View
223
Download
1
Category
Tags:
Preview:
Citation preview
Computer Security Computer Security AwarenessAwareness
SANS Securing the Human
http://www.securingthehuman.org/ IT purchased licenses for all SAP GUI users
to have access to online security awareness training modules. There are modules on all security topics and a simple one question verification at the end. There are still licenses available. If you want a license let me know and you will receive an email shortly with the site and login information necessary to access the training.
Computer Security Awareness 04/19/23
Computer Security Awareness 04/19/23
Security AwarenessDescription:
Security awareness is the knowledge of potential threats and the ability to anticipate what types of security issues and incidents faculty, staff, and students may face in their day-to-day functions. Technology alone cannot provide adequate information security. Awareness and personal responsibility are critical to the success of any information security program.
Krizi Trivisani, Chief Security Officer, The George Washington University
Computer Security Awareness 04/19/23
Information Security Involves three elements
Confidentiality: Ensuring information is disclosed to, and reviewed exclusively by intended recipients / authorized individuals.
Threats include Phishing, Malware and unpatched systems (both operating systems and applications). Governed by red flag rules, federal laws and State Privacy disclosure laws.
Integrity: Ensuring the accuracy and completeness of information and processing methods.
Business process improvement and verification processes.
Availability: Ensuring that information and associated assets are accessible, whenever necessary, by authorized individuals.
Disaster Recovery / Business Continuity planning.Source: : Microsoft Security Resource Kit
Computer Security Awareness 04/19/23
In the News Total Breaches in 2012
680 Breaches made public 27,485,573 Records
.EDU breaches in 2012 (13% of the total breaches) 84 Breaches made public 1,503,851 Records
Total Breaches as of February 25’th 2013 63 Breaches made public (6 of these were .edu) 127,042 Records (3,780 records in .edu domain)
February 13, 2013 - University of North Carolina Chapel Hill, North Carolina- A cyber attack on two servers resulted in the exposure of employee information. The servers were at the UNC Lineberger Comprehensive Cancer Center. Employees, contractors, and visiting lecturers at the Lineberger Center may have had their Social Security numbers or passport numbers exposed. The breach was discovered in May of 2012 and notifications were sent in December of 2012. Fewer than 15 people who were subjects in research studies were also affected by the breach. 3,500 records
Source: : www.privacyrights.org
Computer Security Awareness 04/19/23
In the NewsOctober 16, 2012 - University of Georgia (UGA) - Athens, Georgia - The passwords of two University of
Georgia (UGA) IT employees were reset and misused by an intruder. Names, Social Security numbers, and other sensitive data of current and former school employees may have been exposed. The breach may have begun as early as September 28, 2012. 8,500 records
September 28, 2012- University of Chicago - Chicago, Illinois - A postcard mailed to University of Chicago employees contained their Social Security numbers. The cards were mailed on September 24 to remind employees about open enrollment, but also had Social Security numbers printed on the outside. 9,100 records.
July 25, 2012 - Oregon State University - Corvallis, Oregon - An unnamed check printing vendor for the University copied data from the University's cashier's office during software upgrades. The information included 30,000 to 40,000 checks that contained student and employee names, University IDs, check numbers, and check amounts. Current and former student, faculty, and staff records older than 2004 may have included Social Security numbers. it does not appear that the vendor acted with malicious intent. 21,000 records.
Source: : www.privacyrights.org
Computer Security Awareness 04/19/23
Closer to Home
Computer Security Awareness 04/19/23
Most Noteworthy Laws Governing Data Protection
GLBA (Gramm-Leach-Bliley Act)A Federal law that requires financial institutions to develop, implement, and maintain administrative, technical, and physical safeguards to protect the security, integrity, and confidentiality of customer information.
HIPAA (Health Insurance Portability and Accountability Act)Establishes national standards for the protection of certain health information.
FERPA (Family Educational Rights and Privacy Act) Protects the privacy of student education records.
Mississippi Data Breach LawPersonal information covered by this law includes a person’s first name, or first initial and last name, plus social security number, driver’s license number, state identification number, or credit/debit card number with access code or password.
Computer Security Awareness 04/19/23
What are the Threats? Security Architecture
Firewalls Anti-Virus
Unpatched Client Side Software and Applications Zero-day attacks Accessing Malicious Web Sited (Clicking links in emails) Poor Configuration Management
Screen Saver set on office PC’s Passwords required on startup Permit remote access only after VPN connection established
Cloud Computing / Storage – (Dropbox etc… No confidential data) Removable Media
Use 256 bit encryption either via software or hardware Mobile Devices Botnets Phishing
Collection of Recent Phishing
Computer Security Awareness 04/19/23
Computer Security Awareness 04/19/23
From: Helpdesk@olemiss.eduSent: Thursday, February 21, 2013 11:33 AMSubject: Mailbox Capacity Exceeded Your mailbox has exceeded its allowable storage space. To improve storage capacity for better functionality of your e-mailbox, you are required to click or copy and paste the below link in a web page, then follow the instruction therein. Click below to enhance mailbox capacity http://auchibreaking.medianewsonline.com/login.php Thanks for your co-operation!
Computer Security Awareness 04/19/23
From: Social Security [mailto:update-info@social.usa.gov] Sent: Sunday, February 03, 2013 5:36 AMTo: misuseSubject: Update your Social Security online
my Social Security– Sign In Or Create An Account At each stage of your life, my Social Security is for you. Your personal online my Social Security account is a valuable source of information beginning in your working years and continuing throughout the time you receive Social Security benefits.If You Receive Benefits, You Can:Use a my Social Security online account to:•Get your benefit verification letter; •Check your benefit and payment information and your earnings record; •Change your address and phone number; and •Start or change direct deposit of your benefit payment.If You Do Not Receive Benefits, You Can:Use a my Social Security online account to get your Social Security Statement, to review:•Estimates of your retirement, disability, and survivors benefits; •Your earnings record; and •The estimated Social Security and Medicare taxes you’ve paid.How Do I Create A my Social Security Online Account?To create an account, you must provide some personal information about yourself and give us answers to some questions that only you are likely to know. Next, you create a username and password that you will use to access your online account. This process protects you and keeps your personal Social Security information private.To get started, select this button:Sign In or Create an Account <<<< This points to :http://www.coreencon.com/images/stories/social.login/social.login/
Computer Security Awareness 04/19/23
From: no-reply [mailto:no-reply@bofasecure.com] Sent: Thursday, January 24, 2013 8:35 AMSubject: Your account has been temporarily limited Dear Customer,
Your account has been temporarily limited. To remove the limitation from your account please sign in to your online banking torecognize that you are the account holder. For confirmation, please click the link below:
Sign In to Bank of America online account <<<< http://teknikismetal.com/kay
We apologise for any inconvenience caused. Thank you. Copyright © 1999-2013 Bank of America Corporation. All rights reserved.
Computer Security Awareness 04/19/23
From: Delta Air Lines [mailto:delta@skyteam.com] Sent: Wednesday, January 23, 2013 7:51 AMSubject: Your account has been flagged Dear Customer, Your Delta SkyMiles account has been flagged as one of the numerous accounts that needs to be reviewed.The main reason for this action are: *Billing/ Payments issues Download the Attached Form on this mail to rectify this problem.
These normally come with an attachment. DO NOT OPEN!
Computer Security Awareness 04/19/23
From: Li Xie <xieli@somewhere.edu>Date: January 15, 2013, 6:03:51 PM CSTTo: "info@admin.org" <info@admin.org>Subject: Message From Administrator
Attention;
An automatic security update has been carried outon your email address.Click here to complete update
Please note that you havewithin24 hours to complete this update. because you might loseaccessto your Email Box.
Typos were actually in the message above.
Computer Security Awareness 04/19/23
From: Serna Uchima, Ruben Raul [mailto:RUBENS@iadb.org] Sent: Friday, July 27, 2012 5:33 AMSubject: Important Notice From Help Desk Attn. Mail User! Information Technology Services (ITS) are currently updating our new website accounts. This will provide you the ability to store a greatly Increased amount of e-mail correspondence in your e-mail account. Your account has been selected, as one of the accounts that are to be upgraded. Please click the link below and follow the instruction to view our new website after login CLICK HERE: http://www.boomerangnetwork.com/phpform2/forms/form1.html The new minimum quota level for e-mail accounts will be set to 1000mb. Web Support Team !!! WARNING! !!! Failure to log out will allow others to access your account. Closing the browser window does NOT log you out properly. To log out, please click one of the "Log out" icons in the browser window.
Computer Security Awareness 04/19/23
From: From Administrative Assistant [mailto:Administrativeassistant@mail.ayustar.net] Sent: Friday, July 27, 2012 8:19 AMSubject: From Administrative Assistant.
-- From Administrative Assistant. Below is the link to download the shared document received from the Administrative Assistant Clink on the link below to login to download the report, it's important.
http://rweas.com/semesterreport/tradefile.php
To keep you inform about the next!
Administrative AssistantBCC Office of Financial Aid
Computer Security Awareness 04/19/23
-----Original Message-----From: [] Sent: Tuesday, July 24, 2012 10:28 AMTo: info@yahoo.comSubject: Important Notice Important Notice Hey guys Clink on the link below to login to download the Semester Report! Have you received this one? http://rweas.com/semesterreport/tradefile.php To keep you inform about the next Semester! ---- Message sent via Adam Internet WebMail - http://www.adam.com.au/
Computer Security Awareness 04/19/23
-----Original Message-----From: cust.service@ [mailto:onlinerenasant.c60cznyft@company.info]Sent: Wednesday, February 08, 2012 9:49 AMTo: support@olemiss.eduSubject: *** Online notification - ID : GFIPJNYOCI
Dear Renasant Client,
We have an issue with your Renasant Online Banking account.
Click Here to resolve the issue :
http://security-renasant.vea.is-a-soxfan.org/renasant/index.php?activate=R2F98431G
Renasant Commercial Banking Security Department.
Message Encrypted
FEXZQVGSMONPISUYSGSLTSTRQWPMNWWKVLTRKZ
Computer Security Awareness 04/19/23
244MB244MB
Current size um
size
From: Carl Bodnar <cbodnar@monroeps.org>Subject: Message From Microsoft HelpdeskDate: July 23, 2012 6:11:40 AM CDTTo: <helpdesk@admin.com> Your mailbox is full update now.
The Microsft Helpdesk is currently updating database Server from the old Microsoft Server to the new Microsoft Server( No4407193x ) click the link below and fill all information required. CLICK HERE (** https://docs.google.com/a/smps.k12.ok.us/spreadsheet/viewform?formkey=dFplTWMzX2hqXzJEbEduU29qX3YyRVE6MQ **)Thank YouMicrosft Helpdesk Team.
Computer Security Awareness
Computer Security Awareness 04/19/23
From: BancorpSouth <activate@bancorpsouth.com>Date: Wed, Jun 13, 2012 at 10:54 AMSubject: Activate AccountTo: Recipients <activate@bancorpsouth.com>
Your BancorpSouth Bank Card 545510XXXXXXXXX has been deactivated.To activate call 5302303680
========================================================
text message Phishing Example:
- message: -null- Please Call 248-479-1272 BancorpSouth Issue
From: Maggie Whatley [mailto:mwhatley@Ci.Eloy.AZ.US] Sent: Sunday, January 29, 2012 3:40 PMSubject: Helpdesk: Upgrade to the New 2012 Mail Server Immediately
Dear Account Owner,
We are currently Migrating to Microsoft Exchange 2012 (from Exchange 2003/2011). With the introduction of Internet Explorer 9, Outlook Express has apparently been removed from the installation package on our Message Center. OWA 2012 provides the same conversation view and experience as Outlook 2011: By default, messages are displayed in threads so that all the messages on a particular topic are grouped. Inability to complete information on the form within 48 hours Message Center will render your e-mail in-active from our. Fill information on the Form by clicking on the link below:
http://upgradeto2012.ucoz.com/webmail.htm
You will receive an e-mail within 48 hours when your mailbox account is moved.
Thank you.Help Desk(@)2012.All Rights Reserved
Computer Security Awareness 04/19/23
Computer Security Awareness 04/19/23
More Phishing
Computer Security Awareness 04/19/23
General Tips on Phishing1. NEVER CLICK ON A LINK IN Email
2. Phishing sites typically ask for your Credit Card or other confidential information directly from the link.
3. Never respond to requests for personal information via e-mail.
4. Only visit Web sites by typing the URL into your address bar or using your favorites.
5. Check to make sure the Web site is using encryption.
6. Routinely review your credit card and bank statements.
7. Report suspected abuses to the proper authorities.
Computer Security Awareness 04/19/23
How Does IT Protect the Data
Computer Security Awareness 04/19/23
How do we Protect the Data?
Ownership of Data If you have access and you don’t need it, Let IT know If you don’t need a local copy of data from the
system, don’t make it. Destroy local copies when they are no longer needed Install Desktop Firewall Software (Symantec Endpoint
Protection has it built in) on ANY PC containing sensitive data.
Computer Security Awareness 04/19/23
How do we Protect the Data?Physical Security
Laptops Backups Portable storage
Transmission or Transportation of Data Email – UM Gmail and Ole Miss account’s
• Email is an unsecure medium
File sharing• Use Secure document exchange (found via Portal)• http://my.olemiss.edu
Computer Security Awareness 04/19/23
How do we Protect the Data?Storage (Dropbox, Google Apps etc…)
Google Apps Cloud Storage and Export ControlExport controls are United States federal government laws and regulations that
restrict the release of items, information and software to restricted foreign countries, persons and entities (including universities). Google Apps (mail, calendar, docs, etc.) is maintained on servers which may be physically located outside the United States.
Cloud storage and Google Apps should not be used to store, maintain or transmit export-controlled information. If you need to store or maintain scientific or technical information and you are not confident this is covered by export control laws, please use the secured systems physically located at the University of Mississippi.
Local Storage Delete local copies of sensitive data.
Please Review the Information Confidentiality/Security Policy for detailed storage matrix.
Computer Security Awareness 04/19/23
How do we Protect the Data?
Keep the tools Sharp The latest version of Antivirus Software from the
helpdesk now has Firewall built in. (Symantec Endpoint Protection)
Anti Virus Software updates Anti Spyware Software and updates Windows Updates Strong Passwords
• Set them• Use them• Change them often
Storage Platform
DATA TYPE IT Managed Computers, Servers,
and Storage Devices Residing in
Data Center and Approved 3rd Party
Services1
UM Google Apps 2
UM Box 2 UM Computers, Servers and
Storage Devices Connected to
Campus Network 3
Other UM Technology 4
Personally Owned / Managed
Technology
Instructional Data Must be protected by user
Must be protected by user
Must be protected by user
Student Educational Records (FERPA)
Protected Health Information (ePHI-
HIPAA)Mississippi State Law
Notice-Triggering Information *
Gramm Leach Bliley (GLBA) student loans
application information
Payment Card Information (PCI)
Sensitive Identifiable Human Subject
Research **
Export Controlled Research (ITAR, EAR)
All Other Non-Sensitive Data
Computer Security Awareness 04/19/23
Computer Security Awareness 04/19/23
How do we Protect the Data? Disable any user accounts not necessary (Guest) Deactivate peer-to-peer file sharing when not in use or
when not necessary for job function DO NOT RUN Server Software if not absolutely
necessary FTP Server WEB Server SMTP (E-Mail_ Server IRC Server
Server Registry Shutdown PC when not in use “Wipe” hard drives before salvaging
Computer Security Awareness 04/19/23
Security Checklist
1. Assign a data security person
2. Keep operating system patches up to date (daily)
3. Install antivirus/anti-Spyware software and configure daily updates
4. Use VPN when remotely connecting
5. Enable personal desktop firewall
6. Secure PC user accounts and processes
Computer Security Awareness 04/19/23
Security Checklist7. Utilize “good” passwords and change them at
least every 90 days8. NEVER use email to transmit Confidential
data. 9. Exercise Extreme Caution Using Peer-to-Peer
File Sharing10. Be very cautious with email attachments11. Perform regular scheduled backups12. Shutdown your computer when not in use
This also satisfies the “going green” initiative.
Computer Security Awareness 04/19/23
Tools Http://ITSecurity.olemiss.edu
Free annual Credit Report for MS Residents. https://www.annualcreditreport.com/
Google Alerts http://http://www.google.com/alerts
• site:pastebin.com olemiss.edu• site:olemiss.edu ssn filetype:xls
Cornell University Spider http://www.cit.cornell.edu/security/tools/
Data Encryption – http://truecrypt.org
Request a vulnerability Scan - E-mail your IP to davidd@olemiss.edu
Computer Security Awareness 04/19/23
Resources David Drewrey davidd@olemiss.edu Phone 662.915-5210
Complaints complaint@olemiss.edu
Ole Miss Policy Directory http://www.olemiss.edu/policies
• Select Keyword search and use computer
Remember, the Hacker only has to be right once...
Computer Security Awareness 04/19/23
Questions
Recommended