.“ Richard Clarke, president George W Bush's advisor on Internet security

  3. Security Defined “Security is keeping anyone from doing things you do not want them to do, with, on, or from your computers or any peripheral devices” William Cheswick and Steven Bellovin, “Firewalls and Internet Security - Repelling the Wily Hacker”

  4. Why Educate Users on Security? • Nothing of importance on PC • Technology can’t solve the Security Problem • Internal Threats exist • Technology Security is usually Reactive. • Users need to change their beliefs, attitudes, and behavior about using technology • Threats on the Internet are increasing

  5. Cyber Crimes Soar Responses from 538 organizations: • 85% of respondents detected computer security breaches in last 12 months • 70% cited their Internet connection as a frequent point of attach • 91% detected employee abuse of Internet access privileges • 94% detected computer viruses • 64% acknowledged financial losses due to computer breaches • 23% suffered unauthorized access or misuse within the last year • 78% experienced denial of service Source: Computer Security Institute and FBI survey (2001)

  6. Security Threats • Hackers • Denial of Service Attacks • Former Employees • SPAM and Junk E-Mail • Viruses, Trojan Horses, Worms • Java, ActiveX and Script Vandals • Your Current Employees!

  7. Security Awareness Program • ACCD Security Today • Computer Use Policy (AUP) • Implement a regular backup routine • Consider physical security a priority • Install available software for protection • Access web sites with some caution • Select a password that ensures privacy • Be aware of email exposures and danger

  8. What is ACCD doing Today for Security? • Possess Firewalls to block access • Implemented Network Analyzer to scan network for unusual activity • Implemented Anti-Virus Scanner • Possess E-mail Spam Filter • Security Awareness program for you Today!!!

  9. ComputerUse Policy Computers and Networks provides access to resources to users and networks world-wide.  It requires users to act responsibly and respect the rights of other users and the integrity of the systems. Users are advised to respect and obey all laws and regulations governing the ACCD computing systems. http://www.accd.edu/is2/security/

  10. Violation of Policies • Someone using a different user’s login and password • Disrupting the normal performance of the ACCD network • Deleting Software on ACCD’s computers and network • Using email to harass others. • Accessing inappropriate sites on the Internet. • Selling access to ACCD resources, computers or network. • Masking Identity of Accounts or User Accounts. • Any violation of the Email Policy. • Attempts by others to obtain your password.

  11. Reporting a Violation If you come across a violation please email: abuse@accd.edu Include: • Your name(all information will be kept confidential) • Your phone number(all information will be kept confidential) • Location where the violation occurred • Which computers or resources the violation occurred • Time it occurred • A description of the violation

  12. Most Common Security Mistakes • Poor password management • Leaving your computer on, unattended • Opening email attachments from strangers • Not installing anti-virus software • Laptops on the loose • Sharing information (and machines) • Not reporting security violations • Always behind the times (software patches) • Keeping an eye out inside the organization

  13. Why Backup Regularly • Hardware can be replaced • Application software can be reloaded • Know what you have installed • Data could be gone forever • Utilize a backup routine • Use a zip drive or simply a diskette • Store backups in secure and/or remote site

  14. Why use a Startup Disk A Startup Disk is used when: • Windows goes down and you can not get Windows to open up • You can not get a DOS prompt to appear.

  15. Startup Disks To create a Windows 98 Startup disk: • Click Start, point to Settings, click Control Panel, and then double-click Add/Remove Programs. • Click the Startup Disk tab, and then click Create Disk. • Label a disk "Windows 98 Startup Disk," insert the disk in your disk drive when you are prompted, and then click OK. • Click OK to quit Add/Remove Programs. • Remove the Startup disk, and then store the disk in a safe place. **Save your CD ROM drivers as well. These can be found on one of the original CDs or can be found on the manufacture's website.

  16. Startup Disks To create a set of Setup boot disks for Windows 2000 • Insert the Windows 2000 CD-ROM in the CD-ROM drive. • Click Start, and then click Run. • In the Open box, type drive:\bootdisk\makeboot a:, where drive is the letter of your CD-ROM drive, and then press ENTER. **Save your CD ROM drivers as well. These can be found on one of the CDs or can be found on the manufacture's website.

  17. Restoring your System Use the Startup Disk when this happens by inserting it into the drive slot and starting, or restarting, your computer. It will start from the disk, eventually bringing you to the C: prompt, where you can save data, run a DOS-based virus scan, or attempt to restore your hard drive.

  18. Software for Protection • Operating system software • Keep it updated with necessary patches • Site license for Norton anti-virus software • Keep Virus Updates recent • Run Virus Scans regularly at minimum weekly

  19. Protecting Your PC from Hackers • Add Anti-Virus Software • Update your PC’s with Patches for Windows 95/98/Millenium/2000: • Windows OS: http://office.microsoft.com • Internet Explorer & Outlook Express:http://www.microsoft.com/windows/ie/downloads/default.asp • Microsoft Office:http://office.microsoft.com/ProductUpdates/default.aspx

  20. Web Site Usage and Security • Utilize web sites with caution • Understand the implications of using the web • Downloading Music, Movies ……….. • This makes you now a Distributor! • Don’t give out personal information

  21. The Long and Short about Passwords • Your password is a very important secret • Do not post it or even write it down • Do not share it with ANYONE • Report attempts by others to obtain password • Select one you can remember • BAD – words, numbers, names, personal info • GOOD – non-words, alpha/numeric, first letters • Change your password whenever you think it has been compromised • Change your password every 90 days

  22. Passwords Are Like Underwear • Change yours often! • Don’t leave yours lying around! • The longer the better! • Don’t share yours with friends! • Be Mysterious! (Compliments of University of Michigan)

  23. Use Email With Caution • A day-to-day necessity in our world • Be aware of exposure and dangers with email • Unwanted email (Spam) or abusive email • Mail attachments – computer viruses • Request for confidential information • Email forgery • Ease of misaddressing If you notice something out of the ordinary please email: abuse@accd.edu

  24. Viruses and You What is a Virus?A computer virus piggybacks on top of some other program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Most viruses are distributed through email and have destructive intentions and abilities.

  25. Fighting off Viruses • ACCD implemented a “PureMessage” server that filters all email for potential viruses. • Install Norton Anti-virus on your computer. Each Faculty/Staff member is entitled to a copy of Norton each of their PCs.

  26. Obtaining Norton Anti-Virus • Go to http://www.accd.edu/is2/ereq/ and enter your “Email UserID” • If accepted, another screen will open with your information. Verify this information is correct and click next. If the information is incorrect press clear screen to remove the information. Then click Next upon completion. • This brings you to the Electronic Request screen. Click on “Order Computer Software/Installation.” • On this screen select the drop down box and select “Order Norton Antivirus.” • After selecting Norton Antivirus you will go to another screen and fill in the boxes. • Once the CD arrives click on the following tab for installation procedures. http://www.accd.edu/is2/security/.

  27. Spam Spam is defined as unsolicited junk e-mail or junk newsgroup postings Similarities to Spam Lunch Meat: • Nobody wants it or ever asks for it. • No one ever eats it; it is the first item to be pushed to the side when eating the entree. • Sometimes it is actually tasty, like 1% of junk mail that is really useful to some people. ***Source: Group Lab at University of Southern California

  28. Spam Statistics • In 1999, the average consumer received 40 pieces of spam. By 2005, Jupiter estimates, the total is likely to soar to 2000.The Standard • America Online estimates that spam already accounts for more than 30 percent of email to its members – as many as 24 million messages a day.The Standard • Spam constitutes 25% of all emails received. Bloodgate.com

  29. Combating Spam • Implementation of PureMessage Server • Filters out Spam before entering the E-mail Server • Also, combats viruses • Use different email accounts for online forms • Minimize who you give your email to

  30. PureMessage Server Sends ACCD users a Daily Digest of possible Spam E-mail. Users can: • If its all junk, just delete the Digest email. • If there is anything you do want, just reply to the Digest email, remove the lines of text for unwanted emails, leave only the line of text for the email you do want, then click send. • You should receive your email shortly thereafter.

  31. Keeping up to Date on Security • Visit ACCD’s IT Security Web Page: http://www.accd.edu/is2/security/ • Subscribe to the Security Listserv for Virus Updates and Additional Ways to keep educating yourself about Security at: http://www.accd.edu/is2/security/

  32. Questions???

More Related