it security awareness - jknmelaka.moh.gov.my awarenes… · it security awareness jabatan kesihatan...
TRANSCRIPT
IT Security Awareness
Jabatan Kesihatan Negeri Melaka
Agenda
• Introduction
• Clean Desk Policy
• Data Management
• Removable Media
• Safe Internet Habits
• Physical Security and Environmental Controls
• Social Networking Dangers
• Email Scams
• Malware
• Password
• Mobile Security
Bastion Solution Sdn Bhd 2
Introduction
Bastion Solution Sdn Bhd 3
Why is it important?
Personal safety Organization safety
IT Security is the information security which is applied to technology and computer systems. It focuses on protecting computers, networks,
programs and data from unauthorised access or damage.
Clean Desk Policy
• Sensitive information on a desk such as sticky notes, papers and printouts can easily be taken by thieving hands and seen by prying eyes.
Bastion Solution Sdn Bhd 4
Data Management
• There are numerous types of data (such as a backup copy of customer contracts or mission statements) and a lot of employees may not be aware of this fact.
• Protect important information from unethical people
Bastion Solution Sdn Bhd 5
Removable Media
6
• Unauthorized removable media may invite data security issues, malware infection, hardware failure, and copyright infringement.
Bastion Solution Sdn Bhd
Safe Internet Habits
• Disable pop-up windows, as they invite risks
• Do not install program from unknown source
• Ensure HTTPS protocol is used while browsing to important website (banking, online payment, etc)
• Avoid opening phishing pop-up/emails and do not open malicious attachments or click on suspicious links
Bastion Solution Sdn Bhd 7
Physical Security and Environmental Controls
8
• Beware of ‘Shoulder Surfing’
• Leaving passwords on pieces of paper on one’s desk
• Leaving one’s computer on and not password-protected when leaving work for the night
• Leaving an office-issued phone or device out in plain sight
• Allowing visitors to wander around the work space
Bastion Solution Sdn Bhd
Social Networking Dangers
• Personal data are shared to 3rd party organization
• Children are being stalked by pedophiles
• Women are being stalked by sex offenders
Bastion Solution Sdn Bhd 9
Email Scams
• Do not trust unsolicited emails
• Do not send any funds to people who request them by email, especially not before checking with leadership
• Always filter spam
• Configure your email client properly
• Install antivirus and firewall program and keep them up to date
• Do not click on unknown links in email messages
• Beware of email attachments. If you get one from what looks like a friend, contact them independently to ensure that they actually sent it
Bastion Solution Sdn Bhd 10
Malware
• Types of malware adware, spyware, viruses, Trojans, backdoors, rootkits, ransomware, botnets, logic bombs and armored viruses.
Bastion Solution Sdn Bhd 11
Password
• Password is a secret word or phrase that must be used to gain admission to a application/system
• How do we secure password?
• Change password regularly (every 6 months)
• Choose a word that you can easily remember without having to write it down
• Use upper case, lower case, numbers and special characters
• Example:
• m@Lays1A2019
• !!!Vap30fF$$$
• 19#eLL0K@waN
Bastion Solution Sdn Bhd 12
Mobile Security
Bastion Solution Sdn Bhd 13
Lock your phone with a password or fingerprint detection
Back up phone data to ‘The Cloud’
Avoid third-party apps. Use official App Store to download (Google Play, App Store)
Avoid jailbreaking your iPhone or rooting your Android
Update operating systems often
Use public Wifi carefully
Summary
• Employees play a crucial role in running a successful business.
• An untrained and negligent workforce can put the organization in danger of multiple data breaches.
Bastion Solution Sdn Bhd 14