05-4i-cybersecurity.ppt
24
Cyber Security Cyber Security Preserving your privacy Preserving your privacy Safeguarding your data Safeguarding your data Presented 1/21/05 Presented 1/21/05 AGNR CIT Professional Development AGNR CIT Professional Development
-
Upload
sandra4211 -
Category
Documents
-
view
4.803 -
download
0
Transcript of 05-4i-cybersecurity.ppt
Cyber SecurityCyber Security
Preserving your privacyPreserving your privacy
Safeguarding your dataSafeguarding your data
Presented 1/21/05Presented 1/21/05
AGNR CIT Professional DevelopmentAGNR CIT Professional Development
HardwareHardware
• Router-FirewallsRouter-Firewalls• Wireless NetworksWireless Networks• SpywareSpyware
– Pentium IIIPentium III– KeyloggersKeyloggers
SoftwareSoftware
• Virus scannersVirus scanners– Passive/Active scanningPassive/Active scanning– http://www.helpdesk.umd.edu/virus/http://www.helpdesk.umd.edu/virus/
software.shtmlsoftware.shtml
More SoftwareMore Software
• Personal FirewallsPersonal Firewalls– Monitors trafficMonitors traffic– Windows XP Internet Connection Windows XP Internet Connection
Firewall warningFirewall warning
Still More SoftwareStill More Software
• Personal Proxy SoftwarePersonal Proxy Software– Controls cookiesControls cookies– Filters advertisingFilters advertising– Blocks pop-ups and pop-undersBlocks pop-ups and pop-unders– Hides previous pageHides previous page– Removes web bugsRemoves web bugs
A Little More SoftwareA Little More Software
• Spyware protectionSpyware protection• Limiting accessLimiting access
– By timeBy time– By contentBy content
• Windows UpdateWindows Update• Hidden embedded dataHidden embedded data
– msdn.microsoft.com/library/default.asp?url=/library/en-us/dnword2k2/html/msdn.microsoft.com/library/default.asp?url=/library/en-us/dnword2k2/html/odc_protectword.aspodc_protectword.asp
EmailEmail
• Outlook or Outlook ExpressOutlook or Outlook Express– Turn off the preview paneTurn off the preview pane– Disable javascript (affects IE as well)Disable javascript (affects IE as well)
• Netscape MessengerNetscape Messenger– Turn off view messageTurn off view message– Un-enable javascript for mail and Un-enable javascript for mail and
newsgroupsnewsgroups
More EmailMore Email
• Read mail offlineRead mail offline• EncryptionEncryption• Consider using the bcc: field to Consider using the bcc: field to
send messages to multiple send messages to multiple recipientsrecipients
Most Despised EmailMost Despised Email
• SpamSpam– Never reply to spamNever reply to spam– Use filtersUse filters– Use alternate email addresses for Use alternate email addresses for
shopping, newsgroupsshopping, newsgroups– Create email addresses that are hard Create email addresses that are hard
to guessto guess– http://www.cauce.org/news/http://www.cauce.org/news/
InternetInternet
• Browser SettingsBrowser Settings– IE 5 or higher, AutoComplete featureIE 5 or higher, AutoComplete feature– Netscape, store passwordsNetscape, store passwords
• Web Site privacy policiesWeb Site privacy policies• Spoof email/telephone requestsSpoof email/telephone requests
Other Best PracticesOther Best Practices
• Use a BIOS passwordUse a BIOS password• Back up your dataBack up your data• Be suspicious of email attachmentsBe suspicious of email attachments• Use secure passwordsUse secure passwords• Be aware of new threatsBe aware of new threats• Don’t promulgate hoaxesDon’t promulgate hoaxes
12 Safety Tips - #112 Safety Tips - #1
• GeneralGeneral– Turn off (or disconnect) the computer Turn off (or disconnect) the computer
when you're not using it, especially if when you're not using it, especially if you have an "always on" Internet you have an "always on" Internet connection. connection.
12 Safety Tips - #212 Safety Tips - #2
• Laptop securityLaptop security– Keep your laptop with you at all times when Keep your laptop with you at all times when
not at home. Regularly purge unneeded not at home. Regularly purge unneeded data files from your laptop. data files from your laptop.
• PDAsPDAs– People tend to store more personal data People tend to store more personal data
(including passwords and PINs) on PDAs than (including passwords and PINs) on PDAs than they do on laptops. Be smart!they do on laptops. Be smart!
12 Safety Tips - #312 Safety Tips - #3
• BackupsBackups– Back up regularly. Back up to disk, tape or Back up regularly. Back up to disk, tape or
CD-ROMCD-ROM– Store at least one set of backups off-site (a Store at least one set of backups off-site (a
safe-deposit box is a good place) and at safe-deposit box is a good place) and at least one set on-site. least one set on-site.
– Remember to destroy old backups. One way Remember to destroy old backups. One way to destroy CDs is to microwave them on high to destroy CDs is to microwave them on high for five seconds. You can also break them in for five seconds. You can also break them in half or run them through better shredders. half or run them through better shredders.
12 Safety Tips - #412 Safety Tips - #4
• Operating systemsOperating systems– Consider Macintosh or Linux.Consider Macintosh or Linux.– In Windows, set up Automatic Update In Windows, set up Automatic Update
so that you automatically receive so that you automatically receive security patchessecurity patches• Delete, rename, or move the files Delete, rename, or move the files
"command.com" and "cmd.exe.""command.com" and "cmd.exe."
12 Safety Tips - #512 Safety Tips - #5
• ApplicationsApplications– Limit the number of applications on Limit the number of applications on
your machine. If you don't need it, your machine. If you don't need it, don't install it. If you no longer need it, don't install it. If you no longer need it, uninstall it. uninstall it.
– Regularly check for updates to the Regularly check for updates to the applications you use and install them. applications you use and install them.
12 Safety Tips - #612 Safety Tips - #6
• BrowsingBrowsing– Limit your use of MS Internet Explorer. Limit your use of MS Internet Explorer. – Limit use of cookies and applets to those few Limit use of cookies and applets to those few
sites that provide services you need. Set sites that provide services you need. Set your browser to regularly delete cookies. your browser to regularly delete cookies.
– Don't assume a Web site is what it claims to Don't assume a Web site is what it claims to be, unless you've typed in the URL yourself. be, unless you've typed in the URL yourself.
– Make sure the address bar shows the exact Make sure the address bar shows the exact address, not a near-miss. address, not a near-miss.
12 Safety Tips - #712 Safety Tips - #7
• Web sitesWeb sites– Secure Sockets Layer (SSL) encryption does not Secure Sockets Layer (SSL) encryption does not
provide any assurance that the vendor is trustworthy provide any assurance that the vendor is trustworthy or that its database of customer information is or that its database of customer information is secure. secure.
– Limit the financial and personal data you send to Web Limit the financial and personal data you send to Web sites. If you don't want to give out personal sites. If you don't want to give out personal information, lie. information, lie.
– Opt out of marketing notices. Opt out of marketing notices. – If the Web site gives you the option of not storing If the Web site gives you the option of not storing
your information for later use, take it. your information for later use, take it. – Use a credit card for online purchases, not a debit Use a credit card for online purchases, not a debit
card. card.
12 Safety Tips - #812 Safety Tips - #8
• PasswordsPasswords– For high-security Web sites such as banks, For high-security Web sites such as banks,
create long random passwords and write create long random passwords and write them down. Guard them as you would your them down. Guard them as you would your cash. cash.
– Never reuse a password for something you Never reuse a password for something you care about. (It's fine to have a single care about. (It's fine to have a single password for low-security sites, such as for password for low-security sites, such as for newspaper archive access.)newspaper archive access.)
– Never type a password you care about, such Never type a password you care about, such as for a bank account, into a non-SSL as for a bank account, into a non-SSL encrypted page.encrypted page.
12 Safety Tips - #912 Safety Tips - #9• E-mailE-mail
– Turn off HTML e-mail.Turn off HTML e-mail.– Don't automatically assume that any e-mail is from the "From" address.Don't automatically assume that any e-mail is from the "From" address.– Delete spam without reading it. Don't open messages with file attachments, Delete spam without reading it. Don't open messages with file attachments,
unless you know what they contain; immediately delete them. unless you know what they contain; immediately delete them. – Never click links in e-mail unless you're sure about the e-mail; copy and Never click links in e-mail unless you're sure about the e-mail; copy and
paste the link into your browser instead.paste the link into your browser instead.– If you use Microsoft Office, enable macro virus protection; in Office 2000, If you use Microsoft Office, enable macro virus protection; in Office 2000,
turn the security level to "high" and don't trust any received files unless you turn the security level to "high" and don't trust any received files unless you have to. have to.
– If you're using Windows, turn off the "hide file extensions for known file If you're using Windows, turn off the "hide file extensions for known file types" option; it lets Trojan horses masquerade as other types of files. types" option; it lets Trojan horses masquerade as other types of files.
– Uninstall the Windows Scripting Host, or, if you can get along without it, Uninstall the Windows Scripting Host, or, if you can get along without it, change your file associations so that script files aren't automatically sent to change your file associations so that script files aren't automatically sent to the Scripting Host if you double-click them. the Scripting Host if you double-click them.
12 Safety Tips - #1012 Safety Tips - #10
• Antivirus and anti-spyware softwareAntivirus and anti-spyware software– Use it--either a combined program or two Use it--either a combined program or two
separate programs. Download and install the separate programs. Download and install the updates, at least weekly and whenever you updates, at least weekly and whenever you read about a new virus in the news. Some read about a new virus in the news. Some antivirus products automatically check for antivirus products automatically check for updates. Enable that feature and set it to updates. Enable that feature and set it to "daily.""daily."
12 Safety Tips - #1112 Safety Tips - #11
• FirewallFirewall– Spend $50 for a Network Address Spend $50 for a Network Address
Translator firewall device; it's likely to Translator firewall device; it's likely to be good enough in default mode. On be good enough in default mode. On your laptop, use personal firewall your laptop, use personal firewall software. If you can, hide your IP software. If you can, hide your IP address. address.
12 Safety Tips - #1212 Safety Tips - #12
• EncryptionEncryption– Install an e-mail and file encryptor Install an e-mail and file encryptor
(like PGP). Encrypting all your e-mail (like PGP). Encrypting all your e-mail or your entire hard drive is unrealistic, or your entire hard drive is unrealistic, but some mail is too sensitive to send but some mail is too sensitive to send in the clear. Similarly, some files on in the clear. Similarly, some files on your hard drive are too sensitive to your hard drive are too sensitive to leave unencrypted. leave unencrypted.
Finally…Finally…
