Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Security and Best Online Practices

Published by지숙 석 Modified over 5 years ago

Similar presentations

Presentation on theme: "Information Security and Best Online Practices"— Presentation transcript:

1 Information Security and Best Online Practices

2 Introductions About Us About the Class (MGMT636)
About the MSISA program Cybersecurity Data Analysis Database Management And more The top emplyers for graduates are the National laboratories, the DHS, DOD, and UNM itself.

3 Google Trends “Cybersecurity” Worldwide
Interesting because it runs counter to trends in hack, hackers, cybercrime, security. Encouraged everyone to check out Google Trends. A very useful tool for finding trending information and exploring patterns in the world.

4 Overview What are we going to talk about? More In-depth, Real Quickly,
Encryption, Hashing Tech Demos Real Quickly, Password Creation Password management/protection

5 Instagram Accounts got HACKED!!!
Recently some Russian hackers have hacked several people’s Instagram Account The reason is still unknown. Facebook and Cambridge Analytica too.

6 HSBC Bank suffers data breach
HSBC Bank suffered a data breach in last October 4 and October 14,2018 Fortunately only a small amount of customers were affected, reportedly less than 1%. Important information stolen: full name, mailing address, date of birth, phone number, address, account numbers etc.

7 Encryption Video Local Location ../Documents/TrimmedEncryption.mp4
Web Location

8 Hashing vs. Encryption Not the same thing.
Both result in “jumbled” text. Encryption can be decrypted with a key Hash cannot be un-hashed (one-way)

9 What is Encryption? Turn data into unreadable character.
These unreadable characters can be converted back to the data. (with the right key). Two Types (symmetric key, public key).

10 Where is Encryption Used?
Anywhere and everywhere that information is stored. Anywhere a password is used or communication is used. Internet, Phones, computers, applications, banking, cars, IoT, communication, computer games, etc…

11 One of first Examples Caesar Cipher
The Caesar cipher is named after Julius Caesar, who used it with a shift of three to protect messages of military significance. While Caesar's was the first recorded use of this scheme, other substitution ciphers are known to have been used earlier.

12 Using A Keyword

13 What is Hashing? A string or number generated from a string or text.
Fixed Length. Varies Widely. (“hello” vs. “Hello”) Best algorithms are designed to be nearly impossible to turn hash back to original string.

14 When is Hashing Used? Used to store passwords(SQL Database).
Strong hashing algorithm with salt = hard to reverse. When user logs in. To make sure a file wasn’t changed.

15 What is a Salt???? Salt is extra text added to the end.
If password was “password” the database can salt it by adding “safe” to the end of it. “passwordsafe” now gets hashed and saved. Protect against dictionary attack and rainbow table.

16 Salt in The News LinkedIn sued for a data breach (2013)
They were deemed negligent for not salting their stored passwords. The database was susceptible to SQL injection attacks.

17 TECH DEMO!!! Hashing and Encrypting using Terminal (applies to Windows in a similar manner) Comes pre-installed on Mac OSX For windows, can be downloaded at this link. openssl list-cipher-commands  this command will show you all the types of encryption you can use. openssl des –in filename.txt –out filename.txt.enc  encrypt the file using the DES algorithm emacs filename.txt.enc  (opens the file in emacs) in order to see what encryption text (most text editors will work). openssl des –d –in filename.txt.enc –out filenameOUTPUT.txt openssl aes-256-cbc –a –salt –in filename.txt –out filename.txt.enc  using aes-256-cbc algorithm very powerful, common, widely used. Adding salt makes it even more secure. Basically need a super computer to crack this now. -a makes the encryption use plain text. openssl aes-256-cbc -d –a –salt in filename.txt.enc –out filenameOUTPUT.txt  decrypt previous encryption. Openssl –h  give you all the options available Openssl dgst –h  gives you all Hash functions available. echo –n “testing string” | openssl md5 echo –n “testing string” | openssl sha256 echo –n filename.txt | openssl sha1 The Handout provides examples of the code used.

18 Types of Authentication

19 Types of Authentication cont.
Knowledge factors: Factors the user must know in order to log in are considered a knowledge factor. This can be anything from a username, password, or pin number

20 Types of Authentication cont.
Possession factors. Anything that the user must have in order to log in is known as a possession factor. One-time password tokens, key fobs, ID cards, and physical tokens are all considered possession factors

21 Types of Authentication Cont.
Inheritance factors. Using a person’s biological characteristics is known as an inheritance factor.

22 Password Creation

23 Some Common Password

24 How long it takes to hack?

25 Combinatorics How we do calculate the number of possible combinations from a password of 8 – 12 characters? (Password Characters)^(Password Length) Numbers 0-9, letters a-z, A-Z, symbols = 546,108,599,162,939,437,890,625

26 Some Interesting Stats
2 out of 5 people have been 'hacked' in the last year 21% use password that are at least 10 years old 47% use passwords that are at least 5 years old 54% use 5 or fewer passwords across their entire online presence On average, only 6 unique passwords are used to guard 24 online accounts

27 Password Recommendations
At least 8 characters long Use mixture of upper case, lower case, digits, symbols Utilize biometrics (Automatic on iPhones) Do not use words listed in the dictionary Do not store in text or word file It should be used and known by one person only

28 Password Manager Stores different login information and passwords from all sites you want No need to remember them all! Can autofill during login process Password managers are secure

29 Lastly Why is all this protection of data important?
You might not know what data these companies are keeping on you. Why is facebook free? Why is Instagram free? Snapchat…

30 Why are these Apps free? A staggering $24.1 billion of Google's $27.77 billion revenue for Q3 2018 was from advertising Facebook reported $11.97 billion in revenue and $4.98 billion in profit for the past quarter, with 91 percent of its advertising revenue coming from mobile.

31 Download Your Information
We have passed out a handout that gives you quick easy instructions for requesting and downloading your information from facebook, google, Instagram and snapchat.

32 References https://securityscorecard.com/blog/worlds-worst-passwords

33 References Cont.

Download ppt "Information Security and Best Online Practices"

Similar presentations

WordPress Installation for Beginners Sheila Bergman

WordPress Installation for Beginners Sheila Bergman
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.

Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.

Two-Factor Authentication & Tools for Password Management August 29, 2014 Pang Chamreth, IT Development Innovations 1.
Cryptography: Keeping Your Information Safe. Information Assurance/Information Systems –What do we do? Keep information Safe Keep computers Safe –What.

Cryptography: Keeping Your Information Safe. Information Assurance/Information Systems –What do we do? Keep information Safe Keep computers Safe –What.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,

PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.

CRYPTOGRAPHY PROGRAMMING ON ANDROID Jinsheng Xu Associate Professor North Carolina A&T State University.
Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.

Nothing is Safe 1. Overview  Why Passwords?  Current Events  Password Security & Cracking  Tools  Demonstrations Linux GPU Windows  Conclusions.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. Emails. Safe browsing for shopping and online banks. Social media.

CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.

.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Confidential - © 2012 StreamWIDE © StreamWIDE 2014 1.

Confidential - © 2012 StreamWIDE © StreamWIDE
Staying Safe Online Keep your Information Secure.

Staying Safe Online Keep your Information Secure.
Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.

Dan Johnson. What is a hashing function? Fingerprint for a given piece of data Typically generated by a mathematical algorithm Produces a fixed length.
CIS 450 – Network Security Chapter 8 – Password Security.

CIS 450 – Network Security Chapter 8 – Password Security.
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.

 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.

Internet and Social Media Security. Outline Statistics Facebook Hacking and Security Data Encryption Cell Phone Hacking.
6fb52297e004844aa81be d50cc3545bc Hashing!. Hashing  Group Activity 1:  Take the message you were given, and create your own version of hashing.  You.

6fb52297e004844aa81be d50cc3545bc Hashing!. Hashing  Group Activity 1:  Take the message you were given, and create your own version of hashing.  You.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.

Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
How Your Customers Will Pay Online & by Phone

How Your Customers Will Pay Online & by Phone
1 Day 2 Logging in, Passwords, Man, talk, write. 2 Logging in Unix is a multi user system –Many people can be using it at the same time. –Connections.

1 Day 2 Logging in, Passwords, Man, talk, write. 2 Logging in Unix is a multi user system –Many people can be using it at the same time. –Connections.
Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Cyber Safety Mohammad Abbas Alamdar Teacher of ICT STS Ajman – Boys School.

Similar presentations

Ads by Google