Presentation is loading. Please wait.

Presentation is loading. Please wait.

HUIT IT Security | October

Published byAgatha Jennings Modified over 5 years ago

Similar presentations

Presentation on theme: "HUIT IT Security | October"— Presentation transcript:

1 HUIT IT Security | October 2 2012
4/3/2019 Cloudy with a chance of Identity Theft Why a good password is very often your best defense HUIT IT Security | October

2 Agenda: Introduction Why are we here? Q & A Passwords Safeguards
4/3/2019 Agenda: Introduction Why are we here? Passwords Safeguards Identity Theft What to do now Q & A

3 Introduction Breadcrumb Citation 4/3/2019
Oct Introduction Presenting today will be members of the Policy, Risk and Compliance group in HUIT Security. Citation HUIT IT Security | Cloudy with a chance of Identity Theft

4 4/3/2019 Breadcrumb Oct Introduction This October, HUIT IT Security is conducting a series of informational sessions on “Surviving the Internet”. The efforts are part of the National Cyber Security Awareness Month (NCSAM). Each session will take the form of a 30 minute presentation which will be recorded. Please raise your hand at any time to ask a question. The remainder of each session is an open floor e.g. for questions you do not want recorded! Citation HUIT IT Security | Cloudy with a chance of Identity Theft

5 Introduction The Cambridge sessions: MD119: 1-2pm
4/3/2019 Breadcrumb Oct Introduction The Cambridge sessions: MD119: 1-2pm Oct 2: Cloudy with a chance of Identity Theft Oct 9: Is it ever not Social? Oct 16: Taming Lions, Tigers… and Windows Oct 23: Have device, will travel Oct 31: By user demand Use the survey and feedback tool: Citation HUIT IT Security | Cloudy with a chance of Identity Theft

6 Introduction The Longwood sessions: Oct 4: HMS: TMEC 227: 10-11am
4/3/2019 Breadcrumb Oct Introduction The Longwood sessions: Oct 4: HMS: TMEC 227: 10-11am Cloudy with a chance of Identity Theft Is it ever not Social? Oct 10: HSPH: Kresge G-1: 12-1pm Have device, will travel Oct 17: HMS: TMEC 227: 2-3pm Taming Lions, Tigers… and Windows Citation HUIT IT Security | Cloudy with a chance of Identity Theft

7 4/3/2019 Breadcrumb Oct Introduction Open office hours are 9-12 every Friday through October in 1414 Mass Ave, 3rd Flr. To reserve a timeslot or if you have any questions about a presentation, please or call x57777 The same contact information to report a security incident…..  Citation HUIT IT Security | Cloudy with a chance of Identity Theft

8 Why are we here? Breadcrumb Citation 4/3/2019
Oct Why are we here? Activating or claiming a service on the Internet often involves creating an account, specifying a username and password to use the service. Its a cumulative process, we populate our identities in an iterative fashion, one like, one friend at a time. Before we know it, the service providers add new features and we scurry to integrate the option and increase our dependency. Awareness around the security aspect of these services is developing but often the initial username and password is the only security mechanism we have to use. Internet resources, sometimes referred to the Cloud, present a ripe target for an attacker with personal, political or other motivations. As we migrate more of our activities to the Cloud, we should exercise caution to avoid pitfalls deliberately placed by attackers or through misadventure. If your account is compromised due to an attack such as phishing, spyware, account jacking and cracking or even accidental disclosure, your account and anything it contains may be used to commit fraud or other crimes. Picking a good password is very often the only defense available when using an Internet resource and in this talk we will give some examples of good passwords and some elementary practices to help safeguard your online identity from the perils of disclosure or theft. Before I proceed, hopefully I’ve provided context to the title “Cloudy with a chance of Identity Theft”. Please do raise your hand if you need more input. Citation HUIT IT Security | Cloudy with a chance of Identity Theft

9 Good passwords: Minimum of 8 characters.
4/3/2019 Breadcrumb Oct Good passwords: Minimum of 8 characters. Mix upper and lower case letters Use a combination of numbers and symbols Do not use real words, names, dates, phone numbers, sports teams, cars, addresses or personally identifiable information including anything listed in a social networking context Unique: Separate passwords for different accounts Citation HUIT IT Security | Cloudy with a chance of Identity Theft

10 Whose woods these are I think I know
4/3/2019 Breadcrumb Oct Example #1: Take a familiar phrase Substitute numbers, symbols and capitalization Whose woods these are I think I know First pass: initials WwtaItIk Second pass: substitution WwtR?1t1n0 Citation HUIT IT Security | Cloudy with a chance of Identity Theft

11 Example #2: Take a unique combination of words
4/3/2019 Breadcrumb Oct Example #2: Take a unique combination of words Substitute numbers, symbols and capitalization Peanut Text Sky Substitute Pnu7_teXt-5ky Citation HUIT IT Security | Cloudy with a chance of Identity Theft

12 Multi-Factor Breadcrumb Citation 4/3/2019
Oct Multi-Factor Several cloud services offer a great complement to your secret password. These services require something in your possession in log in. This is sometimes referred to as multi-factor in the sense of “something you know” and “something you have”. If you choose to activate the feature, every time you log in, you will be prompted for a value from an SMS Text or unique key from a mobile application. We will discuss this in more detail later. Google Authenticator Yahoo FaceBook PayPal Citation HUIT IT Security | Cloudy with a chance of Identity Theft

13 Safeguards Breadcrumb Citation 4/3/2019
Oct Safeguards Use a long password. The greater the length, the better. Never share your password with anyone, including family, friends, significant others, vendors or IT Support A Harvard IT technician will never ask for your password Never save your password if prompted by your web browser Never send your password by Use different passwords for different accounts Use an alerting service The longer it is – why – trivial to brute force. Computationally infeasible the larger. Will discuss advanced topics like hashing later. Choose account or password security questions carefully. Do not use information discernable on social networking sites Be careful if choosing to chain accounts. Can a compromise in one account lead to another? If the site reports where you last logged in. Check! Change your password at least annually Use multi-factor when available Consider using a Password Manager Review your free Credit Report Everything we’ve described also applies to mobile devices Citation HUIT IT Security | Cloudy with a chance of Identity Theft

14 If you are a victim of Identity Theft
4/3/2019 Breadcrumb Oct If you are a victim of Identity Theft Place a fraud alert on your credit reports Change your credit cards Close fraudulent accounts File a police report Consider an Identity monitoring service Collect and keep all evidence Change all of your passwords and the answers to security questions Disable any pass-though Identity services If the theft includes your Harvard account, notify Citation HUIT IT Security | Cloudy with a chance of Identity Theft

15 What you can do now: Pick good passwords
4/3/2019 Breadcrumb Oct What you can do now: Pick good passwords Use unique passwords for your accounts Password protect your mobile device Use good security reset questions Check your credit report Be aware Citation HUIT IT Security | Cloudy with a chance of Identity Theft

16 4/3/2019 Breadcrumb Oct IT Security Contact Info Helpdesk at x 57777 Use the survey and feedback tool: These slides will be on security.harvard.edu These slides and the video will be on Citation HUIT IT Security | Cloudy with a chance of Identity Theft

17 Esmond Kane | Cloudy with a chance of
4/3/2019 Thank you. Esmond Kane | Cloudy with a chance of Identity Theft Thank you slide October 2, 2012

Download ppt "HUIT IT Security | October"

Similar presentations

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.

Point3r$. Password Introduction Passwords are a key part of any security system : –Work or Personal Strong passwords make your personal and work.
Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.

1.3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Lesson 11 Using Online Banking. Key Terms Account Transfer – online transfer of money; ex. Savings to checking acct. Fraud – using trickery to convince.

Lesson 11 Using Online Banking. Key Terms Account Transfer – online transfer of money; ex. Savings to checking acct. Fraud – using trickery to convince.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
ICT Curriculum Evening – an introduction to Wizkid.

ICT Curriculum Evening – an introduction to Wizkid.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.

October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
August 15 click! 1 Email Basics Kitsap Regional Library.

August 15 click! 1 Basics Kitsap Regional Library.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Internet Fraud By: Noelle Woodman.

Internet Fraud By: Noelle Woodman.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
How To Protect Your Privacy and Avoid Identity Theft Online.

How To Protect Your Privacy and Avoid Identity Theft Online.
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Threats to I.T Internet security By Cameron Mundy.

Threats to I.T Internet security By Cameron Mundy.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,

Similar presentations

Ads by Google