Information Systems Security for the Special Educator MGMT 636 – Information Systems Security.

Slides:



Advertisements
Similar presentations
Instant Messenger Security with a focus on implementing security policies in corporate IM services Kaushal S Chandrashekar CS 691 Dr. Edward Chow UCCS.
Advertisements

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Ethics, Privacy and Information Security
Networks. User access and levels Most network security involves users having different levels of user access to the network. The network manager will.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Understand Database Security Concepts
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Data Security for Healthcare Facilities Debbie Abbott Health Information Consultant Resolutions (Int) Pty Ltd.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
CS426Fall 2010/Lecture 81 Computer Security CS 426 Lecture 8 User Authentication.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Wi-Fi Security January 21, 2008 by Larry Finger. Wi-Fi Security Most laptops now come with built-in wireless capability, which can be very handy; however,
Department of Electrical & Computer Engineering Advisor: Michael Zink.
Chapter 3 Passwords Principals Authenticate to systems.
Steps to Compliance: Electronic Devices Overview PRESENTED BY.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Internet Security In the 21st Century Presented by Daniel Mills.
New Data Regulation Law 201 CMR TJX Video.
Secure Online USB Login System. Everything is going online Social Interactions Banking Transactions Meetings Businesses... including all sorts of crimes.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
ESCCO Data Security Training David Dixon September 2014.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
CIS 450 – Network Security Chapter 8 – Password Security.
Best Practices for Protecting Data. Section Overview Mobile Computing Devices Technical Procedures Data Access and Permissions Verbal Communication Paper.
Chapter 12 by Lisa Reeves Bertin Securing Information in a Network.
Legal Division CSAA Insurance Group, a AAA Insurer Protecting Your Identity: What to Know, What to Do 2015 Risky Business Week.
Clark County School District (CCSD)
Technology in the Bellingham School District. Bellingham School District Network §Connectivity §Communication §Research Practice Responsible Use.
{ Active Directory Security Why bother?.   Law #1: Nobody believes anything bad can happen to them, until it does   Law #2: Security only works if.
Protecting Your Personal Information November 15, 2013.
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Passwords. Outline Objective Authentication How/Where Passwords are Used Why Password Development is Important Guidelines for Developing Passwords Summary.
Technology Overview Kim Davis Coordinator of Technology Support Services.
G061 - Network Security. Learning Objective: explain methods for combating ICT crime and protecting ICT systems.
Information Systems Security New Faculty Orientation Day Queen’s University August 2011 George Farah, GIAC/GSEC Gold, CRISC, CISA University Information.
J. Rick Mihalevich Dean of Information Technology Linn State Technical College June 18, 2009.
Network Security & Accounting
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Networking Network Classification, by there: 3 Security And Communications software.
Woodland Hills School District Computer Network Acceptable Use Policy.
1 Law, Ethical Impacts, and Internet Security. 2 Legal Issues vs. Ethical Issues Ethics — the branch of philosophy that deals with what is considered.
Cybersecurity Test Review Introduction to Digital Technology.
Confidentiality, Integrity, Awareness What Does It Mean To You.
Blogs How to use the bog safely and secure? Create new username. Create a strong password to your account. Create the password to your uploaded files.
Password Theft By: Markie Jones. Road Map Do’s Do Not’s What can someone do with it? How do they get it? Who’s most at risk? When & Where are consumers.
Technological Awareness for Teens and Young Adults.
Information Technology Security Office of the Vice President for Information Technology New Employee Orientation II.
Computer Security  Computer Security:  Password Strength  Windows Screen Saver  Deleting browser cache  Deleting browser cookies  Securing MS Office.
Data Breach ALICAP, the District Insurance Provider, is Now Offering Data Breach Coverage as Part of Our Blanket Coverage Package 1.
Clark County School District
Dove science academy Cyber Club
Protection of CONSUMER information
Information Security.
Configuring Windows Firewall with Advanced Security
FTP - File Transfer Protocol
GCSE ICT Revision Topic 2: Connectivity.
Introduction to Networking
Passwords.
DOVE SCIENCE ACADEMY CYBER CLUB
Digital $$ Quiz Test your knowledge.
Health Care: Privacy in a Digital Age
Firewalls and Security
Woodland Hills School District
Protecting Student Data
Presentation transcript:

Information Systems Security for the Special Educator MGMT 636 – Information Systems Security

Overview Awareness of information systems security in work and at home. Basic understanding of security techniques that can be implemented in both the work environment and at home.

Legal Environment FERPA –Family Educational Rights and Privacy Act L.S. v. Mount Olive Board of Education (New Jersey) –11 th grade English class studying The Catcher in the Rye. An assignment required students to create a psychological profile of the main character. The teacher obtained a real psychological profile from the school’s psychologist to use as an example. Even though the profile was redacted, a student deduced that the profile was his friend’s psychological profile.

Legal Environment FERPA –L.S. v. Mount Olive Board of Education (New Jersey) The court ruled that the teacher and the school’s psychologist could be personally sued under 42 U.S.C. § 1983: Civil action for deprivation of rights. Extreme case due to negligence.

Work Computing Environment District and school policies concerning information systems security. –Know your data. Schools provide protection infrastructure. –Firewalls to protect networked computers. School assumes risk in case of a security breach, unless negligence is found.

Protecting Your Computer Password protect your computer. Lock computer when away. Use username and password to login. –Do not share password or accounts. –Do not allow others use your computer while you are logged in. Someone could parents, students, your boss.

Protect Your Files MS Office: 2010 offers AES 128-bit advanced encryption. iWork offers encryption. File encryption software. –Third party software. Requires being able to add software to computer.

Encryption Benefits –“Scrambles data” making it unusable in it’s encrypted state. Downfalls –Forgotten password. –Business continuity.

Password Construction In order to understand solid password creation, it is important to understand the three basic techniques to “crack” a password.

Three Basic File Hacking Techniques Shoulder surfing and social engineering. Brute force attack. –A properly designed password can make this technique take a million years to crack. Dictionary attack. –Avoid common words and combinations. –Avoid common password security techniques. i=!, i=1, and etcetera.

Password Construction The longer the better. What is a bit and what does it mean? Using a passphrase. “and she's climbing the stairway to heaven”

Password Construction The Next Level Multi-Factor Authentication –Goes beyond username and password. Requires additional information that only the user would know (knowledge factor). Increases security. Used by banks and credit reporting agencies. –Questions such as “Name of your first pet” or “Name of company that holds your home mortgage”.

Taking Work Home Risk transference. –You are now responsible for data security. Does this violate security policies? Transportation of data. –Flash Drive SanDisk Cruzer offers software to encrypt the entire flash drive (SanDisk Secure Access). – Not highly secure on its own. –Laptop: Whole device could be stolen.

Home Networking Security The firewall is the first line of defense. Decent router with firewall. Wi-Fi with good encryption protocols and a strong password.

Personal Devices Risks Text messaging. . Loss of device or laptop. –Password protect entire device. –Google’s pattern lock.

Questions?