Infosec 4 The Home
-
Upload
jaysonstreet -
Category
Technology
-
view
195 -
download
4
description
Transcript of Infosec 4 The Home
![Page 1: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/1.jpg)
Security starts at Home(Protecting your business by protecting your computer.)
Jayson E. Street, CISSP, GSEC, GCFA, IEM, IAM, CCSE, CCSA, Security+
![Page 3: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/3.jpg)
Know yourself know your enemy
• Sun Wu (Tzu) “Ping-fa”(The Art of War)• “Thus it is said that one who knows the enemy and
knows himself will not be endangered in a hundred engagements. One who does not know the enemy but knows himself will sometimes be victorious, sometimes meet with defeat. One who knows neither the enemy nor himself will invariably be defeated in every engagement!”
![Page 4: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/4.jpg)
Contents
• INTRO
• Basic PC Safety
• Identity Theft Issues
• Discussion
![Page 5: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/5.jpg)
What should you do?
• Use a Firewall
• Keep Your Computer(s) Patched
• Use Virus Protection Software
![Page 6: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/6.jpg)
Use a Firewall
• Hardware– Linksys
• Software– Norton– ZoneAlarm
• Test Yourself– http://www.hackerwatch.org/probe/
![Page 7: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/7.jpg)
Keep Your Computer(s) Patched
• Windows Update– http://update.microsoft.com– Download patches automatically– Install patches manually
• Don’t Forget Microsoft Office– http://office.microsoft.com/officeupdate/
![Page 8: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/8.jpg)
Use Virus Protection Software
• There are plenty of choices:– McAfee, Symantec, F-Prot, etc…
• Auto-Update daily
• Auto-Scan enabled
![Page 9: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/9.jpg)
Email Safety – KRESV Test• The Know Test – Is the email from someone you know?
• The Received Test – Have you received email from this person before?
• The Expect Test – Were you expecting an email with an attachment from this person?
• The Sense Test – Do the contents described in the subject line and the name of the attachment make sense?
• The Virus Test – Does the email contain a virus? To determine this, you will need to install and use an anti-virus program such as McAfee or Norton.
![Page 10: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/10.jpg)
SCAMS!
• No one in Africa with millions of dollars to smuggle out of the country is going to ask for help in an email.
• Bill Gates is not going to give you money for forwarding an email.
• Sending a “chain” email will not bring you luck – but it might help someone learn some things about you.
• Legitimate companies will not ask you for your password in an email.
Check them out: http://www.snopes.com
![Page 11: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/11.jpg)
More Basic Tips
• Remove File Sharing if not needed• Encrypt confidential data (you can find free
encryption tools from www.download.com)• Lock down WiFi (Wireless Network Connectivity)• Use Good Passwords
– Change passwords often– Use alpha-numeric characters– No password is “Un”crackable. There are an
abundance of tools hackers may use to get your password
– Do not use your user name or full name
![Page 12: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/12.jpg)
Identity Theft Issues
How do thieves get your information?• "Dumpster diving" - often very personal information is
just thrown away. People get credit card solicitations that they throw out as "junk mail." An identity thief could use that offer to open credit in your name. Other sources for digging through trash are businesses, law firms, medical facilities, accountants and banks.
• Roommates, relatives, "friends" and estranged spouses - all have access to very personal information, and may be very motivated to misuse that information.
• Waiters / Waitresses - you hand them your credit card at a restaurant and they disappear for five minutes. Do you know what they did with your credit card while they were out of sight?
![Page 13: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/13.jpg)
Identity Theft Issues
How do thieves get your information?• Public records - for example, if you have been
involved in a divorce, many of your financial records could potentially be part of the public record and available by searching at the courthouse. For a thief - why dig in the trash?
• Hacking - many people now have high-speed internet connections at their homes. That makes their personal computers (full of tax return, checking account and investment records) an excellent target for an identity thief.
![Page 14: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/14.jpg)
Identity Theft Issues
What do thieves do with your information?• Open credit accounts and buy products /
services. • Get phone or utility service. • Get a job (the Social Security Administration has
information about how to detect this) • Commit a crime (there have been reports
ranging from traffic violations to international drug trafficking).
• Buy a car. • Rent an apartment.
![Page 15: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/15.jpg)
Identity Theft Issues10 Ways to Protect Yourself
• Be very careful about to whom you give out personal identification information.
• Never provide any personal, bank account or credit card information to anyone who contacts you through a telephone solicitation.
• Keep items with personal information in a safe place.
• Tear Up/Destroy all old personal information. • Sign any credit or debit cards with permanent ink
as soon as you receive them.
![Page 16: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/16.jpg)
Identity Theft Issues
10 Ways to Protect Yourself (continued)
• Minimize the number of credit cards and other items with personal information that you carry.
• Do not leave envelopes containing your checks in your home mailbox.
• Give out your Social Security Number only when necessary.
• Be careful when creating passwords or PIN's. • Monitor your credit card statements and your
credit report.
![Page 17: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/17.jpg)
Identity Theft Issues
Web resources on Identity Theft:• Federal Trade Commission:• http://www.consumer.gov/idtheft/• Social Security Administration• http://www.ssa.gov/pubs/idtheft.htm• Boston Federal Reserve Bank• http://www.bos.frb.org/consumer/identity/• Better Business Bureau• http://www.bbb.org/alerts/idtheft.asp
![Page 18: Infosec 4 The Home](https://reader033.fdocuments.net/reader033/viewer/2022061215/549f6a59ac79594b4c8b489f/html5/thumbnails/18.jpg)
Now let’s learn from others
• Discussion and Questions????
• Or several minutes of uncomfortable silence it’s your choice.
• http://f0rb1dd3n.com/s1s/WP/• http://forums.stratagem-one.com