Transcript IT Forum October 29, 2009

Information Security
Office & Home
IT Forum
October 29, 2009
Presenters:
Diane Jachimowicz – Senior Technology Services Analyst
Anthony Maszeroski – Information Security Manager
Danielle Morse – Associate Director, Desktop Services
House Keeping
•
•
•
•
•
Sign In Sheet
Prizes
Speakers
Top 10 Office Security Tips
Agenda
Agenda
•
•
•
•
•
•
•
•
•
•
•
•
Personally Identifiable Information (PII)
Safer Web Browsing
Office Security
Student Use of Office PC’s
Passwords
Royal Drive
Encryption of Files
USB Encryption
McAfee AntiVirus
Home Tools
Q&A
Announcements/Prizes Awarded
Office Security
• Keep your office locked even if you just step out for a
minute
• Don’t leave valuables in plain view
• Consider taking your laptop home with you
• Report suspicious activity immediately
• If the building is locked, don’t let someone you don’t
know into the building
• Don’t become so absorbed in what you are doing that
you don’t notice the activity around you
• Confidential documents should be put away and not
left visible and unattended on work desks
Office Computer Security
• Computer screens should be angled so
visitors can’t see sensitive information
• Shutdown every night
• Unplug over holidays
• Use Laptop Locks
• Backup Storage
Logoff when you leave
To Lock Down Windows XP
Click Ctrl+Alt+Delete
Select "Lock Workstation"
This will bring up your login screen and lock your computer down
Windows XP shortcut: Click the Windows key (the flying window key at
the bottom of the key board) and the L key. This will bring up your
login screen and lock your computer down.
To Lock Down Windows Vista at home
Go to the Start menu
At the bottom right you'll see an icon of a padlock
Click it to lock the computer
Student Use of Office Computers
•
•
•
•
Designated Student Computers
Secure storage space
Check Student PC Periodically
Confidentially Agreements
Why You Need a Secure Password
• Authenticate or prove your identity
• Malicious e-mail sent in your name
• Your password can be used to commit fraud,
post child pornography, send spam, make
threats, break into other systems, and much
more.
Protect Your Password
• Select a unique password
• Avoid any password with personal information:
• Birth date, name, home town, or mother's maiden
name
• Children’s name, pet's name, or your best friend
• Driver's License, phone, address, license plate, social
security number, or PIN numbers
• Don’t write down your password
• Don’t tell anyone your password
Common Password Mistakes
changeme
password
start
computer
internet
ihavenopass
mypassword
openup
scranton
Letmein
123456
Creating a Secure Password
• Use 9 or more characters
• DO NOT use plain dictionary words
• Include at least 3 of the following criteria:
– lowercase letters
– UPPERCASE letters
– Numbers
– Punctuation
• 4S&7yaofb4th
Passwords are like Underwear…
•
•
•
•
•
Change Yours Often!
Don't Share Them with Friends!
Be Mysterious!
The Longer the Better!
Don’t Leave Yours Lying Around!
Consider these findings...
• More than 40% of all individually-chosen
passwords are readily guessed by someone
who knows you
• 3,000 out of 13,000 passwords cracked
• Gaining access to one password often
provides access to other systems and
accounts
How Passwords are Cracked
•
•
•
•
•
Dictionary programs
Changing the default password
Guessable passwords
Commonly-chosen passwords
Short passwords
Tips for strong passwords...
• DON'T use your login name in any form
• DON'T use a password made up of all digits,
or of all the same letter
• DON'T use words in the dictionary
• DON'T use consecutive or adjacent keys
• DON'T use "remember my password
features"
Tips for strong passwords...
• DO include a mix of upper and lower case,
numbers, and punctuation such as
HY?j4iP or 3rt!dlP
• DO use a password that you can type quickly
without having to look at the keyboard
• DO change your password regularly
Royal Drive
•
•
•
•
•
What is it?
Who should use it?
How do you get to it?
Why should you use it?
Royal Drive is used in over 120 colleges and
universities throughout the country including
Georgetown, Boston College, Harvard,
Princeton and Yale.
Royal Drive Benefits
• Secure Storage
• Document Sharing/Collaboration
• Intellitach
Encryption
• Encryption is the process of encoding data to
ensure that unauthorized parties cannot view
it.
• To accomplish encryption, a key or code
provided by you is used to encrypt the data,
making encryption difficult to crack.
• A few encryption options are readily available
to you.
ENCRYPTION OF FILES
USB ENCRYPTION
TrueCrypt
• Software application used for real-time onthe-fly encryption
• Free, open-source software available for
Windows 7/Vista/XP, Mac OS X, and Linux
• Encrypts an entire partition or storage device
such as a USB Flash Device (UFD) or hard drive
• Creates a virtual encrypted disk within a file
and mounts it as a real disk
TrueCrypt UFD Encryption Service
• The TSC does not provide UFDs. You will need to purchase
and take a UFD with you.
• The encryption process will destroy any existing data on the
UFD.
• During the encryption process, you will be prompted to
enter a password for your device. TSC staff will encourage
you to select a password that is 20 characters or more in
length. Determining the password you intend to use before
you visit the TSC is recommended.
• When complete your original UFD will contain an encrypted
TrueCrypt volume and TrueCrypt Traveler Disk Software.
MCAFEE VIRUSSCAN
ENTERPRISE 8.7I
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
McAfee VirusScan Enterprise
Q &A
???
Next IT Forum
Topic: Windows 7
Date: November 24, 2009
Time: 11:30am – 1:00pm
Location: BRN 509
RSVP: [email protected]
Lunch will be provided
And the Winners are…….