Safe Computing Protect your electronic profile means protecting You and Case Information Security Office, ITS Case Western Reserve University 2015 Information.

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

Advertisements

How to protect yourself, your computer, and others on the internet

ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:

This tutorial will take approximately 15 minutes. Click here to advance. Click here to go back.

Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Information Security Decision- Making Tool What kind of data do I have and how do I protect it appropriately? Continue Information Security decision making.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

University Health Care Computer Systems Fellows, Residents, & Interns.

Update on Privacy Issues at USU October 10, 2013.

Updating your center profile and compliance information online The center's primary contact and executive director each have access to center account information.

If you elected to have your Naviance account activated, enter the information you received via your from Naviance. If you do not have an active.

A Matter of Your Personal Security Phishing Revised 11/30/15.

By Liam Wright Manga comic group Japan SAFETY on your computer.

 Why?  * Department of Education (not LHU) awards PA certification to qualified applicants  * Students must apply for certification individually 

U.S. Businesses Targeted Randy Wolverton Brian J. Koechner.

Proprietary and Confidential Don’t be the Next Cyber Crime Statistic C. Kevin deBrucky, Vice President PINACLE ® Security Manager.

INTRODUCTION & QUESTIONS.

Patient Portal Website Patient Training Powered by the.

Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.

ANNUAL HIPAA AND INFORMATION SECURITY EDUCATION. KEY TERMS  HIPAA - Health Insurance Portability and Accountability Act. The primary goal of the law.

FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED//FOUO Phishing.

Outline of this module By the end of this module, you will be able to: Identify the benefits of using social networking to communicate with family and.

HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.

Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.

CURRENT STATUS OF CYBERCRIME  Security is the fastest growing service in IT  Cyber Crime Costs $750 Billion annually  70% of threats arrive via .

POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.

Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.

Important Information Provided by Information Technology Center

Objectives Define phishing and identify various types of phishing scams Recognize common baiting tactics used in phishing scams Examine real phishing messages.

Information Security Awareness Training

HIPAA Privacy and Security

Protecting PHI & PII 12/30/2017 6:45 AM

Phishing, identity theft, and more

Cyber Safe – WGC Parents

PHISHING Hi, The comms team asked if I could refresh everyone about Phishing after a fairly successful phishing circulated last week that led to.

Cyber Safe – WGC Wellness Day

Class Name: Online Safety & Privacy Basics

Information Security.

Report Phishing Forward phishing s to

How to Protect Yourself from ID Theft and Social Engineering

Information Security 101 Richard Davis, Rob Laltrello.

Presented by: Brendan Walsh Manager, Security and Access Management

Cybersecurity Awareness

Practice Safe Computing

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Report Phishing Forward phishing s to

What You MUST Do Be aware of what constitutes Personally Identifiable Information (PII) Protect this information and passwords that.

Anatomy of a Large Scale Attack

Your first steps with Personio

Business Compromise and Cyber Threat

Understanding Data Protection

What is Phishing? Pronounced “Fishing”

Move this to online module slides 11-56

Handling Information Securely

First steps with Personio

What You MUST Do Be aware of what constitutes Personally Identifiable Information (PII) Protect this information and passwords that.

Protecting Student Data

Cybersecurity Simplified: Phishing

School of Medicine Orientation Information Security Training

Presentation transcript:

Safe Computing Protect your electronic profile means protecting You and Case Information Security Office, ITS Case Western Reserve University 2015 Information Security Office Information Technology Services Security.aware.case.edu

Please DoSeriously…….Don’t Use Google Apps for work you don’t want to lose ( ; docs; sheets, etc…) Click on links in s Use Google Apps for work you do as a a team Use portable media or rely on your computer drive to save everything and not be stolen Change your password often Share or reuse your password; OR inadvertently answer questions you’ve used in password security questions Practice clean screen/clean desk Leave your screen unlocked; walk away from your computer. Use different browsers for school work vs personal work Use the same password on non school related Apps Information Security Office Information Technology Services

Don’t Click on Links in s FBI Warning - Business Compromise An Emerging Global Threat 08/28/15 The accountant for a U.S. company recently received an from her chief executive, who was on vacation out of the country, requesting a transfer of funds on a time- sensitive acquisition that required completion by the end of the day. The CEO said a lawyer would contact the accountant to provide further details. “It was not unusual for me to receive s requesting a transfer of funds,” the accountant later wrote, and when she was contacted by the lawyer via , she noted the appropriate letter of authorization—including her CEO’s signature over the company’s seal—and followed the instructions to wire more than $737,000 to a bank in China. Don’t Click on Links

Don’t Click on Links in s – Phishing: appear real, but are fraudulent s intending to compromise credentials for financial or other gain – Real and significant threat to you and if you’re compromised, may present threat to university’s data – Most incidents or breaches are due to human error (inadvertent and/or intended) – When in doubt, forward to Don’t Click on Links

Don’t Click on Links in s Don’t Click on Links

Don’t Click on Links in s – Spear Phishing Looks real ! Targeted s with convincing messaging or from a known friend or entity Expresses urgency – Eg: your account is about to expire – Eg: important student aid document attached – Spelling/Grammar Has typos Awkward use of western English (eg: “kindly” or British spellings of words) Information Security Office Information Technology Services

Don’t Click on Links in s Looks real ? Hover over the URL in the ; it won’t match the supposed message or purpose ITS sends many s; ensure that they’re legitimate before you take action requested in – EG: your account is about to expire, change your password – EG: your has met its capacity, click here to increase storage or space capacity Information Security Office Information Technology Services

Other Critical Info: to protect yourself – Know PII, PHI, FERPA, AUP Personal Identifiable Info Personal Health Info Acceptable Use – (not ok to attack fellow students electronically or misuse the university systems) – Family Ed. Rights & Privacy Protects info in educational records Except where law or law enforcement requires access – What’s public & what’s not- care for your data Information Security Office Information Technology Services

Popular Password (easily breakable) Popular Passwords access Test Games Apache Password Fred Fax Redhat WWW Public Nokia Nobody Setup Upload Asterisk Chocolate Temp Patrick News F**** Backup User Student 1q2w3e Rootadmn Secret Don’t use same password everywhere Information Security Office Information Technology Services

Final Notes/Take Away/Don’t Forget/Please – Do NOT click on links in s – Danger to you and university – Know what data is restricted and what’s public (graduation date vs SSN) – DO NOT CLICK ON LINKS in s – If you do, contact as soon as Information Security Office Information Technology Services

From Case’s Chief Info Security Officer (CISO) Tom Siu – Primary account compromise is via phishing and malware – Do NOT click on links in s – Contact if you a suspicious Information Security Office Information Technology Services