Presentation is loading. Please wait.

Presentation is loading. Please wait.

PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002.

Published byHilary Spencer Modified over 9 years ago

Similar presentations

Presentation on theme: "PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002."— Presentation transcript:

1 PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002

2 Christmas 2002PPD\Computing Group2 Anti-Virus - move to Sophos. Move from Network Associates to Price & Support issues As before: Managed from central console. Set to scan PCs at 05:00 each morning, and midday Wednesday. CG automatically notified (e-mail) if virus found.

3 Christmas 2002PPD\Computing Group3 Anti-Virus at Home “1 in 30 e-mails has a virus” If you handle e-mail and do not have up-to-date anti-virus protection – you have an infected PC. Our Sophos Licence covers your home PC. CD in preparation Not as easy as some other A-V products to update at home.

4 Christmas 2002PPD\Computing Group4 Home Users To connect in (via dial-up or PPTP) you are required to have both an up-to-date anti-virus program and a personal firewall on your PC We have purchased copies of Zone Alarm personal firewall if you need them.

5 Christmas 2002PPD\Computing Group5 Firewall and Remote Users Ways into the lab from a remote system: Bastion Host http://www.bitd.clrc.ac.uk/Activity/BastionServer Dial-in to RAL RAS service. http://www.pcsupport.rl.ac.uk/netserv/dialup.htm Use the PPTP server. http://www.pcsupport.rl.ac.uk/netserv/pptp/pptp_intro. htm

6 Christmas 2002PPD\Computing Group6 Use of PPTP (Point to Point Tunnelling Protocol) RAL Remote network Internet firewall

7 Christmas 2002PPD\Computing Group7 Use of PPTP (Point to Point Tunnelling Protocol) RAL Remote network Internet firewall Pptp01.rl.ac.uk

8 Christmas 2002PPD\Computing Group8 Security Updates For windows systems Update Expert – for desktop Windows systems in PPD. Windows Update – for laptops. If you manage a system (e.g. a LINUX system) – you are required to ensure it is up-to-date with all relevant security patches.(E.g. use autoRPM.)

9 Christmas 2002PPD\Computing Group9

10 Christmas 2002PPD\Computing Group10 SPAM mail If (when ?) you receive SPAM mail, which may be offensive – don’t panic! Do NOT reply to it (even if it says “ send a mail to …. if you wish to be taken off this list”) Move to the ‘#SPAM’ folder. Beware of Hoax mails Do not believe anything that says “…. Pass this on to all your colleagues”. If in doubt ask CG or CLEO (ext 5730) http://www.cleo.clrc.ac.uk/

11 Christmas 2002PPD\Computing Group11

12 Christmas 2002PPD\Computing Group12 ‘Nigerian’ or ‘419’ Scam Letter, typically involving someone in an African country, asking with assistance to gain access to a sum of money. Do not reply – move mail to ‘Nigerian Scam’ folder. May send paper letters or e-mail, and may target church groups & charities. See http://www.ncis.gov.uk/press/24_01.asp

13 Christmas 2002PPD\Computing Group13 Your Responsibilities Awareness of security issues. Appropriate Use of CLRC resources. Correctly managed systems. CLRC Security Policy CLRC Codes of Conduct CLRC Incident procedures See the PPD introduction to this at: http://hepwww.rl.ac.uk/ppdcomputing/NT/Security _Intro.html

14 Christmas 2002PPD\Computing Group14 Bureaucracy….. Data Protection Act - 1998 Freedom of Information Act 2000. Regulation of Investigatory Powers (RIP) Act 2000. Anti-Terrorism, Crime & Security Act 2001. “As a matter of policy, CCLRC will comply with the provisions of the RIP Act. CCLRC will monitor the use of JANET and CCLRC internal telecommunications networks, both to provide assurance that CCLRC staff (and users of CCLRC facilities) are complying with the acceptable use policy and to ensure that there is no illegal use of these networks.”

15 Christmas 2002PPD\Computing Group15 Passwords Secure Not saved in an obvious place Of good enough quality (CLRC ‘rules’) Including passphrases used to protect certificates. Phasing out ‘clear text’ passwords over the network. Telnet into site will be blocked from 1 st Feb 2003. Anticipate FTP block.

16 Christmas 2002PPD\Computing Group16 When IT All Goes Wrong…. Ensure important files are saved on disks that are backed up. E.g. H: drive on Windows desktops Unix home file system, AFS home file system Etc. CG have (and are improving) disaster recovery plans

Download ppt "PPD & CLRC's response to the (IS) Security Threat Gareth Smith PPD/CG Christmas Lectures 2002."

Similar presentations

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.

The Approach to Security in CLRC Gareth Smith With acknowledgements to all the members of the CLRC Computer Network and Security Group, especially Trevor.
Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.

Darton College Information Systems Use Policies. Introduction Dartons Information Systems are critical resources. The Information Systems Use Policies.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Email. Email: How it works? To send an email you need an email Software or Web Based email To send an email to a friend you need to know their email Address.

. How it works? To send an you need an Software or Web Based To send an to a friend you need to know their Address.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.

Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.

NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.

1 Figure 6-16: Advanced Server Hardening Techniques Reading Event Logs (Chapter 10)  The importance of logging to diagnose problems Failed logins, changing.
Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University

Data Security Issues in IR Eileen Driscoll Institutional Planning and Research Cornell University
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Computer Networks IGCSE ICT Section 4.

Computer Networks IGCSE ICT Section 4.
Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.

Developing a Security Policy Chapter 2. Learning Objectives Understand why a security policy is an important part of a firewall implementation Determine.
Using Anti-virus Software A SeniorNet Workshop SeniorNet is a service program of the Lutheran Service Society of Western Pennsylvania.

Using Anti-virus Software A SeniorNet Workshop SeniorNet is a service program of the Lutheran Service Society of Western Pennsylvania.
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.

Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
Information Security Information Technology and Computing Services Information Technology and Computing Services

Information Security Information Technology and Computing Services Information Technology and Computing Services
Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.

Fermi Computer Incident Response Team Computer Security Awareness Day March 8, 2005 Michael Diesburg.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Information Governance Jym Bates Head of Information Assurance.

Information Governance Jym Bates Head of Information Assurance.
Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Lesson 8-Information Security Process. Overview Introducing information security process. Conducting an assessment. Developing a policy. Implementing.

Similar presentations

Ads by Google