Charles Garrett

ISSA:MSC

MAKING SECURE CHOICES

2

OBJECTIVES• Show how much information can be found on the internet

• Provide best practices when it comes to information sharing.

• Learn how to develop strong passwords

• Learn how to use mobile devices securely.

3

PROFESSIONAL WEBSITE

4

PROFESSIONAL WEBSITE

5

PERSONAL INFORMATION • Full Name

• Date of Birth or Age

• Phone number

• Location

• Financial Information

• Schedule (What you do and where you go.) (Ex. Checking in on social media)

6

WEB PAGES/IDENTIFIERS • Profiles

• Newsgroup Postings

• Social Networking profiles

• Personal or Business Websites

• Newspapers

• Ebay

• General Web Presence

• Screen Names or Email Addresses

7

INFORMATION GIVEN UP • Screen names and email addresses shouldn’t tell anything about you.

• Poor Ex.

1. John12343

2. GADAWGSLUVA

3. Lucy_Waycross12343

8

BETTER SCREEN NAMES• B!@ck&Ye1L0W

• Keychains101

• PepperSpray

9

ACTIVITY: INFORMATION GATHERING• HINTS:

1. Use whole name (can include initials)

2. Use quotes

3. Search with name forward/backward

4. Use quotes spaces with phone numbers and addresses

10

PASSWORD DEVELOPMENT• Bad examples:

• Password

• Qwerty

• 123456

• Any word in the dictionary

• Good Examples. Hint Passphrase

• b!@ck&yE1L0w

• q@w4dgf*542

11

PASSWORD DEVELOPMENT• Basic Concepts

• Length of Password (8 char min. 10+ < Preferable)

• Complexity of Password (As random as possible)

• Use lowercase, uppercase, numbers, and symbols in a random sequence.

12

PASSWORD TIPS• Create a unique password for each account.

• Never share or write down your password.

• Use a passphrase so it is easy to remember.

• Change passwords if your email or system has a virus.

13

WORKING REMOTELY

• Working remotely provides many professionals with the freedom to complete work related tasks from almost any location.

• The challenge is that many are unaware of the security vulnerabilities and regular maintenance required to protect their devices.

14

BEST PRACTICES: SOFTWARE• Ensure virus protection is installed, enabled, and up to date.

• Ensure Windows Firewall is turned ON.

• Ensure all software applications like Java and Flash are up to date.

• NEVER install software that is not necessary for work related tasks.

• NEVER allow non-BBBS employees to use installed software.

15

BEST PRACTICES: PASSWORDS• Protect passwords that are used to access BBBS information.

• Ensure your machine have STRONG passwords.

• Ensure that passwords are changed a MINIMUM of 6 months.

• Ensure all mobile devices have a timeout function that lock the screen.

• NEVER use the “Remember this password” function in an internet browser.

• Use software like LastPass to properly secure passwords.

16

BEST PRACTICES: INFORMATION MANAGEMENT• Invest in a backup solution and back it up once every two weeks. (flash drive, external

HD, etc.)

• Protect devices by enabling a lock and wipe function on mobile devices such as tablets and smartphones.

• ALWAYS ensure that all BBBS information is encrypted.

• Remove unnecessary information when it is no longer needed on the machine.

• Ensure that when you work remotely that you do not leave your computer unattended for any period of time.

17

SOURCES• GBI Cyber Security Awareness