IT Security Awareness

Jabatan Kesihatan Negeri Melaka

Agenda

• Introduction

• Clean Desk Policy

• Data Management

• Removable Media

• Safe Internet Habits

• Physical Security and Environmental Controls

• Social Networking Dangers

• Email Scams

• Malware

• Password

• Mobile Security

Bastion Solution Sdn Bhd 2

Introduction

Bastion Solution Sdn Bhd 3

Why is it important?

Personal safety Organization safety

IT Security is the information security which is applied to technology and computer systems. It focuses on protecting computers, networks,

programs and data from unauthorised access or damage.

Clean Desk Policy

• Sensitive information on a desk such as sticky notes, papers and printouts can easily be taken by thieving hands and seen by prying eyes.

Bastion Solution Sdn Bhd 4

Data Management

• There are numerous types of data (such as a backup copy of customer contracts or mission statements) and a lot of employees may not be aware of this fact.

• Protect important information from unethical people

Bastion Solution Sdn Bhd 5

Removable Media

6

• Unauthorized removable media may invite data security issues, malware infection, hardware failure, and copyright infringement.

Bastion Solution Sdn Bhd

Safe Internet Habits

• Disable pop-up windows, as they invite risks

• Do not install program from unknown source

• Ensure HTTPS protocol is used while browsing to important website (banking, online payment, etc)

• Avoid opening phishing pop-up/emails and do not open malicious attachments or click on suspicious links

Bastion Solution Sdn Bhd 7

Physical Security and Environmental Controls

8

• Beware of ‘Shoulder Surfing’

• Leaving passwords on pieces of paper on one’s desk

• Leaving one’s computer on and not password-protected when leaving work for the night

• Leaving an office-issued phone or device out in plain sight

• Allowing visitors to wander around the work space

Bastion Solution Sdn Bhd

Social Networking Dangers

• Personal data are shared to 3rd party organization

• Children are being stalked by pedophiles

• Women are being stalked by sex offenders

Bastion Solution Sdn Bhd 9

Email Scams

• Do not trust unsolicited emails

• Do not send any funds to people who request them by email, especially not before checking with leadership

• Always filter spam

• Configure your email client properly

• Install antivirus and firewall program and keep them up to date

• Do not click on unknown links in email messages

• Beware of email attachments. If you get one from what looks like a friend, contact them independently to ensure that they actually sent it

Bastion Solution Sdn Bhd 10

Malware

• Types of malware adware, spyware, viruses, Trojans, backdoors, rootkits, ransomware, botnets, logic bombs and armored viruses.

Bastion Solution Sdn Bhd 11

Password

• Password is a secret word or phrase that must be used to gain admission to a application/system

• How do we secure password?

• Change password regularly (every 6 months)

• Choose a word that you can easily remember without having to write it down

• Use upper case, lower case, numbers and special characters

• Example:

• m@Lays1A2019

• !!!Vap30fF$$$

• 19#eLL0K@waN

Bastion Solution Sdn Bhd 12

Mobile Security

Bastion Solution Sdn Bhd 13

Lock your phone with a password or fingerprint detection

Back up phone data to ‘The Cloud’

Avoid third-party apps. Use official App Store to download (Google Play, App Store)

Avoid jailbreaking your iPhone or rooting your Android

Update operating systems often

Use public Wifi carefully

Summary

• Employees play a crucial role in running a successful business.

• An untrained and negligent workforce can put the organization in danger of multiple data breaches.

Bastion Solution Sdn Bhd 14