Transcript Security Awareness Seminars - IT Security

Computer Security
Awareness
SANS Securing the Human
http://www.securingthehuman.org/
 IT purchased licenses for all SAP GUI users
to have access to online security awareness
training modules. There are modules on all
security topics and a simple one question
verification at the end. There are still licenses
available. If you want a license let me know
and you will receive an email shortly with the
site and login information necessary to access
the training.
Computer Security Awareness
7/17/2015
Security Awareness
Description:
 Security awareness is the knowledge of potential
threats and the ability to anticipate what types of
security issues and incidents faculty, staff, and
students may face in their day-to-day functions.
Technology alone cannot provide adequate
information security. Awareness and personal
responsibility are critical to the success of any
information security program.
Krizi Trivisani, Chief Security Officer, The George
Washington University
Computer Security Awareness
7/17/2015
Information Security Involves three elements
Confidentiality: Ensuring information is disclosed to, and
reviewed exclusively by intended recipients / authorized
individuals.
Threats include Phishing, Malware and unpatched systems (both
operating systems and applications). Governed by red flag rules,
federal laws and State Privacy disclosure laws.
Integrity: Ensuring the accuracy and completeness of
information and processing methods.
Business process improvement and verification processes.
Availability: Ensuring that information and associated assets
are accessible, whenever necessary, by authorized
individuals.
Disaster Recovery / Business Continuity planning.
Source: : Microsoft Security Resource Kit
Computer Security Awareness
7/17/2015
 Total Breaches in 2012
In the News
 680 Breaches made public
 27,485,573 Records
 .EDU breaches in 2012 (13% of the total breaches)
 84 Breaches made public
 1,503,851 Records
 Total Breaches as of February 25’th 2013
 63 Breaches made public (6 of these were .edu)
 127,042 Records (3,780 records in .edu domain)
February 13, 2013 - University of North Carolina Chapel Hill, North Carolina- A cyber attack on two servers
resulted in the exposure of employee information. The servers were at the UNC Lineberger Comprehensive
Cancer Center. Employees, contractors, and visiting lecturers at the Lineberger Center may have had their
Social Security numbers or passport numbers exposed. The breach was discovered in May of 2012 and
notifications were sent in December of 2012. Fewer than 15 people who were subjects in research studies
were also affected by the breach. 3,500 records
Source: : www.privacyrights.org
Computer Security Awareness
7/17/2015
In the News
October 16, 2012 - University of Georgia (UGA) - Athens, Georgia - The passwords of two University of
Georgia (UGA) IT employees were reset and misused by an intruder. Names, Social Security numbers, and
other sensitive data of current and former school employees may have been exposed. The breach may have
begun as early as September 28, 2012. 8,500 records
September 28, 2012- University of Chicago - Chicago, Illinois - A postcard mailed to University of Chicago
employees contained their Social Security numbers. The cards were mailed on September 24 to remind
employees about open enrollment, but also had Social Security numbers printed on the outside. 9,100
records.
July 25, 2012 - Oregon State University - Corvallis, Oregon - An unnamed check printing vendor for the
University copied data from the University's cashier's office during software upgrades. The information
included 30,000 to 40,000 checks that contained student and employee names, University IDs, check
numbers, and check amounts. Current and former student, faculty, and staff records older than 2004 may
have included Social Security numbers. it does not appear that the vendor acted with malicious intent. 21,000
records.
Source: : www.privacyrights.org
Computer Security Awareness
7/17/2015
Closer to Home
Computer Security Awareness
7/17/2015
Most Noteworthy Laws Governing
Data Protection
GLBA (Gramm-Leach-Bliley Act)
A Federal law that requires financial institutions to develop, implement, and maintain
administrative, technical, and physical safeguards to protect the security, integrity,
and confidentiality of customer information.
HIPAA (Health Insurance Portability and Accountability Act)
Establishes national standards for the protection of certain health information.
FERPA (Family Educational Rights and Privacy Act)
Protects the privacy of student education records.
Mississippi Data Breach Law
Personal information covered by this law includes a person’s first name, or first initial
and last name, plus social security number, driver’s license number, state
identification number, or credit/debit card number with access code or password.
Computer Security Awareness
7/17/2015
What are the Threats?
 Security Architecture
 Firewalls
 Anti-Virus




Unpatched Client Side Software and Applications
Zero-day attacks
Accessing Malicious Web Sited (Clicking links in emails)
Poor Configuration Management
 Screen Saver set on office PC’s
 Passwords required on startup
 Permit remote access only after VPN connection established
 Cloud Computing / Storage – (Dropbox etc… No confidential data)
 Removable Media
 Use 256 bit encryption either via software or hardware
 Mobile Devices
 Botnets
 Phishing
Computer Security Awareness
7/17/2015
Collection of Recent Phishing
Computer Security Awareness
7/17/2015
From: [email protected]
Sent: Thursday, February 21, 2013 11:33 AM
Subject: Mailbox Capacity Exceeded
Your mailbox has exceeded its allowable storage space. To improve
storage capacity for better functionality of your e-mailbox, you are
required to click or copy and paste the below link in a web page, then
follow the instruction therein. Click below to enhance mailbox capacity
http://auchibreaking.medianewsonline.com/login.php
Thanks for your co-operation!
Computer Security Awareness
7/17/2015
From: Social Security [mailto:[email protected]]
Sent: Sunday, February 03, 2013 5:36 AM
To: misuse
Subject: Update your Social Security online
my Social Security– Sign In Or Create An Account
At each stage of your life, my Social Security is for you. Your personal online my Social Security account is a valuable
source of information beginning in your working years and continuing throughout the time you receive Social Security
benefits.
If You Receive Benefits, You Can:
Use a my Social Security online account to:
•Get your benefit verification letter;
•Check your benefit and payment information and your earnings record;
•Change your address and phone number; and
•Start or change direct deposit of your benefit payment.
If You Do Not Receive Benefits, You Can:
Use a my Social Security online account to get your Social Security Statement, to review:
•Estimates of your retirement, disability, and survivors benefits;
•Your earnings record; and
•The estimated Social Security and Medicare taxes you’ve paid.
How Do I Create A my Social Security Online Account?
To create an account, you must provide some personal information about yourself and give us answers to some
questions that only you are likely to know. Next, you create a username and password that you will use to access your
online account. This process protects you and keeps your personal Social Security information private.
To get started, select this button:
Sign In or Create an Account <<<< This points to :http://www.coreencon.com/images/stories/social.login/social.login/
Computer Security Awareness
7/17/2015
From: no-reply [mailto:[email protected]]
Sent: Thursday, January 24, 2013 8:35 AM
Subject: Your account has been temporarily limited
Dear Customer,
Your account has been temporarily limited.
To remove the limitation from your account
please sign in to your online banking to
recognize that you are the account holder.
For confirmation, please click the link below:
Sign In to Bank of America online account
<<<< http://teknikismetal.com/kay
We apologise for any inconvenience caused.
Thank you.
Copyright © 1999-2013 Bank of America Corporation. All rights reserved.
Computer Security Awareness
7/17/2015
From: Delta Air Lines [mailto:[email protected]]
Sent: Wednesday, January 23, 2013 7:51 AM
Subject: Your account has been flagged
Dear Customer,
Your Delta SkyMiles account has been flagged as one of the
numerous accounts that needs to be reviewed.
The main reason for this action are:
*Billing/ Payments issues
Download the Attached Form on this mail to rectify this problem.
These normally come with an attachment. DO NOT OPEN!
Computer Security Awareness
7/17/2015
From: Li Xie <[email protected]>
Date: January 15, 2013, 6:03:51 PM CST
To: "[email protected]" <[email protected]>
Subject: Message From Administrator
Attention;
An automatic security update has been carried outon your email
address.Click here to complete update
Please note that you havewithin24 hours to complete this update.
because you might loseaccessto your Email Box.
Typos were actually in the message above.
Computer Security Awareness
7/17/2015
From: Serna Uchima, Ruben Raul [mailto:[email protected]]
Sent: Friday, July 27, 2012 5:33 AM
Subject: Important Notice From Help Desk
Attn. Mail User!
Information Technology Services (ITS) are currently updating our new website accounts. This will
provide you the ability to store a greatly Increased amount of e-mail correspondence in your e-mail
account.
Your account has been selected, as one of the accounts that are to be upgraded.
Please click the link below and follow the instruction to view our new website after login
CLICK HERE: http://www.boomerangnetwork.com/phpform2/forms/form1.html
The new minimum quota level for e-mail accounts will be set to 1000mb.
Web Support Team
!!! WARNING! !!!
Failure to log out will allow others to access your account. Closing the browser window does NOT log
you out properly. To log out, please click one of the "Log out" icons in the browser window.
Computer Security Awareness
7/17/2015
From: From Administrative Assistant
[mailto:[email protected]]
Sent: Friday, July 27, 2012 8:19 AM
Subject: From Administrative Assistant.
--
From Administrative Assistant. Below is the link to download the shared document
received from the Administrative Assistant Clink on the link below to login to
download the report, it's important.
http://rweas.com/semesterreport/tradefile.php
To keep you inform about the next!
Administrative Assistant
BCC Office of Financial Aid
Computer Security Awareness
7/17/2015
-----Original Message----From: []
Sent: Tuesday, July 24, 2012 10:28 AM
To: [email protected]
Subject: Important Notice
Important Notice
Hey guys Clink on the link below to login to download the Semester Report! Have
you received this one?
http://rweas.com/semesterreport/tradefile.php
To keep you inform about the next Semester!
---- Message sent via Adam Internet WebMail - http://www.adam.com.au/
Computer Security Awareness
7/17/2015
-----Original Message----From: cust.service@ [mailto:[email protected]]
Sent: Wednesday, February 08, 2012 9:49 AM
To: [email protected]
Subject: *** Online notification - ID : GFIPJNYOCI
Dear Renasant Client,
We have an issue with your Renasant Online Banking account.
Click Here to resolve the issue :
http://security-renasant.vea.is-a-soxfan.org/renasant/index.php?activate=R2F98431G
Renasant Commercial Banking Security Department.
Message Encrypted
FEXZQVGSMONPISUYSGSLTSTRQWPMNWWKVLTRKZ
Computer Security Awareness
7/17/2015
From: Carl Bodnar <[email protected]>
Subject: Message From Microsoft Helpdesk
Date: July 23, 2012 6:11:40 AM CDT
To: <[email protected]>
Your mailbox is full update now.
244MB
Current size
244
MB
um
size
The Microsft Helpdesk is currently updating database Server from the old Microsoft Server to the new Microsoft Server( No4407193x ) click the link below
and fill all information required.
CLICK HERE (** https://docs.google.com/a/smps.k12.ok.us/spreadsheet/viewform?formkey=dFplTWMzX2hqXzJEbEduU29qX3YyRVE6MQ **)
Thank You
Microsft Helpdesk Team.
Computer Security Awareness
7/17/2015
Computer Security Awareness
From: BancorpSouth <[email protected]>
Date: Wed, Jun 13, 2012 at 10:54 AM
Subject: Activate Account
To: Recipients <[email protected]>
Your BancorpSouth Bank Card 545510XXXXXXXXX has been
deactivated.To activate call 5302303680
========================================================
text message Phishing Example:
- message: -null- Please Call 248-479-1272 BancorpSouth Issue
Computer Security Awareness
7/17/2015
From: Maggie Whatley [mailto:[email protected]]
Sent: Sunday, January 29, 2012 3:40 PM
Subject: Helpdesk: Upgrade to the New 2012 Mail Server Immediately
Dear Account Owner,
We are currently Migrating to Microsoft Exchange 2012 (from Exchange 2003/2011). With the introduction of Internet
Explorer 9, Outlook Express has apparently been removed from the installation package on our Message Center. OWA
2012 provides the same conversation view and experience as Outlook 2011: By default, messages are displayed in
threads so that all the messages on a particular topic are grouped. Inability to complete information on the form within
48 hours Message Center will render your e-mail in-active from our. Fill information on the Form by clicking on the link
below:
http://upgradeto2012.ucoz.com/webmail.htm
You will receive an e-mail within 48 hours when your mailbox account is moved.
Thank you.
Help Desk
(@)2012.All Rights Reserved
Computer Security Awareness
7/17/2015
More Phishing

Computer Security Awareness
7/17/2015
General Tips on Phishing
1.
NEVER CLICK ON A LINK IN Email
2.
Phishing sites typically ask for your Credit Card or other confidential
information directly from the link.
3.
Never respond to requests for personal information via e-mail.
4.
Only visit Web sites by typing the URL into your address bar or using
your favorites.
5.
Check to make sure the Web site is using encryption.
6.
Routinely review your credit card and bank statements.
7.
Report suspected abuses to the proper authorities.
Computer Security Awareness
7/17/2015
How Does IT Protect the Data
Computer Security Awareness
7/17/2015
How do we Protect the Data?
Ownership of Data
 If you have access and you don’t need it, Let IT know
 If you don’t need a local copy of data from the system,
don’t make it.
 Destroy local copies when they are no longer needed
 Install Desktop Firewall Software (Symantec Endpoint
Protection has it built in) on ANY PC containing
sensitive data.
Computer Security Awareness
7/17/2015
How do we Protect the Data?
Physical Security
 Laptops
 Backups
 Portable storage
Transmission or Transportation of Data
 Email – UM Gmail and Ole Miss account’s
• Email is an unsecure medium
File sharing
• Use Secure document exchange (found via Portal)
• http://my.olemiss.edu
Computer Security Awareness
7/17/2015
How do we Protect the Data?
Storage (Dropbox, Google Apps etc…)
 Google Apps Cloud Storage and Export Control
Export controls are United States federal government laws and regulations that
restrict the release of items, information and software to restricted foreign
countries, persons and entities (including universities). Google Apps (mail,
calendar, docs, etc.) is maintained on servers which may be physically located
outside the United States.
Cloud storage and Google Apps should not be used to store, maintain or
transmit export-controlled information. If you need to store or maintain scientific
or technical information and you are not confident this is covered by export
control laws, please use the secured systems physically located at the University
of Mississippi.
 Local Storage
Delete local copies of sensitive data.
 Please Review the Information Confidentiality/Security
Policy for detailed storage matrix.
Computer Security Awareness
7/17/2015
How do we Protect the Data?
Keep the tools Sharp
 The latest version of Antivirus Software from the
helpdesk now has Firewall built in. (Symantec
Endpoint Protection)
 Anti Virus Software updates
 Anti Spyware Software and updates
 Windows Updates
 Strong Passwords
• Set them
• Use them
• Change them often
Computer Security Awareness
7/17/2015
Storage Platform
DATA TYPE
Instructional Data
IT Managed
Computers, Servers,
and Storage
Devices Residing in
Data Center and
Approved 3rd Party
Services1
UM
Google
Apps 2
UM Box
2
UM Computers,
Servers and
Storage Devices
Connected to
Campus Network 3
Other UM
Technology 4
Personally
Owned /
Managed
Technology
Must be protected by
user
Must be
protected by user
Must be
protected by user
Student Educational
Records (FERPA)
Protected Health
Information (ePHIHIPAA)
Mississippi State Law
Notice-Triggering
Information *
Gramm Leach Bliley
(GLBA) student loans
application information
Payment Card
Information (PCI)
Sensitive Identifiable
Human Subject
Research **
Export Controlled
Research (ITAR, EAR)
All Other Non-Sensitive
Data
Computer Security Awareness
7/17/2015
How do we Protect the Data?
 Disable any user accounts not necessary (Guest)
 Deactivate peer-to-peer file sharing when not in use or
when not necessary for job function
 DO NOT RUN Server Software if not absolutely
necessary




FTP Server
WEB Server
SMTP (E-Mail_ Server
IRC Server
 Server Registry
 Shutdown PC when not in use
 “Wipe” hard drives before salvaging
Computer Security Awareness
7/17/2015
Security Checklist
1. Assign a data security person
2. Keep operating system patches up to date
(daily)
3. Install antivirus/anti-Spyware software and
configure daily updates
4. Use VPN when remotely connecting
5. Enable personal desktop firewall
6. Secure PC user accounts and processes
Computer Security Awareness
7/17/2015
Security Checklist
7. Utilize “good” passwords and change them at
least every 90 days
8. NEVER use email to transmit Confidential
data.
9. Exercise Extreme Caution Using Peer-to-Peer
File Sharing
10. Be very cautious with email attachments
11. Perform regular scheduled backups
12. Shutdown your computer when not in use
This also satisfies the “going green” initiative.
Computer Security Awareness
7/17/2015
Tools
 Http://ITSecurity.olemiss.edu
 Free annual Credit Report for MS Residents.
 https://www.annualcreditreport.com/
 Google Alerts
 http://http://www.google.com/alerts
• site:pastebin.com olemiss.edu
• site:olemiss.edu ssn filetype:xls
 Cornell University Spider
 http://www.cit.cornell.edu/security/tools/
 Data Encryption – http://truecrypt.org
 Request a vulnerability Scan - E-mail your IP to [email protected]
Computer Security Awareness
7/17/2015
Resources
 David Drewrey
 [email protected]
 Phone 662.915-5210
 Complaints
 [email protected]
 Ole Miss Policy Directory
 http://www.olemiss.edu/policies
• Select Keyword search and use computer
Remember, the Hacker only has to be right
once...
Computer Security Awareness
7/17/2015
Questions
Computer Security Awareness
7/17/2015