Presentation is loading. Please wait.

Presentation is loading. Please wait.

Joel Rosenblatt Director, Computer and Network Security September 10, 2013.

Published byGeoffrey Bond Modified over 9 years ago

Similar presentations

Presentation on theme: "Joel Rosenblatt Director, Computer and Network Security September 10, 2013."— Presentation transcript:

1 Joel Rosenblatt Director, Computer and Network Security September 10, 2013

2  Heightened Risks ◦ Theft of equipment  Try not to look like a tourist  Never leave your bags unwatched  Be aware of your surroundings ◦ Theft of credentials  Don’t use hotel business centers or web cafés to check your email, bank accounts, stock accounts, etc.  There is a good chance that they have key logging programs installed  Don’t use unknown WiFi networks  If you don’t know, ask

3  Backups of your data ◦ Backup everything before you leave  If your only copy gets stolen, you’re in trouble ◦ Take more than one copy of your presentations  Don’t keep them in the same place  Email yourself a copy  Send a copy to the conference organizers

4  For domestic travel ◦ Any device containing University sensitive data  Must have a strong password  Must have a locking screensaver  Must be encrypted  This includes ◦ Laptops ◦ Tablets ◦ Cell Phones ◦ External Storage (the encryption part)

5  Before you go … ◦ Check to make sure your machine is up to date  Check updates for OS, AV, and all applications ◦ Make sure you have all of your gadgets, and only take the ones you really need  Chargers, cables, any anything else you may need  For foreign travel, you will need plug converters ◦ Test your presentation  Better to do that here, then have to call the Help Desk long distance

6  International travel is not the same as Domestic travel ◦ Different laws ◦ Different expectations of privacy ◦ Language differences may make for complicated interactions

7  Don’t take sensitive data with you ◦ See Data Classification policy  http://policylibrary.columbia.edu/data-classification-policy http://policylibrary.columbia.edu/data-classification-policy ◦ Loss of data through theft, seizure or search can get very complicated ◦ If your equipment is not in your possession at all times, you should assume that the hard drive may have been copied ◦ Even if device is encrypted, you may be required to supply the password in order to clear customs ◦ If sensitive data is required, make arrangements to download data using a secure encrypted link (VPN) and securely delete data when you are done using it

8  Protect your data in case of loss or theft ◦ Encrypt your device (supported devices) ◦ Use a strong password and device timeout  Setting a password on a smart phone encrypts the data ◦ Consider using auto wipe – 10 bad password guesses and the device gets erased (smart phones) ◦ If you downloaded data for a meeting, remember to securely erase it when the meeting is over  Data you do not have cannot be compromised

9  Protect your identity ◦ Do not use the same password for multiple resources  Never use your UNI password for another resource ◦ Don’t log into any resource on a “free” computer ◦ Don’t use unidentified WiFi networks ◦ Random web surfing can be very risky, don’t do it ◦ If a web site looks different, don’t use it ◦ Change your password(s) when you get back using a secure computer

10  Protect your devices ◦ Backup your devices before you leave ◦ Install all updates before you go (including AV)  Installing updates while traveling is risky ◦ Consider taking a bare bones or loaner system on your trip – speak to your department ◦ Check that any software you are traveling with is allowed in the country you are going to – See:  http://finance.columbia.edu/content/export-controls- columbia-international-travelers http://finance.columbia.edu/content/export-controls- columbia-international-travelers ◦ Don’t cook your device, make sure you have the proper converters

11  Travel between countries – Crossing the border ◦ Carrying data across the border can be especially risky  Border control officers can request that you enter passwords and take your machine away for inspection  If you refuse, you or your device may be detained ◦ If your device is seized, try and get documentation  Contact the U.S. Embassy or Consulate for advice  If your device is taken by the U.S. customs, contact Columbia University’s department of Export control  http://finance.columbia.edu/content/emergency http://finance.columbia.edu/content/emergency

12  Travel with electronic devices and data presents additional risks.  Situational awareness is essential for security.  Personal safety is of the highest priority. When an official request is made, turn over the device.  You can send questions to security@columbia.edu

13

Download ppt "Joel Rosenblatt Director, Computer and Network Security September 10, 2013."

Similar presentations

Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.

Surfing the net: Ways to protect yourself. Internet Safety Look into safeguarding programs or options your online service provider might offer. Look into.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
Presented by the San Diego Industrial CI Awareness Working Group, an Affiliate of the Industrial Security Awareness Council.

Presented by the San Diego Industrial CI Awareness Working Group, an Affiliate of the Industrial Security Awareness Council.
Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.

Smartphone and Mobile Device Security IT Communication Liaisons Meeting October 11, 2012 Theresa Semmens, CITSO.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.

INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)

Helping our customers keep their computers safe.  Using your pet’s, business, family, friend’s names  Using number or letter sequences (0123, abcd)
Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.

Invasion of Smart Phones in Clinical Areas Chrissy Kyak Privacy Officer University of Maryland Upper Chesapeake Health.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Critical Data Management Indiana University HR Summit April 24, 2014.

Critical Data Management Indiana University HR Summit April 24, 2014.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.

9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Information Security Awareness:

Information Security Awareness:
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
Export Controls CBP is Turning up the Heat and the “ICE” is Not Melting April 2008 NCURA Western Regional Conference Adilia F. Koch.

Export Controls CBP is Turning up the Heat and the “ICE” is Not Melting April 2008 NCURA Western Regional Conference Adilia F. Koch.
Beyond WiFi: Securing Your Mobile Devices Thomas Kuhn Information Technology Assistance Center (iTAC) Kansas State University.

Beyond WiFi: Securing Your Mobile Devices Thomas Kuhn Information Technology Assistance Center (iTAC) Kansas State University.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

Similar presentations

Ads by Google