Presentation is loading. Please wait.

Presentation is loading. Please wait.

Good Computer Security Practices Basic Security Awareness

Published byAmberly Parker Modified over 6 years ago

Similar presentations

Presentation on theme: "Good Computer Security Practices Basic Security Awareness"— Presentation transcript:

1 Good Computer Security Practices Basic Security Awareness
By Harpreet Kaur Saini Hello; Thank you Overview of computer security and good computing practices. This is kind-of a whirlwind overview, so the handout that you have has additional information and details about any of the things that I will be talking about.

2 What is Information and
Computer Security?

3 … the protection of computing systems and the data that they store or access.
Desktop computers Confidential data Laptop computers Restricted data Servers Personal information Blackberries Archives Flash drives Databases The definition of computer security is pretty straightforward <Read definition> This may lead you to the question: <next slide>

4 Why do I need to learn about computer security?
Isn’t this just an IT Problem? <Read slide> And the answer is: Well, not really… Everyone who uses a computer needs to understand how to keep his or her computer and data secure.

5 What are the consequences of security violations?
Embarrassment to yourself and/or the University Having to recreate lost data Identity theft Data corruption or destruction Loss of patient, employee, and public trust Costly reporting requirements and penalties Disciplinary action (up to expulsion or termination) Unavailability of vital data Embarrassment to the University – Breach information on the front page of the Chronicle etc Risk to security and integrity of personal or confidential information  e.g. identity theft, data corruption or destruction, unavailability of critical information in an emergency, etc. Loss of valuable business information Loss of employee and public trust, embarrassment, bad publicity, media coverage, news reports Costly reporting requirements in the case of a compromise of certain types of personal, financial and health information Internal disciplinary action(s) up to and including termination of employment, as well as possible penalties, prosecution and the potential for sanctions / lawsuits

6 Good Computer Security Practices
“Top Ten List” Good Computer Security Practices So that’s what computer security is and why it is important to know about good computing practices. Next I will quickly go through some basic good computing practices. I’d like to call your attention to the “Top 10 list” of good computing practices” on the handout that I gave you. The handout is meant as a reference for you to take with you, and what I’ll be doing is highlighting some key points.

7 2. Back-up your data. Don’t keep restricted data on portable devices.
Make backups a regular task, ideally at least once a day. Backup data to removable media such as portable hard drives, CDs, DVDs, or a USB memory stick. Store backup media safely and separately from the equipment. Remember, your data is valuable… don’t keep your backups in the same physical location as your computer! Restricted data discussed on slides 27 and 28. Maybe say something here about what portable devices are? Namely laptops, flash drives/memory sticks. Portable Devices: These include laptops, CDs/floppy disks, memory sticks, PDAs, phones, etc. These items are extra vulnerable to theft and loss. If you have to, keep these items extra secure. 1. Need info for back up your data.

8 3. Use cryptic passwords that can’t be easily guessed and protect your passwords - don’t write them down and don’t share them! Passwords: Passwords are a fundamental line of defense against unauthorized access of our computers or data, so it is important to have good passwords that are hard for hackers to guess or crack, and it’s also important to protect your passwords - keep them secure. They really need to be treated like other confidential info such as SSN or other identity theft information. The handout has some general pointers for creating good, cryptic passwords. Protecting your password means never share it and try to create passwords that are easy for you to remember so you don’t have to write them down. If you DO have to write a password down, be sure you store it securely - lock it up in a place where others wouldn’t think to look.

9 5. Don’t install unknown or unsolicited programs on your computer.
“I’ll just keep finding new ways to break in!” 4. Make sure your computer has anti-virus, anti-spyware and firewall protection as well as all necessary security patches. 5. Don’t install unknown or unsolicited programs on your computer. Patches: Ask your computing coordinator if you aren’t sure how to do this. (It’s not your job to figure it out.) Also find out what you need to do (if anything) to keep them current. Unknown programs: These can harbor computer viruses or open a “back door” giving others access to your computer.

10 6. Practice safe e-mailing ~
Don’t open, forward, or reply to suspicious s Don’t open attachments or click on website addresses Delete spam Talk about the secure solution 3 main points: We already talked a bit about not clicking on web links unless you really know where you are going. This is especially true for unsolicited web links in . Regarding attachments, only open attachments if you are positive you know what you’re opening 3 checks: you were expecting it, it is addressed specifically to you, and the file name is what you were expecting. Checks are important because can look like it is from a known person but really be sent by an infected machine. See handout: “Should you open that attachment?” 3. Don’t open, reply to or forward spam or suspicious s - Just delete them. Some warning signs that you’re dealing with suspect on handout.

11 7. Practice safe Internet use ~
Accessing any site on the internet could be tracked back to your name and location. Accessing sites with questionable content often results in spam or release of viruses. And it bears repeating… Don’t download unknown or unsolicited programs! Internet: With respect to using the Internet, it is important to keep 2 things in mind: The internet is not private. Don’t provide personal or sensitive information to internet sites, surveys or forms unless you are using a trusted, secure web page. Just opening a malicious web page can infect a poorly protected computer. Make sure you know where you’re going before clicking on a link Instead of clicking on a link, look up the company and go there directly.

12 8. & 9. Physically secure your area and data when unattended ~
Secure your files and portable equipment - including memory sticks. Secure laptop computers with a lockdown cable. Never share your ID badge, access codes, cards, or key devices (e.g. Axiom card) Lock Up; Close Up: Check windows, doors and drawers (take keys out of drawers). Lock up any sensitive materials before you leave your area. It’s OK to question people if you think they may be somewhere that they don’t belong. SAY MORE ABOUT AXIOM CARDS Laptops: Lock up your laptop wherever you take it, including at meetings, conferences, coffee shops, etc. Make sure it is locked to something permanent. Lockdown cables are available at The Source Bookstore.

13 10. Lock your screen For a PC ~
<ctrl> <alt> <delete> <enter> OR <> <L> For a Mac ~ Configure screensaver with your password Create a shortcut to activate screensaver Use a password to start up or wake-up your computer. Get directions from sean about how to log off a Mac Basic theme: Secure your computer when it is unattended. And make sure a password is required to get back on or to start up. For additional protection, have your computer set to “auto-lock” if it is left unattended.

14 Protecting Restricted Data
In addition to going over these general good computing practices, I want to include a few words about restricted data.

15 Restricted data includes, but is not limited to:
Name or first initial and last name Health or medical information Social security numbers Ethnicity or gender Date of birth Financial information (credit card number, bank account number) Proprietary data and copyrighted information Student records protected by FERPA Information subject to a non-disclosure agreement Restricted data is basically anything that would be considered sensitive that shouldn’t be available to the general public for one reason or another. These are a few examples. Some of the classic ones are SSN, health info, financial info, intellectual property, but most of us have a general sense of what is and isn’t sensitive or private, and you can always look it up or ask if you’re not sure. Because of its nature, restricted data needs to be specially protected. Given this, I have 3 relatively simple steps for you for protecting restricted data. <Next slide>

16 Managing Restricted Data
Know where this data is stored. Destroy restricted data which is no longer needed ~ shred or otherwise destroy restricted data before throwing it away erase/degauss information before disposing of or re-using drives Protect restricted data that you keep ~ back-up your data regularly Inventory: The first step toward protecting restricted data is making sure it is stored in the fewest places necessary. PII & other restricted data can be in current or old files, including archives. Disposal/re-use: You can’t just get rid of sensitive data, you have to completely destroy it so others can’t get to it. Shred it (dumpster diving) or work with your computing person to erase it completely so that hackers can’t retrieve it. Including hard-drives, CDs, zip disks, flash drives, back-up tapes, etc. If you don’t know where to start, call the ITS Helpdesk: 459-HELP Protecting RD that you keep: Work with your computing coordinator to protect any restricted data that you need to keep. If there’s time, which there won’t be: Know who has access to folders before you put restricted data there! Do not leave sensitive information on printers, fax machines, or copiers. Set up your workstation so that unauthorized people and passers-by cannot see the information on your monitor. Avoid using to send restricted data; it’s not secure.

17 Thank You Be Safe….

Download ppt "Good Computer Security Practices Basic Security Awareness"

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.

Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.

1 Electronic Information Security – What Researchers Need to Know University of California Office of the President Office of Research May 2005.
Good Computer Security Practices Basic Security Awareness September 10, 2007 School of Nursing Office of Academic and Administrative Information Systems.

Good Computer Security Practices Basic Security Awareness September 10, 2007 School of Nursing Office of Academic and Administrative Information Systems.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Information Security Awareness:

Information Security Awareness:
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
Sensitive Data Accessibility Financial Management College of Education Michigan State University.

Sensitive Data Accessibility Financial Management College of Education Michigan State University.
10 Essential Security Measures PA Turnpike Commission.

10 Essential Security Measures PA Turnpike Commission.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Protecting Sensitive Information PA Turnpike Commission.

Protecting Sensitive Information PA Turnpike Commission.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
IT Security Awareness: Information Security is Everyone’s Business A Guide to Information Technology Security at Northern Virginia Community College.

IT Security Awareness: Information Security is Everyone’s Business A Guide to Information Technology Security at Northern Virginia Community College.
Staying Safe Online Keep your Information Secure.

Staying Safe Online Keep your Information Secure.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Liam Bradford.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Liam Bradford.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.

Similar presentations

Ads by Google