Presentation is loading. Please wait.

Presentation is loading. Please wait.

Library IT - Security and Remote Access

Published by巾 方 Modified over 7 years ago

Similar presentations

Presentation on theme: "Library IT - Security and Remote Access"— Presentation transcript:

1 Library IT - Security and Remote Access

2 Threats Phishing and whaling attacks (email and phone)
Credential Theft Ransomware Attacks on MySlice applications Attacks on web sites “Door Rattling” Malware

3

4

5 Reduce the risk Use strong passwords 10-16 characters
Non-dictionary words Derive from phrase for easier recollection Do not reuse passwords Use a password manager to keep track of multiple passwords (example Lastpass, keypass, 1password etc.) Consider enabling two-factor authentication If possible work on your system using a non – admin (lower privilege account, similar to your ad joined computer) so applications can’t be installed without further authentication

6 Best Practices Don’t it (unless you KNOW it’s OK)— especially confidential! Don’t put it on portable media Don’t use cloud services (DropBox, iCloud etc.) Don’t leave it visible on your office computer when you walk away – Lock the screen Get rid of such data as soon as possible DO – Keep it on your shared drive (30 day backup available) DO - Use only approved methods of access

7 Remote Access – LIT policy / procedure
Discuss need with supervisor – If you come to LIT first, we’ll ask for supervisor approval before moving forward Identify requirements and preferred tool / method Submit request for Remote Access to We’ll review and schedule appropriate training

8 Levels of Access Level 1 – basic level
Access to services on/off campus with just netid/password (outlook mail/myslice/ blackboard) Risk is being managed at service level Level 2 – elevated access with managed endpoints In addition to basic access additional services accessible (example shared drive/printer available) with managed device (ex. DirectAccess Laptop) Managed device mitigates the risk Level 3 – Elevated access with unmanaged endpoints Ability to access additional services open from on/off campus with unknown endpoint This represents significant risk to university For proper risk mitigation, training is mandatory

9

10 Best Practices Anti-virus product installed and working, updated daily
Anti-spyware product installed and working Windows Update – set to auto-update Firewall turned ON Up to date browser and add-ons If possible work on your system using a non – admin (lower privilege account, similar to your ad joined computer) so applications can’t be installed without further authentication Get your news from reputed sources example CNN, BBC etc. Visit answers.syr.edu and search for information security tools and device best practices.

11 Tools SURA / VPN – sura.syr.edu Microsoft Remote Desktop Windows / Mac
DirectAccess Offline Files Terminal Server – ts.syr.edu DatAnywhere w/o sync – drive.syr.edu VPN with elevated access – Map H: & G: DatAnywhere with sync – only for non SU devices

12 Demo Exchange SURA / Remote Desktop – Mac and Windows DatAnywhere
DirectAccess Terminal Server

13 General questions Equipment replacement Windows 10 Office 2016 Eduroam
Generic AD account password change 12/14/16 Anything else

Download ppt "Library IT - Security and Remote Access"

Similar presentations

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, 2014 1IT Security, East Carolina University.

Financial Services Workshop Margaret Umphrey ECU Information Security Officer March 12, IT Security, East Carolina University.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.

10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
For further information computersecurity.wlu.ca

For further information computersecurity.wlu.ca
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.

INFORMATION SECURITY UPDATE Al Arboleda Chief Information Security Officer.
10 Essential Security Measures PA Turnpike Commission.

10 Essential Security Measures PA Turnpike Commission.
SHARESYNCPage 1 of 2 ShareSync is a business-grade file sync and share service Sync files across devices Share files and folders easily and securely Business-grade.

SHARESYNCPage 1 of 2 ShareSync is a business-grade file sync and share service Sync files across devices Share files and folders easily and securely Business-grade.
Introduction to ITS SU. What we will cover ? Why it is important to you ? Netid account Printing SUmail Public Labs SURA/VPN AirOrangeX Getting.

Introduction to ITS SU. What we will cover ? Why it is important to you ? Netid account Printing SUmail Public Labs SURA/VPN AirOrangeX Getting.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
DATA SECURITY AND YOU! W/ DAVE California Center for Population Research.

DATA SECURITY AND YOU! W/ DAVE California Center for Population Research.
Module 4: Add Client Computers and Devices to the Network.

Module 4: Add Client Computers and Devices to the Network.

Similar presentations

Ads by Google