Transcript ia.unm.edu
Information Security and YOU! Information Assurance Outreach • • • • • • • Information Security Online Security Remote Access with Demonstration The Cloud Email Social Media Presence Social Engineering Attacks Information Security What is Information Security? Information security is what we do to protect information from access, use, release, interference, alteration, observation, replication, theft or destruction by others. It refers to information regardless of the form the data may take either electronic, physical, or any other type. Information Security Why is Information Security Important? Information security is important, because it helps to protect you from the people around you that may wish to do you harm (intentionally or otherwise, and physically or otherwise). Information Security Attackers/Preventers Attackers • Identity Thieves • Predators (Stalkers, crazy exes, rapists, child molesters, etc.) • Enemies (Mean girls/boys, competitors, etc.) • NSA • Employers Information Security Attackers/Preventers Preventers • • • • Locks Passwords Anti-virus/Anti-malware software Vigilance Information Security Information Technology Careers • • • • • • • • • • IT architect and systems manager: $106,000 Information technology project manager: $90,000 Chief information Officer: $87,000 Information technology manager: $84,000 Systems software manager: $82,000 Information technology business analyst: $80,000 Web administrator: $79,000 Network systems and data communications analyst: $76,000 Computer and information systems manager: $72,000 Computer security specialist: $67,000 (Source of mean annual salary information is indeed.com, October 2012) IA careers have been very lucrative for many. Some of you may even be considering them as you make your college and future plans. Online Security Mobile Access to the Internet • 3G • 4G • Public Wi-fi • Public Computers (ie. Libraries, Internet cafes, computer labs/pods, etc.) Online Security Security on Mobile Devices • Mobile security apps, such as BullGuard Mobile Security, Lookout Premium and McAfee Mobile Security, may provide some protection to your smartphone or tablet. • Always remember to lock your phone. • Update your settings to add security. • Install anti-virus software to your laptop. Online Security Using Public Wi-Fi When you use public Wi-Fi, you take on the risk of allowing access to your mobile device to anyone accessing the same network. Suggestions would be to disable broadcasting and auto login, utilize only secure Wi-Fi networks, add mobile security to your device and disable sharing. ONLINE SECURITY (cont.) Remote Computer Access (mobile access to your home or work computer) Remote Access What is Remote Access? Remote access allows you to access your home or work computer from any location (ie. school computer lab, work to home, home to work, grandma’s house, etc.) Remote Access Vulnerabilities (and possible solutions) Hackers, Viruses, and Software Bugs •Patch and update software often •Change the port and other advanced settings •Utilize password protection •Utilize additional security (ie. extra password/pin, etc.) •Lock your home/work computer when not in use •Disable software when you know you won’t need it Remote Access Demonstration The Cloud The Cloud The cloud allows users to store all of their documents, videos, music, and pictures on a thirdparty remote database for free, or at a relatively low cost, depending on the service provider. The Cloud The Cloud The Cloud • Do not use the cloud to store critical or confidential data • Use caution when retrieving data from the cloud • Backup your data • Create a strong password • Monitor privacy settings Email Attachments • Never open an email attachment from someone you don’t know. • Be cautious when opening email attachments from someone you know. • Delete emails from unknown senders without opening attachments • Contact the sender before opening an attachment to verify its authenticity Email Attachments Viruses have the ability to obtain access to a user’s contacts and send an email containing a virus to all of the victim’s contacts. Phishing Scams Phishing Scams Phishing Scam Social Engineering Attacks Social engineering is a way for fraudsters to obtain information from you by appealing to the natural trusting nature of most individuals. Facebook Scams Posting Information Online • Be careful what information you make publicly available online • Social engineers look online to gather potentially sensitive and confidential information Social Media Presence • 91% of employers will screen an applicant’s Facebook, Twitter, and LinkedIn account before making a hiring decision. • Almost 1 out of 5 applicants are not hired due to content found online Confirming Facebook Friends Friend Requests Accepting a friend request from someone you don’t know could expose you to a social engineering attack If someone you don’t know wants to be your friend on Facebook, this should be a red flag. Questions? References • • • • • • • • • • • • • • • • • • • • • • • http://computer.howstuffworks.com/cloud-computing/cloud-storage.htm http://www.earthlinksecurity.com/feature/prevention/cloud_vulnerabilities/index.html#axzz2ishQYjAb http://www.lsu.edu/securityawareness/use_caution_with_e-mail_attachments.html http://www.samuelmerritt.edu/helpdesk/article_how-avoid-getting-computer-virus-through http://www.huffingtonpost.com/judy-shapiro/judy-consumer-learns-ther_b_716392.html http://www.forbes.com/sites/lisaquast/2012/04/23/your-social-media-profile-could-make-or-break-your-next-job-opportunity/ http://voices.yahoo.com/five-reasons-not-accept-facebook-friend-requests-6450792.html http://en.wikipedia.org/wiki/Information_security https://www.isc2.org/uploadedFiles/%28ISC%292_Public_Content/2013%20Global%20Information%20Security%20Workforce%20Stu dy%20Feb%202013.pdf http://www.thebestschools.org/blog/2012/10/29/20-online-master-information-technology-it-degree-programs/ http://en.wikipedia.org/wiki/Mobile_security http://mobile-security-software-review.toptenreviews.com/ http://www.youtube.com/watch?v=w3PKKxsuDk0 http://lifehacker.com/5902654/use-your-home-computer-from-anywhere-a-comprehensive-guide-to-remote-controlling-your-pc http://www.cnn.com/2013/03/04/tech/web/evernote-hacked/ www.splashtop.com www.logmein.com http://www.youtube.com/watch?v=YyrYVZ-oxVQ&list=PLbeu1wP8sqY70Yb5fSRb2a4A0_G6_C2VQ http://www.youtube.com/watch?v=w3PKKxsuDk0 http://www.youtube.com/watch?v=jXxxLf_B67o http://www.youtube.com/watch?v=QUY0ZVa3M3E http://www.youtube.com/watch?v=CqtK32hraaM http://www.youtube.com/watch?v=MBOeFDl5ZIs