Library IT - Security and Remote Access

Slides:

Advertisements

Similar presentations

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University.

Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

For further information computersecurity.wlu.ca

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

10 Essential Security Measures PA Turnpike Commission.

SHARESYNCPage 1 of 2 ShareSync is a business-grade file sync and share service Sync files across devices Share files and folders easily and securely Business-grade.

Introduction to ITS SU. What we will cover ? Why it is important to you ? Netid account Printing SUmail Public Labs SURA/VPN AirOrangeX Getting.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.

DATA SECURITY AND YOU! W/ DAVE California Center for Population Research.

Module 4: Add Client Computers and Devices to the Network.

Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ?  Technology can address only a small fraction of security risks.

IT Security Essentials Lesley A. Bidwell, IT Security Administrator.

Instructional Technology & Design Office or Digital Security Basics Presented by Mark Baldwin &

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.

How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.

Working with Users and Groups Lesson 5. Skills Matrix Technology SkillObjective DomainObjective # Introducing User Account Control Configure and troubleshoot.

Joel Rosenblatt Director, Computer and Network Security September 10, 2013.

Small Business Security Keith Slagle April 24, 2007.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs This would be presented.

Frontline Enterprise Security

Internet Safety and Productivity Tips Presented by ITS Kerri Sorenson and Sean Hernandez December 11, 8:30-9:00 am.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.

OCTOBER IS CYBER SECURITY AWARENESS MONTH. October is Cyber Security Awareness Month  Our Cyber Security Awareness Campaign focuses on topics such as.

Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.

“How to Protect Yourself”

IT Security Awareness Day October 19, 2016

Security Awareness: Asking the Right Questions to Protect Information

What they are and how to protect against them

Welcome to iSolutions – your IT support service

ComArtSci Technology Update

Your Computer Wants To Ruin Your Life

Information Security Session November 11, 2004

Cybersecurity Awareness

CYB 110 Competitive Success/snaptutorial.com

Information Technology Services Education and Awareness Team

Robert Leonard Information Security Manager Hamilton

Cybersecurity Strategy

IoO Student Computer Facilities Bath Street Campus

August 17, 2015 J. Boles, J.Burnias and M.Garcia Office 2013

Jeopardy Security Risks Hardware & Software Computer Types Networking

Reconnaissance Report Trillium Technologies

Lesson 10 Operating System Customization

Information Security Awareness

Cybersecurity Am I concerned?

Top Ten Cyber Security Hygiene Tips

Discovering Technology

Implementing Client Security on Windows 2000 and Windows XP Level 150

Steppa Cyber Security Training Tips Your Business Was Seeking For With Cyber Security Training!

Information Security – Creating Awareness, Educating Staff, and Protecting Information Session 46 Chris Aidan, CISSP Information Security Manager Pearson.

Module 3 Using Linux.

Information Technology Services Education and Awareness Team

Cybersecurity and Cyberhygiene

Who We Are Pitt Information Technology provides resources at the University for students, faculty, and staff Technology Support Computer Accounts .

Getting Started With LastPass Enterprise

Cybersecurity at WAJ What is it? Are we at risk?.

Division of Engineering Computing Services

Presentation transcript:

Library IT - Security and Remote Access

Threats Phishing and whaling attacks (email and phone) Credential Theft Ransomware Attacks on MySlice applications Attacks on web sites “Door Rattling” Malware

Reduce the risk Use strong passwords 10-16 characters Non-dictionary words Derive from phrase for easier recollection Do not reuse passwords Use a password manager to keep track of multiple passwords (example Lastpass, keypass, 1password etc.) Consider enabling two-factor authentication If possible work on your system using a non – admin (lower privilege account, similar to your ad joined computer) so applications can’t be installed without further authentication

Best Practices Don’t email it (unless you KNOW it’s OK)— especially confidential! Don’t put it on portable media Don’t use cloud services (DropBox, iCloud etc.) Don’t leave it visible on your office computer when you walk away – Lock the screen Get rid of such data as soon as possible DO – Keep it on your shared drive (30 day backup available) DO - Use only approved methods of access

Remote Access – LIT policy / procedure Discuss need with supervisor – If you come to LIT first, we’ll ask for supervisor approval before moving forward Identify requirements and preferred tool / method Submit request for Remote Access to lisd@syr.edu We’ll review and schedule appropriate training

Levels of Access Level 1 – basic level Access to services on/off campus with just netid/password (outlook mail/myslice/ blackboard) Risk is being managed at service level Level 2 – elevated access with managed endpoints In addition to basic access additional services accessible (example shared drive/printer available) with managed device (ex. DirectAccess Laptop) Managed device mitigates the risk Level 3 – Elevated access with unmanaged endpoints Ability to access additional services open from on/off campus with unknown endpoint This represents significant risk to university For proper risk mitigation, training is mandatory

Best Practices Anti-virus product installed and working, updated daily Anti-spyware product installed and working Windows Update – set to auto-update Firewall turned ON Up to date browser and add-ons If possible work on your system using a non – admin (lower privilege account, similar to your ad joined computer) so applications can’t be installed without further authentication Get your news from reputed sources example CNN, BBC etc. Visit answers.syr.edu and search for information security tools and device best practices.

Tools SURA / VPN – sura.syr.edu Microsoft Remote Desktop Windows / Mac DirectAccess Offline Files Terminal Server – ts.syr.edu DatAnywhere w/o sync – drive.syr.edu VPN with elevated access – Map H: & G: DatAnywhere with sync – only for non SU devices

Demo Exchange SURA / Remote Desktop – Mac and Windows DatAnywhere DirectAccess Terminal Server

General questions Equipment replacement Windows 10 Office 2016 Eduroam Generic AD account password change 12/14/16 Anything else