SECURE COMPUTER USER

SECURE COMPUTER USEREC-Council Fundamental Cyber Security Seminar

Session Commences on 6-Aug-2020 10:00 A.M

Welcome▪ PT Transindo Data Perkasa▪ Jl. Cikutra Baru Raya, nomor 28▪ Bandung, 40124▪ (022) 877 877 81▪ https://transindodata.com▪ info@transindodata.com

▪ Manta Sanni▪ mantas@transindodata.com▪ https://id.linkedin.com/in/mantasanni▪ +62 857 2233 1256

ECCO

UNCI

LCE

RT M

ATRI

X3

Download Netkrom Academy App

▪ Get latest news, promo & training schedule

▪ Easy registration and payment confirmation

▪ Digital copy of your training certificate

▪ Refer a friend and collect your commission

5

Minneapolis, 2003

Data

▪ Personal data▪ ...

▪ Organizational data▪ ...

8

Potential Loss

▪ Financial loss▪ Unavailability of resources▪ Identity theft & fraud▪ Loss of trust▪ Data loss / theft▪ Misuse of computer resources

9

10

Cyber Security

▪ Objective▪ Avoid data loss▪ Avoid data leaks▪ Incident handling

▪ Threats▪ Force majeure▪ Hacker, thieves, malware▪ Yourself

11

12

13

14

Elements of Data Security

▪ Confidentiality▪ Authenticity▪ Integrity▪ Availability▪ Nonrepudiation

▪ When to implement?▪ Precaution▪ Maintenance▪ Reaction

15

Microsoft Windows 10

▪ User account▪ BitLocker▪ EFS▪ Firewall▪ Defender▪ Family Options▪ File History

16

Mac OS X

▪ User account▪ Firewall▪ Parental control▪ Time machine▪ Automatic login

17

Malware

▪ Virus▪ Trojan▪ Worm▪ Spyware▪ Ransomware▪ Rootkit▪ ...

18

19

Symptomps▪ Slow▪ Pop up▪ Crash / BSOD▪ Suspicious hard drive,

network, and program activity▪ Antivirus, firewall, update

disabling▪ New browser homepage▪ Blacklisted IP address

20

Antivirus

▪ Compatibility▪ Quality▪ Efectiveness▪ Update frequency▪ Efficiency

▪ Ease of use▪ Licensing

21

Test your antivirus

▪ https://en.wikipedia.org/wiki/EICAR_test_file

22

Internet

▪ Threats from the Internet▪ Malware▪ Data breach, identity theft, social engineering scams▪ Child safety issues:

▪ Pornography: stealth sites, misdirected search/URL, ads▪ Cyberbullying: social media, chat room, email▪ Pedophile / predator: social media, chat room, email

23

Check your browser settings

▪ Tracking protection & Do-not-track request▪ Browsing history▪ Smart screen / sign up for alerts▪ Third Party Cookies▪ Javascript / ActiveX / Flash / Plugins

24

25

Social Media Threats

▪ Phishing▪ Identity theft▪ Malware▪ Site flaws▪ URL Spoofing▪ Clickjacking▪ Social Engineering

26

Tips

▪ Strong Password▪ Ignore ads/links▪ Friend request▪ Don’t share everything▪ People don’t really care but hackers do

▪ Privacy & security settings▪ Geotagging

27

28

Email

▪ Threats▪ Malicious attachment, malicious redirection, phishing, hoax

mail, spamming

▪ Tips▪ Strong password, two-step authentication, antivirus, anti-

spam, last-activity check, digitally signed email

29

30

31

32

haveibeenpwned.com

33

Mobile Operating System

34

35

36

Mobile▪ IMEI

▪ Threats & risks▪ Eavesdropping▪ Unauthorized access▪ Theft & loss▪ Unmanaged application▪ Unsecured communication port▪ Mobile malware

▪ Vulnerabilities▪ Insecure data storage▪ Insufficient transport layer protection▪ Poor authorization & authentication

▪ Bluetooth attack▪ Bluesnarfing▪ Man in the middle ▪ Backdoor

37

Mobile▪ Mitigation▪ Be vigilant▪ PIN, Passcode, Encryption▪ Insurance▪ Data backup

▪ If lost…▪ Find my phone▪ Change all passwords▪ Sign out device▪ Police▪ Service provider

38

Cloud▪ What is cloud actually?

▪ IaaS▪ PaaS▪ SaaS

▪ Mitigation▪ Backup data▪ Update backup▪ Strong password▪ 2 Factor authentication▪ Encrypt

▪ Threats▪ Data breach▪ Data loss▪ Account hacking▪ Disgruntled employee▪ Shared space

▪ Privacy issues▪ Data ownership▪ Data location▪ Data migration▪ Data permanency

39

Network▪ Disable Bluetooth after use▪ Choose wired over wifi▪ Wifi security▪ WEP▪ WPA▪ WPA2▪ WPA3

▪ Firewall▪ Avoid public, non-secured wifi▪ What if it’s urgent?

40

VPN

▪ Avoid “Free” VPNs▪ Do some research▪ Beware of VPN myths:▪ Anonymous▪ No logging▪ Privacy

41

42

43

ECCO

UNCI

LCE

RT M

ATRI

X44