2007 Computer End User Training

Slides:



Advertisements
Similar presentations
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
Advertisements

Maintaining Security While Using Computers What all of Our Computer Users Need to Know.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
Springfield Technical Community College Security Awareness Training.
A dialogue with FMUG: Sensitive Data & Filemaker MIT Policy and Data Classifications ** DRAFT ** Guidelines Feedback and Discussion Tim McGovern 2 June.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Information Security Awareness:
1 For System Administrators INFORMATION INFORMATION SYSTEM SECURITY INFORMATION INFORMATION SYSTEM SECURITY.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
Stephen S. Yau CSE465 & CSE591, Fall Information Assurance (IA) & Security Overview Concepts Security principles & strategies Techniques Guidelines,
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
Security Measures Using IS to secure data. Security Equipment, Hardware Biometrics –Authentication based on what you are (Biometrics) –Biometrics, human.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.
Information Governance Jym Bates Head of Information Assurance.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Information Security Technological Security Implementation and Privacy Protection.
1 Preparing a System Security Plan. 2 Overview Define a Security Plan Pitfalls to avoid Required Documents Contents of the SSP The profile Certification.
Section Seven: Information Systems Security Note: All classified markings contained within this presentation are for training purposes only.
1.1 System Performance Security Module 1 Version 5.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
How Hospitals Protect Your Health Information. Your Health Information Privacy Rights You can ask to see or get a copy of your medical record and other.
THE CVR NETWORK. The CVR Local Area Network (LAN)  The purpose of the network is to enhance productivity, provide users with access to resources, and.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
Use of U.T. Austin Property Computers: Security & Acceptable Use The University of Texas at Austin General Compliance Training Program.
Types of Electronic Infection
User Responsibility  1. To transmit or knowingly receive any materials in violation of United States, state, or local laws, or in violation of school.
Security Training USAID Information Security.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Incident Security & Confidentiality Integrity Availability.
Chapter 2 Securing Network Server and User Workstations.
Incident Security & Confidentiality Integrity Availability.
Computer Forensics. OVERVIEW OF SEMINAR Introduction Introduction Defining Cyber Crime Defining Cyber Crime Cyber Crime Cyber Crime Cyber Crime As Global.
Handling Personal Data & Security of Information Paula Trim, Information Officer, Children’s Strategic Services, Mon – Thurs 9:15-2:15.
CHAP 6 – COMPUTER FORENSIC ANALYSIS. 2 Objectives Of Analysis Process During Investigation: The purpose of this process is to discover and recover evidences.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
ISMS Information Security Management System
Payment Card Industry (PCI) Rules and Standards
Security Issues in Information Technology
DATA SECURITY FOR MEDICAL RESEARCH
ISSeG Integrated Site Security for Grids WP2 - Methodology
IT Security  .
Secure Software Confidentiality Integrity Data Security Authentication
Introduction to the Federal Defense Acquisition Regulation
LAND RECORDS INFORMATION SYSTEMS DIVISION
Information Security 101 Richard Davis, Rob Laltrello.
Information Security Seminar
Cybersecurity Awareness
Robert Leonard Information Security Manager Hamilton
Risk of the Internet At Home
HQMC ISC BRIEF FEBRUARY 6, 2007
County HIPAA Review All Rights Reserved 2002.
Lesson 2: Epic Security Considerations
Epic Introduction Basics
HOW DO I KEEP MY COMPUTER SAFE?
Epic Introduction Basics
Lesson 2: Epic Security Considerations
Lesson 2: Epic Security Considerations
IS4680 Security Auditing for Compliance
Epic Introduction Basics
ONLINE SECURE DATA SERVICE
Uppingham Community College
Introduction to the PACS Security
G061 - Network Security.
Protecting Student Data
Presentation transcript:

2007 Computer End User Training UNCLASSIFIED 2007 Computer End User Training 1 June 2007 UNCLASSIFIED

2007 Information Assurance Security Awareness Briefing Army Aviation & Missile Research, Development & Engineering Center U.S. Army Research, Development and Engineering Command UNCLASSIFIED 2007 Information Assurance Security Awareness Briefing AMRDEC Information Assurance AMRDEC IA Team 256-876-0954 usarmy.redstone.rdecom-amrdec.list.ags-support@mail.mil UNCLASSIFIED

• This Presentation is UNCLASSIFIED Overview UNCLASSIFIED • This Presentation is UNCLASSIFIED What is Information Assurance • General Security Guidance • Protecting Information • Reporting Violations • What can you do? UNCLASSIFIED

Are You the Problem or the Solution? UNCLASSIFIED UNCLASSIFIED

What is Information Assurance? UNCLASSIFIED Information Assurance is: “Information operations that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation …providing for restoration of information systems by incorporating protection, detection, and reaction capabilities.” as defined by the CNSSI 4009, “ National Information Systems Security Glossary,” dated May 2003 UNCLASSIFIED

What is Information Assurance? UNCLASSIFIED • AVAILABILITY: Making sure the computer and the information is there when we need it. • INTEGRITY: Making sure the information we use, transmit, process, or store has not been corrupted or adversely manipulated. • AUTHENTICATION: Making sure we know who is using our computers and accessing our data. • CONFIDENTIALITY: Making sure the information is protected from disclosure. • NONREPUDIATION: Making sure the information is ‘tagged’ so when we send it – we know it got there, and the recipient knows who sent it. UNCLASSIFIED

So, Why Are You Here? UNCLASSIFIED • DOD and Army policy requires annual information assurance awareness training. • Need to emphasize important security tasks and acceptable user practices. UNCLASSIFIED

• Recognize your computing responsibilities. Your Mission UNCLASSIFIED • Recognize your computing responsibilities. • Accept responsibility for protecting government information. • Recognize the challenges and threats that can harm our National Security. UNCLASSIFIED

Do You Know What “OK” Means? UNCLASSIFIED • When you login, you acknowledge that the information system you are using is for “Official Government Use Only”. • The server and all of its information are subject to inspection. • Your actions are subject to continuous audit. UNCLASSIFIED

General Workstation Security UNCLASSIFIED Protect your identity (User Id) by using strong passwords. The following applies: User generated passwords must be 14 characters or longer. Must contain three of the four character types: uppercase, lowercase, numbers, and special characters. Passwords will be changed at least every 60 days. UNCLASSIFIED

General Workstation Security UNCLASSIFIED Always log off of the Wiki, Jira, or Perforce when leaving your computer unattended! You are responsible for the data on your system at all times! UNCLASSIFIED

Prudent Network Security and Internet Practices UNCLASSIFIED •AMRDEC prohibits the use of this server for: - Chain letters. - Private commercial activities. - Accessing pornographic or gambling sites. - Participating in online auction activity. - Political Activity. - Illegal fraudulent or malicious activities. - Any use which reflects adversely on AMRDEC or any other DOD element. Virus Protection: - Avoid attaching media from other computing environments. If unavoidable, at the least, ensure virus scan is performed on the media before utilizing data. - Ensure your workstation runs a daily virus scan. UNCLASSIFIED

DOD treats all media as documents. Types of Information UNCLASSIFIED • Information can be stored on: Printers with Memory Backup Tapes Printed Documents CDs or Floppy Disks Handheld Devices Computer Hard Drives Fax Machines Web Pages DOD treats all media as documents. UNCLASSIFIED

• It is a form of System Contamination. What is Spillage? UNCLASSIFIED • It is a form of System Contamination. • It is the unintentional improper storage, transmission or processing of CLASSIFIED information on an UNCLASSIFIED system or via a communications path. Most common occurrence is transmission via email or embedded in Power Point Presentations or other non-redacted files. UNCLASSIFIED

Bottom Line: THESE INCIDENTS MUST STOP! Why is This Happening? UNCLASSIFIED • Users are not reading Email completely. • Electronic media is not being marked properly. • File names or subject headers do not reveal content sensitivity of information. • Rules for “data aggregation” / derivatively classifying are not well understood. • Individuals are unaware of classification guides / guidance. • Improper storage, cleansing, transmission, processing of classified information. • All AMRDEC personnel are PERSONALLY responsible for protecting sensitive and classified information. Bottom Line: THESE INCIDENTS MUST STOP! UNCLASSIFIED

Processing Classified Information UNCLASSIFIED • The Army Game Studio servers are not accredited for Classified processing! DO NOT STORE ANY CLASSIFIED DATA ON THE AGS SERVERS! UNCLASSIFIED

Reporting Computer Security Incidents UNCLASSIFIED Security Incident: • An attempt to exploit a national security system; may involve fraud, waste, or abuse; compromise of information; loss or damage of property or information; or denial of service. – Security incidents include: • penetration of computer systems. • exploitation of vulnerabilities. • introduction of computer viruses or other forms of malicious code. If an incident occurs: • Gather all pertinent information: – time, details, person(s) involved, actions taken, etc. • Report it to your IASO, SA, IAM and the AMRDEC Help Desk. • Site administrators should notify LCIRT (lcirt-r@redstone.army.mil). • If a violation of law is evident or suspected, the incident must also be reported to both security and law enforcement organizations for appropriate action. Report ALL Suspicious Activity!! UNCLASSIFIED

Reporting Suspicious Activities UNCLASSIFIED • Report suspicious persons or circumstances immediately to your Supervisor, IASO, the Information Assurance Team, or the AMRDEC Security and Intelligence Division. • Be alert for: – surveillance attempts. – suspicious persons or activities. – individuals using unauthorized recording devices. UNCLASSIFIED

To Improve our Security Program UNCLASSIFIED Be a strong link in the security chain! Adhere to password standards. Keep passwords safe! Do not share your username or password with anyone! Separate government work from personal activities. UNCLASSIFIED

To Improve our Security Program (cont) UNCLASSIFIED • Separate classified from unclassified information. Use classification guidance when regrading classified information. Label your diskettes! • Keep track of your removable media. Store them when not in use. • Watch your file transmissions! Make sure the files you transfer or the email you send is appropriate for the sensitivity of that network! • Report anomalies. Requests for information from unknown sources (foreign countries), destroyed, infected or corrupted files, missing computer hardware, etc. Report this to your IASO and to the Help Desk. UNCLASSIFIED

Pay Attention to Detail. Security is your responsibility! Conclusion UNCLASSIFIED • Strictly follow Army and AMRDEC security guidance. If you don’t know - ask! • Contact your Information Assurance Security Officer (IASO), Information Assurance Manager (IAM) or the Information Assurance Team at usarmy.redstone.rdecom-amrdec.mbx.sed-ia@mail.mil / 313-2777 for assistance. Pay Attention to Detail. Be Alert. Be Aware! Security is your responsibility! UNCLASSIFIED

https://intranet.amrdec.army.mil/Training Additional Training UNCLASSIFIED AMRDEC Training: https://intranet.amrdec.army.mil/Training Fort Gordon Information Assurance (IA) Training: https://ia.gordon.army.mil/ia_courses.htm AMRDEC IA Training links and information: https://central.amrdec.army.mil/IA%20Training/default.aspx AMRDEC IA Frequently Asked Questions: https://central.amrdec.army.mil/C11/IA%20FAQ/default.aspx UNCLASSIFIED

AGS SED Information Assurance Team Contact Information UNCLASSIFIED AGS SED Information Assurance Team 256-876-0954 usarmy.redstone.rdecom-amrdec.list.ags-support@mail.mil UNCLASSIFIED

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.