Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technology Solutions Security Update

Published byEvangelina Sassi Modified over 6 years ago

Similar presentations

Presentation on theme: "Technology Solutions Security Update"— Presentation transcript:

1 Technology Solutions Security Update
BOR March 2018 Paul Czarapata, Ed.D. KCTCS Vice President / CIO

2 2017 – KCTCS Technology By The Numbers
186,000,000 s received Over 1 billion spam, phishing, and malware blocked Over 38,000 hours of Skype meetings Over 8 million files in OneDrive Technology Solutions help desk tickets completed in ,029 Average # of unique logins per day in Blackboard Learning Management System – 32,000 Up to 86 thousand logins daily to student information system

3 KCTCS Protection of Systems/Data
Network Firewalls (controls incoming/outgoing network traffic) Intrusion detection hardware/software Antivirus / Anti-malware software Hard drive encryption Network penetration testing (both internal and by external parties) Annual Information Technology Audit by Crowe Horwath Personally Identifiable Information (PII) enterprise search software Looks for ssn, credit cards, drivers license, etc Take advantage of programs from FBI Infragard, Dept Homeland Security, and University of Texas

4 KCTCS Protection of Systems/Data (Continued)
Physical security (locks, video surveillance, badge scanners, etc.) Education!! People are the weakest link, we coach them up! Seminars, online training, monthly newsletter, phishing campaign

5 What is the “Cloud” In simplest terms, cloud computing means storing and accessing data and programs over the internet instead of your computer or local data center.

6 Cloud Flavors SAAS – Software as a Service
Software distribution method where access to program is provided over Internet (i.e. Quickbooks Online) PAAS – Platform as a Service Develop, run, and manage web-based applications IAAS – Infrastructure as a Service IaaS is the provision of virtual servers and storage that organizations use on a pay-as-you-go basis

7 KCTCS’s Cloud footprint
Have adopted “Cloud First” strategy Nearly all KCTCS systems are in the “cloud” Mix of private and public cloud solutions Public = many companies in same cloud Private = cloud solution is just your company Each provider is vetted and audited Penetration testing Patch/fix policy Personnel screening Physical data center security Breach notification contracts Service level agreements

8 Sampling of KCTCS Cloud Providers

9 Who Is The Weakest Link? No matter how strong KCTCS: Firewalls
Intrusion Detection Systems Cryptography Anti-virus software People are the weakest link in computer security!  People are more vulnerable than computers "The weakest link in the security chain is the human element" -Kevin Mitnick

10 Privacy While KCTCS strives to protect its users' personal information and privacy, it cannot guarantee the security of any information you disclose online and you do so at your own risk. As a web user, keep in mind that whenever you give out personal information online information can be collected and used by people you don't even know.

11 Caution when you connect
Be wary of how/where you connect to the Internet Careful with free Public WiFi hotspots Be aware of shoulder surfers Shut your machine down when you’re not using it Never leave your laptop/phone/tablet alone in a public area Do not allow thumb drive to be attached to your machine

12 External Hard Drives & Thumb Drives
Don’t use a thumb drive you haven’t scanned for viruses (right click on it after you connect it)

13

14 What is Social Engineering?
At its core it is manipulating a person into knowingly or unknowingly giving up information; essentially 'hacking' into a person to steal valuable information. Psychological manipulation Trickery or Deception for the purpose of information gathering Secretly install spyware, other malicious software Trick persons into handing over passwords and/or other sensitive financial (credit card) or personal information.

15 Phishing Fraudulently obtaining private information
Send an that looks like it came from a legitimate person or business Request verification of information and warn of some consequence if not provided Usually contains link to a fraudulent web page that looks legitimate User gives information to the social engineer

16 Example:

17

18

19 Spear-Phishing Example:

20 Online Financial Transactions
Don’t use a debit card Sign up for alerts with your credit card company Only shop at reputable online stores (if the price is hard to believe, it’s probably a scam or a fake) Check your bank/credit card statements closely for small recurring charges Check if they support 2-factor authentication Ensure your are using a secure connection

21 What to do? Don’t click on links in suspicious emails
Set your operating system to automatically update If something doesn’t seem right, it probably isn’t Be very careful of what data you give over the phone Back up your machine frequently Watch what you post on social media (Facebook, Twitter, etc) Use a firewall on your personal computer

22 Preventing the infection
Use antivirus software. While there are some good free programs available, it may be worth your while to pay for top-notch protection. Antivirus software You are covered at work with antivirus, but are you covered at home? Set it to auto-update Run scans frequently My favorites – Kaspersky, McAfee, and AVG

23 What to do if you think you have a virus?
Contact your local IT team if at work (or contact me/Keith if you are retired or self-employed) If at home Disconnect it from internet Do a full scan with virus software to see if it can be removed If comfortable, you may want to download virus removal tools to a portable drive on another machine to see if those work Contact a reputable computer repair service to see if they can help If your drive is encrypted, you may be out of luck unless you pay the bad guys

24 Tips & Tricks Update your software regularly. This is the best way to make sure all security patches get installed. Otherwise, hackers can target you by attacking your computer with malware designed to exploit known weaknesses. Don’t click unknown links. Far too many computer users engage in this practice, which is frowned on by the professionals. Remember, it’s easy for attackers to “spoof” an address.

25 Questions? Thanks and be careful out there!!!!
KCTCS Technology Solutions

Download ppt "Technology Solutions Security Update"

Similar presentations

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.

SECURITY AND SOCIAL ENGINEERING US Department of Commerce Office of Security Updated 09/26/11 Security is Everyone's Responsibility – See Something, Say.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.

How to avoid Viruses and Malware on your Computer Use a firewall Using a firewall is like locking the front door to your house—it helps keep intruders.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.

Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.

GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.

MOBILE DEVICE SECURITY. WHAT IS MOBILE DEVICE SECURITY? Mobile Devices  Smartphones  Laptops  Tablets  USB Memory  Portable Media Player  Handheld.
Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Email Social.

Information Security and YOU!. Information Assurance Outreach Information Security Online Security Remote Access with Demonstration The Cloud Social.
ESCCO Data Security Training David Dixon September 2014.

ESCCO Data Security Training David Dixon September 2014.
Staying Safe Online Keep your Information Secure.

Staying Safe Online Keep your Information Secure.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.

Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.

IT security By Tilly Gerlack.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Similar presentations

Ads by Google