Protecting Your Personal Information

November 15, 2013

Introductions

• Who are we?

• Why are we here?– Part of our course work is Community

Education and Outreach. We want to help you understand a little more about Information Security

Overview

• Social Networking and You (example: Facebook)

• Passwords

• Cell Phone Security

• Quiz Game

Facebook celeb story

Demonstration

• Fake Facebook account, set up with all privacy defaults– Tara Welsh (randomly generated name)– Email: tarawelsh636@gmail.com (taraw636)– Password: tara1234

Tara’s Facebook Settings

• Tour Tara’s Page

Tara’s Facebook

What Would Make it Better?

What suggestions do you have to make Tara’s Facebook page more secure?

Tara’s Facebook Page- Improved

• Stronger privacy settings – Only friends

• Less personal information

• Be careful who she accepts as friends

• Don’t tag places she is

• A strong password!

Protecting Your Future

• Most hiring managers and HR departments use search engines to research applicants.

• Men and women Google each other when they first begin dating.

• Colleagues at your company and companies you collaborate with look for information about you on Google

– they use that information to make judgments upon you.

• Once posted, always posted. – Facebook continues to store information after it has been deleted.

Forbes Survey

Creating a Strong Password

• Even if data is hidden, protection is highly dependent on the password used to secure the data- not just for social networking!

• Strong passwords:– At least 8 characters– Should not be dictionary words or something that

relates to you (pet names, birthday, etc.)– Includes numbers and symbols– Upper and Lower case– Don’t use the same password for multiple sites

Password Managment

• Strong passwords can be difficult to create/remember, but there is software that can help!

• Software can:– Generate strong passwords– Securely store passwords– Organize– Be automatically retrieved

• Examples:– LastPass (demo this)– 1Password– KeePass

• BUT REMEMBER! The security of all of these passwords is only as strong as the master password

Password Activity

• Come up with your own secure password using the guidelines

• Test your password using Intel’s password checker

https://www-ssl.intel.com/content/www/us/en/forms/passwordwin.html

Celeb Cell Phone Story

Cell Phones

• Has a TON of personal information– Your friends/family– Pictures– E-mail addresses– Logins for social networking sites– Browsing history

• Security is incredibly important for cell phones!– If your phone is stolen, the thief has access to all of this

information. Having secure passwords may be irrelevant. A hacker can spend a ton of time trying to crack your password, or they can just wait until you leave your cell phone laying around and easily have access.

Protecting Your Cell Phone

• Make sure it has a password

• Know it’s location and physically secure it

• Set it to lock automatically after no activity

• Turn off features you aren’t using (Bluetooth)

• Erase all data before giving it away

Symantec study

• Protecting personal info – A total of 89 percent of devices showed attempts to

access personal apps or data.– Attempts to access a private photos app occurred on

72 percent of the devices.    – An attempt to access an online banking app was

observed on 43 percent of the devices.– A “Saved Passwords” file was accessed on 57

percent of the phones

Questions?

Team Quiz

• Interactive game– 5-6 Groups– Team name– Questions regarding material pesented– Prize for the winning team

Question 1

• What reasons would a hiring manager reject a candidate based on their social networking profile?

a. pictures of the candidate drinking alcohol

b. pictures of the candidate at a Christmas party

c. pictures of the candidate with someone the hiring manager dislikes

d. all of the above

Question 2

• True or False: A strong password should be one of your pets’ names.

Question 3

• True or False: It is important to keep your password as simple as possible so that you do not forget it.

Question 4

• Why is it important to protect information in your cell phone?

a. thieves may attempt to hack your “saved passwords”

b. thieves may be able to access your online banking account

c. thieves may attempt to access private photos

d. all of the above

Question 5

• What sort of information would a thief obtain from your phone that might be harmful to you if obtained?

a. a text message about homework

b. a picture that you would not want anyone else to see

c. your email address

d. both b and c

Question 6

• True or False: You can use software to help you create and retrieve your password.

Question 7

• Which of the following is an example of a software program that can be used to create and retrieve a password?

a. MyPassword

b. 1Password

c. CantGuessThis

d. ProtectPassword

Question 8

• Which of the following is a reason you need to be careful about what you post on your social networking site?

a. Once posted, always posted.

b. Hiring managers may reject you for inappropriate posts/pictures

c. Future friends, colleagues, and possible “dates” will likely google search your name

d. all of the above

Question 9

• True or False: If you give/sell your phone to someone, you should leave everything on it so that person can use the apps you have bought.

Question 10

• Which of the following is a strong password?

a. dD0g8myH*mewor&

b. MyDog8MyHomework

c. MyDog1234

d. d*ggg&&

Question 11

• How often should your passwords be changed?

a. Every day

b. Every month

c. Every 6 months

d. Never

Question 12

• True or False: Facebook’s default privacy settings are sufficient

Question 13

• True or False: In the demo, Tara’s password is strong enough because it has numbers.

Question 14

• Someone can get information about you from:

a. Your phone

b. Your Facebook profile

c. Google

d. Your friend’s Facebook profile

e. All of the above

Question 15

• True or False: In the Symatec study, most people did not try to access personal information from the lost cell phone.

Question 16

• True or False: The information about what hiring managers look at doesn’t matter for you because you won’t be looking for a job for a long time.

Question 17

• True or False: Your cell phone should have a password when it locked/idle even if you don’t have a smart phone.

Question 18

• True or False: Facebook is evil and no one should use it, ever.

Question 19

• Which of the following are good ways to protect your personal information?

a. Secure devices and accounts with passwords that are easy to remember

b. Talk to your friends and family about good security practices

c. Use strong passwords wherever possible

d. Both b. and c.

References

• http://en.wikipedia.org/wiki/Password_strength • http://www.zdnet.com/blog/igeneration/facebook-does-not-erase-

user-deleted-content/4808• http://www.onlinesafetysite.com/P1/Teenstats.htm • http://www.forbes.com/sites/kashmirhill/2011/10/03/what-

prospective-employers-hope-to-see-in-your-facebook-account-creativity-well-roundedness-chastity/

• http://what-is-privacy.com/2012/07/how-to-avoid-cell-phone-identity-theft/

• http://technorati.com/technology/article/new-study-reveals-privacy-at-risk/

• https://www.facebook.com/help/409353935768826/