device security & protection - grand computers€¦ · •stick with os app store for apps...
TRANSCRIPT
Device Security
& Protection Leon Chapman
Joe Parla Grand Computers Club
NT SIG March 16, 2016
Mind Reader Demo
iPhone 7 Rumors
Samsung VR Rollercoaster
3/16/2016 2 www.grandcomputers.org
How Tech Reveals Us Personal Info Found Online
• Photos 60%
• Birth date 50%
• Email address 46%
• Employer 44%
• Home address 30%
• Cell phone # 24%
• Video 24%
• Political party 20% 3/16/2016 3 www.grandcomputers.org
“Resonate” by Nancy Duarte
Trouble Makers
Threats to data loss:
• 42% hardware failure
• 30% human error
• 13% software corruption & “bit rot”
• 7% viruses, malware, spyware
• 5% theft, ransomware
• 3% other
3/16/2016 www.grandcomputers.org 4
Privacy Strategies Popular actions currently used
• Clear browser history & cookies 64%
• Delete social network posts 41%
• Disable 3rd party cookies 41%
• Use temp email service 26%
• Encrypt communications 14%
3/16/2016 5 www.grandcomputers.org
Pew Research Center, 2013
Helpful Tools
Helpful tools (use with caution)
• Malwarebytes (malware removal)
• CCleaner (registry & system cleaner)
• Secunia software updater (may be taking new direction)
• Glary Utilities (multipurpose tool)
• Slim Computer (multipurpose tool)
• Cocktail for Mac (multipurpose tool)
3/16/2016 www.grandcomputers.org 6
Tune-up to Improve Security
• Keep software up to date
• Regularly defragment your hard drive
• Check for viruses and other malware
• Spring clean your web browser
• Limit startup programs
• Get rid of unwanted programs
• Remove temporary files
• Backup data, devices, & drives
3/16/2016 www.grandcomputers.org 7
GAO Study
• Passwords are not enabled
• Two-factor authentication not used
• Wireless communication not encrypted
• Devices can download apps with malware
• Devices do not have security software
3/16/2016 www.grandcomputers.org 8
GAO Study
• Operating systems are out-of-date
• Apps on devices are out-of-date
• Devices do not limit Internet connections
• Devices have unauthorized modifications
• Communications channels are poorly secured
3/16/2016 www.grandcomputers.org 9
Ways to Protect Yourself
Protect the data
• Use passwords correctly
• Consider storing important data on separate media
• Encrypt files
• Install and maintain anti-virus software
• Install and maintain a firewall https://www.us-cert.gov/ncas/tips/ST04-020
3/16/2016 www.grandcomputers.org 10
Ways to Protect Yourself
Protect the device
• Stick with OS App Store for apps
• Use gestures or long passwords
• Back up your data
• Choose your Wi-Fi networks wisely
• Read the fine print on apps (EULA)
• Have a "remote control" function
CSO Security & Risk
3/16/2016 www.grandcomputers.org 11
Ways to Protect Yourself
Protect the device
• Less is more when it comes to apps
• Have a backup plan
• Consider mobile security software
• Be wary of fake SMS (text messages)
• Auto-lock your devices
CSO Security & Risk
3/16/2016 www.grandcomputers.org 12
Ways to Protect Yourself
Use multiple types of authentication
• Something you know (password)
• Something you have (one-time code or smart card)
• Something you are (fingerprint or other biometric method)
• Somewhere you are (GPS/IP location, real-time-photo)
3/16/2016 13 www.grandcomputers.org
Ways to Protect Yourself
• Use anonymous service
• Encrypt email (OpenPGP)
• Encrypt disks, flash drives, file (VeraCrypt)
3/16/2016 14 www.grandcomputers.org
Ways to Protect Yourself
Web browsing
• Tor browser
• Lock down browser (CERT)
• Use multi-factor logon
• Use https with Chrome when possible
• Enable two-step authentication on your Amazon account
3/16/2016 15 www.grandcomputers.org
Ways to Protect Yourself
Cloud services
• Encrypt sensitive data or do not use
File storage & archive
• Create private cloud (PogoPlug)
• Encrypt portable drives
3/16/2016 16 www.grandcomputers.org
Ways to Protect Yourself
Social networking
• Limit use of these sites
• Monitor what “friends” post about you
Location data
• Avoid using Foursquare
• Minimize apps that use location info
Wireless services
• Limit use of BlueTooth & free Wi-Fi 3/16/2016 17 www.grandcomputers.org
Ways to Protect Yourself
Search engines
• Use trackless search engines like DuckDuckGo
Personal security
• Use stronger password & passphrases
• Use a password manager
3/16/2016 18 www.grandcomputers.org
Manage Your Passwords
• About LastPass
– Number 1 Rated
–Encryption on Workstation
– Free for Web
– $12 for devices
– Support for All Browsers and OS
–Can support USB one-time-passwords
3/16/2016 www.grandcomputers.org 19
Where To Get It
www.lastpass.com
3/16/2016 20 www.grandcomputers.org
Where To Get It
www.lastpass.com
3/16/2016 21 www.grandcomputers.org
You Can Always See Your Vault
www.lastpass.com
3/16/2016 22 www.grandcomputers.org
Tools & Software • 20 security apps for Androids &
iPhones
• 20+ best FREE security tools
• How To Encrypt Data on Your Smartphone
• Top 3 Android security apps: Do they protect?
3/16/2016 www.grandcomputers.org 23
Tools & Software • 10 Android Security Applications to
Keep Your Mobile Devices Safe
• 10 Helpful iPhone Security Apps
• Find My iPhone Demo
3/16/2016 www.grandcomputers.org 24
Advice • National Cyber Awareness System
• Securing Your Web Browser
• 9 hacking, phishing & social engineering lies
• 10 tips for Android security
• How Do I Protect the Information on My Mobile Phone?
3/16/2016 www.grandcomputers.org 25
Advice • How to Wipe Your Device Before
Donating?
• Erase Your Info Before Donating A Cellphone
3/16/2016 www.grandcomputers.org 26
Next Meeting
Augmented &
Virtual Realities
Wednesday, April 20, 2016
4:00-5:30pm
Havasupai/Maricopa Rooms
Chaparral Center
3/16/2016 27 www.grandcomputers.org
Next Meeting
Samsung VR Rollercoaster
VR Headphones Stimulate Inner Ear
3/16/2016 28 www.grandcomputers.org
Questions???
3/16/2016 www.grandcomputers.org 29