security awareness security.nsu

Download Security Awareness security.nsu

If you can't read please download the document

Post on 05-Jan-2016

40 views

Category:

Documents

0 download

Embed Size (px)

DESCRIPTION

Security Awareness http://security.nsu.edu. Protect Your PC. Security Awareness: Protect your PC: Update. Update your OS Operating Systems are not perfect. As they get older, vulnerabilities and errors are found and exploited. Updates are intended to fix these. - PowerPoint PPT Presentation

TRANSCRIPT

  • Security Awarenesshttp://security.nsu.eduProtect Your PC

  • Security Awareness:Protect your PC: UpdateUpdate your OSOperating Systems are not perfect. As they get older, vulnerabilities and errors are found and exploited.Updates are intended to fix these.Windows has a built in feature called Automatic Updates. Enabling it will ensure your system stays up to date.http://windowsupdate.microsoft.comUpdate all other SoftwareMicrosoft Office can be updated online.Most other third party applications contain a way to update them. Many are automated.

  • Security Awareness:Protect your PC: Update

  • Security Awareness:Protect your PC: PasswordsPasswords are a primary way of accessing your or your institutions data. They need to be strong. Make sure all accounts have one.Do not use personal information. Names, addresses, nicknames, hobbies, etc are easy to guess.Do not use the same password for everythingWhen asked to change, do not use the same password with a minor change.

  • Security Awareness:Protect your PC: PasswordsStrong passwords are comprised ofMinimum of 8 charactersCombination of at least three of the followingLower case letters: a b cUpper case letters: A B CNumbers: 1 2 3Symbols: ! @ #

  • Security Awareness:Protect your PC: PasswordsPassphrases can usedTake a phrase and use the first letter of each word.Punctuation marks can be usedCapitalize some of the lettersSwitch symbols for letters

  • Security Awareness:Protect your PC: PasswordsPassphrase example:Mary had a little lamb, its fleece was white as snow.M h a l l , i f w w a s .Mhall,ifwwas.Mh411,!fWW45>

  • Security Awareness:Protect your PC: LoginDisable Automatic LoginFor newer versions of Windows, setting a password will prevent the system from booting into an accountDisable the Welcome ScreenThis is will cause Windows to use the classic login screen instead of advertising accounts that are available.

  • Security Awareness:Protect your PC: Login

  • Security Awareness:Protect your PC: AccountsWindows has two administrator accounts for users when installed.Set strong passwords for bothOnly use admin accounts for admin tasks like installing software or making operating system changesCreate user accounts for all usersThis adds privacy and security to individuals dataPrevents unauthorized users from installing software or changing the operating systemWhen online, some sites will attempt to install software, some of it is malicious in natureDisable the Guest accountThis is the default state for newer operating system, so verify

  • Security Awareness:Protect your PC: Accounts

  • Security Awareness:Protect your PC: FirewallWindows has a built in Firewall.Firewalls prevent unauthorized traffic from entering the computerExample: PCs can be remotely controlled. A firewall can prevent remote users from doing thisVerify the Windows Firewall is enabledEnabled by default in service pack 2 and above There are third party firewalls availableZoneAlarmFree for personal usehttp://www.zonelabs.comHardware based firewalls can be incorporated into routersUsed predominantly with home networksOnly use one at a time

  • Security Awareness:Protect your PC: Firewall

  • Security Awareness:Protect your PC: Anti-VirusVirus is a term that is used to refer to malicious software. In reality, it is one of many types of software that has malicious intent (malware).VirusesWormsTrojan HorsesKey-loggersetcCanDestroy dataCause hardware failuresend sensitive information to othersetc

  • Malware is spread throughEmailWeb BrowsingIntentionally included in what looks like legitimate software. The user is usually prompted for installation.Example: Gator is part of some screensaver installsIntentionally included in web siteWeb site is hacked and when visited, malware is downloadedExternal data devicesCDsExternal Hard DrivesFloppyFlash (USB) drivesRemote attacksSecurity Awareness:Protect your PC: Anti-Virus

  • Security Awareness:Protect your PC: Anti-VirusProtect your PC by installing an Anti-Virus programUpdate it daily, automatically if possible.Scan your PC on a regular basis. If possible, setup automatic scanning.Although it is possible, it is not recommended to use multiple AV programs on the same PC at the same time.Some Manufacturers will include AV software in a suite that provides other protectionExample: Nortons Internet Security includes:FirewallSpam filterParental Controls

  • Security Awareness:Protect your PC: Anti-VirusAvailableFreeAVGFree for personal usehttp://free.grisoft.comAvastFree for Personal usehttp://www.avast.comNominal FeeMcAfeeCan be purchased as part of a security suite Http://www.mcafee.comNortonCan be purchased as part of a security suitehttp://www.symantec.com

  • Security Awareness:Protect your PC: Anti-Virus

  • Security Awareness:Protect your PC: Anti-Virus

  • Security Awareness:Protect your PC: Anti-SpywareSpyware is another type of Malware. The main purpose behind Spyware is to monitor your activities and transmit them to a third party, usually, without your consent.Example: Popup AdsSpyware is generally installed via malicious or hacked web sites, but, it is possible to get spyware the same way as a virus.Example: Cool Web Search Toolbar

  • Security Awareness:Protect your PC: Anti-SpywareInstall an Anti-Spyware Program.In most cases, more than one can be used.Keep it up to date. Automatic updating is available in some.Scan your PC on a regular basis. If possible, setup automatic scanning.Micorsoft provides an Anti-Spyware program called Windows Defender. It is currently in Beta, which means it is still being tested, but available to general public without warranty.Updated via Automatic Updateshttp://www.microsoft.com/athome/security/spyware/software/default.mspx

  • Security Awareness:Protect your PC: Anti-SpywareThere are many free third party Anti-Spyware programs available. (Be careful though, some spyware programs are actually spyware.)Spybot Search and DestroyFreehttp://www.safer-networking.org/Lavasofts Ad-AwareFree for Personal Usehttp://www.lavasoft.comSpywareBlasterFreePrevents Spyware from being installed.http://www.javacoolsoftware.com/spywareblaster.html

  • Security Awareness:Protect your PC: Anti-Spyware

  • Security Awareness:Protect your PC: Anti-Spyware

  • Security Awareness:Protect your PC: Anti-Spyware

  • Security Awareness:Protect your PC: Lock-it or LogoutLock your PC when you leave it unattended.Many times, users will be working on sensitive information and leave for a break, meeting or other need, leaving this and other potentially sensitive data accessible from their desk.Lock the screen by:Press and release, at the same time, the CTRL+ALT+DEL keys (not the + key) to bring up the Window Security window and click Lock ComputerSet up a screensaver, set it for a short period of time (5 minutes) and set it to prompt for a password on resume.Press and release, at the same time, the Windows+L keys.If you dont want to lock-it, then logout or shutdown.If the PC is off, people cant attack it or access its data.

  • Security Awareness:Protect your PC: Lock-it or Logout

  • Security Awareness:Protect your PC: Lock-it or Logout

  • Security Awareness:Protect your PC: Lock-it/Logout

  • Security Awareness:Protect your PC: WirelessWireless homeUse encryption:Changes the format of the data between the access point and your PCWEP: Wired Equivalent Privacy (insecure)WPA: Wi-Fi Protected AccessUses a passphrase/pre-shared keyWPA2Use preferred networksThose that you setup or know who owns them (NSUWIFI)Use access points, not PC to PC communication (ad hoc)Public access points allow anyone to connect, which means anyone can see what you are sendingDisable your wireless network adapter when not in useUsing another persons access point without their consent is illegal

  • Security Awareness:Protect your PC: WirelessNSUWIFI provides wireless access for faculty, staff and studentsInformation available at http://www.nsu.edu/wifi/WPA2 is used for encryptionTKIP (Temporal Key Integrity Protocol)Changes keys dynamically to prevent attackers from finding the (single) key used for encrypting dataNSU userid and password required to gain access to the wireless networkNSU monitors for unauthorized access pointsFuture plans for guest access

  • Security Awareness:Protect your PC: WirelessBluetoothDesigned for short wireless communications over short distancesBluesnarfing:Acquiring phonebooks, pictures, calendarParis Hiltons phone was crackedBluetracking:Tracking your movement based on the unique address of the deviceBluebugging:Send commands to a bluetooth deviceMake it call you which means an attacker could be listeningBluetooth sniper rifleHow To: Building a BlueSniper Rifle - Part 1http://www.tomsnetworking.com/2005/03/08/how_to_bluesniper_pt1

  • Security Awareness:Protect your PC: Parental ControlsParental Controls allow parents to control what their children do online.Block web sites, chat, pop-upsAllows you to monitor activityWeb sites visitedKeyloggersA few that get decent ratings and are a nominal fee:CyberPatrol (Appears to be the highest rated overall)http://www.cyberpatrol.com/CYBERsitterhttp://www.cybersitter.com/NetNannyhttp://www.netnanny.com

  • Security Awareness:Protect your PC: Add-onsMany Web sites or files require additional software to be installed in order to view.These viewers are usually free and easily accessible.Adobe Acrobat Reader is needed to view PDF documents.Windows Media Player or QuickTime may be required to watch certain videos or listen to musicOther sites may have programs that w