Lack of Security in Hotspots/Wi Fi Areas Yin Wai ISM 158 4/27/10.

Slides:

Advertisements

Similar presentations

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Advertisements

!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.

CS898T Mobile and Wireless Network Handheld Device Security By Yuan Chen July 25 th, 2005.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

Mobile Devices and Wireless Tracy Jackson Liz Nenni Matt Hinson Chris Eiben.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

DHS SECURITY INCIDENT REPORTING AND RESPONSE SECURITY INCIDENT REPORTING AND RESPONSE DHS managers, employees, and other authorized information users.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Beyond WiFi: Securing Your Mobile Devices Thomas Kuhn Information Technology Assistance Center (iTAC) Kansas State University.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

Chapter 9 Information Systems Controls for System Reliability— Part 2: Confidentiality and Privacy Copyright © 2012 Pearson Education, Inc. publishing.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Morris Bennett Altman Director of Network Services Internet Security Officer Queens College, CUNY Are You Exposed? Network Security.

Joel Garmon, Director, Information Security Mike Rollins, Security Architect Jeff Teague, Security Analyst, Senior 1

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Information Security Information Technology and Computing Services Information Technology and Computing Services

The Internet. What is the internet? a vast network designed to transfer data from one computer to another.

McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module E Network Basics.

Securing Information Systems

Enterprise Risk ManagementSeptember 2010Miami, FL © 2010 Enterprise Risk Management Information Security- Facing the Risks in Electronic Channels and Social.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

General Awareness Training

CHAPTER 4 Information Security. CHAPTER OUTLINE 4.1 Introduction to Information Security 4.2 Unintentional Threats to Information Security 4.3 Deliberate.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

1 General Awareness Training Security Awareness Module 1 Overview and Requirements.

What does “secure” mean? Protecting Valuables

Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.

Anderson School of Management University of New Mexico.

Protecting Your Information Assets

IT security By Tilly Gerlack.

 INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.

Network Security Lecture 9 Presented by: Dr. Munam Ali Shah.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Network Access Technology: Secure Remote Access S Prasanna Bhaskaran.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,

What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.

Mobile Device Security Drew Hayes Christ Liechty November 27, 2007.

Completing network setup. INTRODUCTION Course Overview Course Objectives.

Joel Rosenblatt Director, Computer and Network Security September 10, 2013.

Chapter 2 Securing Network Server and User Workstations.

Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.

Desktop Security: Making Sure Your Office Environment is Secure.

Presentation to the CIO PREPARED BY: JOSHUA SMITH, GARY FAULKNER, BRANDON VAN GUILDER, AND ERIC RUSCH.

Computer Security By Duncan Hall.

Mission Computers Inc.  In 2013 ◦ 1,000,000,000 phones were hacked  because of ◦ lack of a secure password or ◦ no password at all Source:

© 2013 Toshiba Corporation B2B PC Training Mailer - Toshiba Device Access Control.

OIT and IT providers across campus are launching an awareness campaign to provide tips and resources to help you stay safe online and protect AU resources.

Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.

Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.

Simon Prasad. Introduction  Smartphone and other mobile devices have made it so easy to stay connected.  But this easy availability may lead to personal.

Elements of an ICT networks COMMUNICATION DEVICES: 1.Network interface card 2.Hub 3.Switch 4.Router STANDARDS AND PROCEDURES: 1.Enable devices to communicate.

Computer Security Sample security policy Dr Alexei Vernitski.

Jttconnect.com Cyber Security Threats: Understanding and Mitigating the Risk Nic Cofield | Jackson Thornton Technologies.

How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.

Hotspot Shield Protect Your Online Identity

Overview 1. Phishing Scams

CHAPTER 4 Information Security.

Lesson 2- Protecting Yourself Online

CompTIA Security+ Study Guide (SY0-401)

Unit 4 IT Security Kerris Davies.

How it affects policies and procedures

BTEC level 3 Learning Aim D.

Technology Convergence

Lesson 2- Protecting Yourself Online

Security in mobile technologies

Communicating in the IT Industry

Personal Mobile Device Acceptable Use Policy Training Slideshow

Information Security in Your Office

Presentation transcript:

Lack of Security in Hotspots/Wi Fi Areas Yin Wai ISM 158 4/27/10

Hot Spot Dangers? Increased dependence on laptops, smart phones, and other portable devices Personal and professional information are exposed when an employee logs onto Wi-Fi hotspots Public access point - on someone else's network with no control of who else is using it  People who know how to look for unencrypted information can gain access to all your data  Threat of a hacker

"Ryan Crumb, director of information security for PricewaterhouseCoopers Advisory Services, has seen all sorts of information gleaned from hot spots -- including Social Security numbers, corporate financial data and information about M&A deals -- that was never meant for him to see. Sometimes Crumb deliberately looks to see what unprotected data is traveling over the network in public spaces." PricewaterhouseCoopers Advisory Services How easy is information attained?

What can IT do? Create and enforce strong verification policies for devices trying to access the corporate network  Require employees to use a corporate VPN (virtual private network) and encryption when making a connection and exchanging data

What can IT do? cont. Make sure all devices and software applications are configured properly and have the latest patches. Ensure that corporate security policies prevent workers from transferring sensitive data to mobile devices or unauthorized computers.  Use air cards, which require a service plan, instead of hot spots for wireless connections.

Difficulties Consumertization of IT - High demand to work from personal laptops and smart phones Not enough protection to prevent employees from ing data back to a home office through Wi-Fi hotspots Cost - Needing VPN (virtual private network)

Statistics Through a 2009 study, the average cost of a data breech was $6.75 mill 42% of data breeches were the cause of the third-party 36% of these were due to lost/stolen devices 24% were due to a criminal attack that resulted in theft of data

Statistics cont. 67% of these 45 organizations started to use training and awareness programs 58% used manual procedures and controls 58% expanded their use of encryption

Sources angers_That_Internet_cafe_could_cost_ you_way_more_than_a_cup_of_coffee_