Securing the Academy: Better Cybersecurity for Instructors and Administrators

Slides:



Advertisements
Similar presentations
SECURING WIRELESS LANS PRESENTED BY VICTOR C. NWALA CS555 Department of Computer Science Old Dominion University.
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Configuring your Home Network Configuring your Home Network Jay Ferron ADMT, CISM, CISSP, MCDBA, MCSE, MCT, NSA-IAM.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer
Keeping Data Safe Revision Summer How many ways can data be lost? Start a list… Physical Loss or Corruption of data Accidental or Deliberate Unauthorised.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Securing Your Home Computer Presenter: Donnie Green Date: February 11, 2009 National Aeronautics and Space Administration
Information Security Information Technology and Computing Services Information Technology and Computing Services
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
E-Security: 10 Steps to Protect Your School’s Network NEN – the education network.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
INTRODUCTION. The security system is used as in various fields, particularly the internet, communications data storage, identification and authentication.
Cyber Security & Fraud – The impact on small businesses.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Small Business Security Keith Slagle April 24, 2007.
Last Minute Security Compliance - Tips for Those Just Starting 10 th National HIPAA Summit April 7, 2005 Chris Apgar, CISSP – President Apgar &
U.S. Small Business Administration Answers | Resources | Support For Your Small Business Cybersecurity Awareness Cybersecurity Awareness Signs You’ve Been.
KTAC Security Task Force Superintendents Update April 23, 2015.
Critical Security Controls & Effective Cyber Defense Hasain “The Wolf”
Computer Security By Duncan Hall.
Part 1: Corporate Operational benefits, Non-technical information for FSOs and ISSMs/ISSOs Part 2: Technical Tips on how to conduct a better audit review.
Safe’n’Sec IT security solutions for enterprises of any size.
1 © 2004, Cisco Systems, Inc. All rights reserved. Wireless LAN (network) security.
Digital Security Jesline James! 9cc. Contents  The CREATORS!!!! =] The CREATORS!!!! =]  What is Digital Security? What is Digital Security?  How does.
Securing a Host Computer BY STEPHEN GOSNER. Definition of a Host  Host  In networking, a host is any device that has an IP address.  Hosts include.
By the end of this lesson you will be able to: 1. Determine the preventive support measures that are in place at your school.
Understanding Security Policies Lesson 3. Objectives.
Protection of Data 31 Protection of Data 31. Protection of Data 31 Having looked at threats, we’ll now look at ways to protect data: Physical Barriers.
Network System Security - Task 2. Russell Johnston.
Understanding Security Policies
Computer Security.
Your security risk is higher than ever.
SY0-401 Exam Dumps CompTIA Security+ Certification Exam
Security Standard: “reasonable security”
© 2015 Air Force Association
Secure Software Confidentiality Integrity Data Security Authentication
HARDENING CLIENT COMPUTERS
Microsoft’s Security Strategy
How to Fix Windows 10 Update Error 0x ?.
Information Security Session November 11, 2004
IS4550 Security Policies and Implementation
Risk of the Internet At Home
Cybersecurity Strategy
Information Security Session October 24, 2005
Wi-Fi Technology.
Local Administrator Rights
Prepared By : Binay Tiwari
David J. Carter, CISO Commonwealth Office of Technology
King Saud University- College OF Applied Studies
Top Ten Cyber Security Hygiene Tips
Web Servers / Deployment
Faculty of Science IT Department By Raz Dara MA.
Securing Windows 7 Lesson 10.
Security week 1 Introductions Class website Syllabus review
King Saud University- College OF Applied Studies
Computer Security By: Muhammed Anwar.
Test 3 review FTP & Cybersecurity
G061 - Network Security.
Presentation transcript:

Securing the Academy: Better Cybersecurity for Instructors and Administrators

PRESENTER: Dennis Thibodeaux, CISSP Global Top 25 Technical Instructor at New Horizons Computer Learning Centers Certified Fraud Examiner, IT pro, and information security specialist with a professional focus on incident response and investigations CompTIA Security+, CSA+, CASP, Linux+, Project+, Server+, Cloud+, Network+, A+, Mobility+, CDIA, etc. (15 CompTIA certifications – and counting…)

It’s getting rough out there…

It’s getting rough out there…

It’s getting rough out there…

It’s getting rough out there…

CORPORATE vs. ACADEMIC computing environments SPIFFCO BANK Member FDIC FUNKYTOWN COMMUNITY COLLEGE

Meet my smart uncle…

Meet my smart uncle…

Meet my smart uncle…

Meet my smart uncle…

Ten essential cyber security practices 1. Protect information/systems/networks from damage by viruses, spyware, ransomware, and other malicious code

Ten essential cyber security practices 1. Protect information/systems/networks from damage by viruses, spyware, ransomware, and other malicious code But beware of FAKE anti-malware products…

Ten essential cyber security practices 2. Provide security for your connection to the Internet

Ten essential cyber security practices 2. Provide security for your connection to the Internet This usually means firewalls, often in conjunction with IDS/IPS

Ten essential cyber security practices 2. Provide security for your connection to the Internet My cheapskate solution… This usually means firewalls, often in conjunction with IDS/IPS

Ten essential cyber security practices 3. Install and activate software firewalls on all of your classroom computers and faculty/staff workstations

Ten essential cyber security practices 3. Install and activate software firewalls on all of your classroom computers and faculty/staff workstations

Ten essential cyber security practices 3. Install and activate software firewalls on all of your classroom computers and faculty/staff workstations DANGER!

Ten essential cyber security practices 4. Patch your operating systems and applications

Ten essential cyber security practices 4. Patch your operating systems and applications

Ten essential cyber security practices 5. Make backup copies of important data

Ten essential cyber security practices 6. Control physical access to computers and network components

Ten essential cyber security practices 7. Secure your wireless access points and wireless networks Wi-Fi hacking tools are plentiful and cheap (often free) Malicious hackers and script kiddies have the advantage when you use weak encryption. Avoid old and busted WEP - Wired Equivalent Privacy

Ten essential cyber security practices 7. Secure your wireless access points and wireless networks

Ten essential cyber security practices 7. Secure your wireless access points and wireless networks Accurate assessment of WEP encryption strength

Ten essential cyber security practices 7. Secure your wireless access points and wireless networks Accurate assessment of WEP encryption strength

Ten essential cyber security practices 8. Train students/faculty/staff in basic security principles

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Classic approach: COMPLEX PASSWORDS Uppercase, lowercase, numerals, punctuation marks, etc.

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Classic approach: COMPLEX PASSWORDS Uppercase, lowercase, numerals, punctuation marks, etc. HelloKitty

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Classic approach: COMPLEX PASSWORDS Uppercase, lowercase, numerals, punctuation marks, etc. HelloKitty H3ll0Kitty

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Classic approach: COMPLEX PASSWORDS Uppercase, lowercase, numerals, punctuation marks, etc. HelloKitty H3ll0Kitty H3ll0Kitty!

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Classic approach: COMPLEX PASSWORDS Uppercase, lowercase, numerals, punctuation marks, etc. HelloKitty H3ll0Kitty H3ll0Kitty!

Ten essential cyber security practices 9. Require individual user accounts (with good passwords) for all students/faculty/staff Password length has been found to be a primary factor in characterizing password strength. Users should be encouraged to make their passwords as lengthy as they want, within reason. - NIST SP 800-63B

Ten essential cyber security practices 10. Limit unauthorized access to data and information, and limit authority to install software

Five important questions Do we know what is connected to our systems and networks?

Five important questions Do we know what is connected to our systems and networks? Do we know what software is running (or trying to run) on our systems and networks?

Five important questions Do we know what is connected to our systems and networks? Do we know what software is running (or trying to run) on our systems and networks? Are we continuously managing our systems using “known good” configurations?

Five important questions Do we know what is connected to our systems and networks? Do we know what software is running (or trying to run) on our systems and networks? Are we continuously managing our systems using “known good” configurations? Are we continuously looking for and managing “known bad” software?

Five important questions Do we know what is connected to our systems and networks? Do we know what software is running (or trying to run) on our systems and networks? Are we continuously managing our systems using “known good” configurations? Are we continuously looking for and managing “known bad” software? Do we limit and track the people who have the administrative privileges to change, bypass, or override our security settings?

Five important questions Do we know what is connected to our systems and networks? Do we know what software is running (or trying to run) on our systems and networks? Are we continuously managing our systems using “known good” configurations? Are we continuously looking for and managing “known bad” software? Do we limit and track the people who have the administrative privileges to change, bypass, or override our security settings? Source: The National Campaign for Cyber Hygiene

THANKS FOR YOUR TIME AND ATTENTION. Dennis. Thibodeaux@NewHorizons THANKS FOR YOUR TIME AND ATTENTION! Dennis.Thibodeaux@NewHorizons.com @Dennis_CFE

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.