technology devices security and common sense rita reynolds
TRANSCRIPT
Technology Devices
Security and Common SenseRita Reynolds
How Bad Is It? The next few slides will show recent
breaches where at least one event has affected each of us!
How many of you have received new credit cards this years, as a result of a breach?
How many of you have received credit fraud protection as a result of a breach?
How Bad Is It? This week!
Unusual activity InvestigatingMore than likely
breached
How Bad Is It? Home Depot – September, 2014
56 million credit cards breachedFormer employees not surprisedUsed outdated security software
JP Morgan – September, 2014Over 75 million households affectedWent undetected for weeksTook names, addresses, phone numbers
and email addresses
How Bad Is It? Crafts store Michaels confirms 3
million credit card numbers stolen in hack
Discovered in January 2014 Occurred from June 2013 – Feb 2014
How Bad Is It? Target (Dec 2013 – 40 million) Neiman Marcus (mid 2013 – 1
million) Horizon Blue Cross Blue Shield (New
Jersey – 870,000) Paytime (April 2014 – 80,000)
How Target was Breached Partly from the retailer's failure to
properly separate systems handling sensitive payment card data from the rest of its network.
Hackers broke into the retailer's network using login credentials stolen from a heating, ventilation and air conditioning company
1. You get an email from HR that the payroll service you use has been hacked
2. Cancel your account3. Set up a new account4. Set up fraud protection5. Call your spouse
So Why Be Concerned?
6. Determine there are multiple accounts your check goes into – close those accounts
7. Set up new account8. Set up new withdrawls to pay bills
(maybe you had five)9. You miss one – your bill is overdue,
you get hit with a late payment
So Why Be Concerned?
10.You call the bank to see if they will waive it
11.Suppose you were working on refinancing your mortgage
12.Oh yea, now you have to wait for new checks to come
13.And it goes on and on……
So Why Be Concerned?
Why Educate Your Staff Increase awareness of employees… Which leads to increased security of
county property byDepartmental PresentationsVideo Awareness (CCAP has a security
awareness video available)http://www.pacounties.org/MembersOnly/Pages/Technology-Security.aspx
Why Educate Your StaffReading Materials
https://www.staysafeonline.org/stay-safe-online/http://www.staysafeonline.org/stay-safe-online/resources
On the go security tips – click the image!
Tips to Education Robust Information Security Policy Strong Password Policy Educate little and often Work Closely with Other Departments Provide Feedback Create a Culture of “Your Personal
Responsibility”
Protecting Yourself Your Computer Your Passwords Your Online Accounts Your Data Your Credit And Debit Cards Your Cellular Telephone Yourself from Telephone Attacks
Protecting Your Computer
Use a shredder (cross-cut) Don’t keep personal information on
your hard drive Turn your computer off Turn wi-fi off when not in use
Protecting Your Passwords
How secure is my passwordhttps://howsecureismypassword.net/More secure passwords include
Non-dictionary words Numbers Mixed Case Special Characters
Protecting Your Passwords
Password1
Protecting Your Passwords
Someone who I know that takes this seriously
Protecting Your Passwords
LastPassHave to pay $12.00 per year
to useWorks on mobile devicesEasier to UseWhen setting up Passwords,
gives you a warning when using a weak password
Protecting Your Passwords
KeePassFreeNot stored on
internet
Protecting Your Data
Buy or provide a USB drive that can be encrypted
Practical Tips
Events out of the Norm Training that is memorable Unannounced trainings! Repetition Is something missing Clean desk/office/printer approach
Protecting Your Data
Back up your dataTo the CloudTo an external device like an encrypted
USB driveStore in Safe Deposit box or other
secure locationPerform backups on a regular basis
(monthly)
Protecting Your Online Accounts Use three different emails
One for work (set for you)One for personal communication and
official businessOne for fun stuff (newsletters, online
shopping, social networks
Protecting Your Online Accounts Use two step verification
Examples include Facebook and GoogleFactor one is something you knowFactor two is something you have
Protecting Your Online Accounts Credit Report – one time each year
from three major credit serviceshttps://www.annualcreditreport.com/ Equifax, Experian, and TransUnionLook for accounts you did not sign up forDelete all unused or older accounts,
except for maybe the first one (as that helps determine your credit score)
Protecting Your Credit and Debit Cards Set up a separate bank account that
you use for online transactions. Only transfer in enough money (or a little more) for the online transactions you are doing.
Credit Opt OutOptoutprescreen.com
Protecting Your Credit and Debit Cards Fraud Alert - If suspected abuse set
up 90 day fraud alert If any accounts are attempted to be
opened up, creditors are required to contact you
Protecting Your Credit and Debit Cards Freeze your Account - Anyone can
freeze or unfreeze their account, stopping credit bureaus from releasing your report without your consent. Price varies by state, but generally costs about $10.
Protecting Your Cellular Telephone Password – lock your phone! Always! Use Location App
Device provided – each make provides free location apps. They are device dependent.
Cerberus – stronger location tracking app.
Cerberus
Track Location history Lock with a code Send SMS Record Audio Take a picture Capture Video
Protecting Your Data From Internal Attacks Why
Disgruntled employeeCompetitionUnaware Illegal activityAddictions
Protecting Your Data From Internal Attacks How
Secure your wirelessDon’t give out your PasswordTurn Your Computer Off (camera)Policy…policy…policy
In Closing
As the Edward Snowden scandal highlighted, if a disgruntled worker is determined to unearth critical information, it is not that hard to do so. Snowden was an IT contractor, but he gained access to files he should not have, by simply asking his colleagues to share their passwords
Questions?
Presenters: • Rita Reynolds, CCAP CIO
Contributors:• Mark Proper• Kathie Zullinger• Mary Jane McCluskey