Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information...
-
Upload
stacey-roby -
Category
Documents
-
view
215 -
download
1
Transcript of Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information...
![Page 1: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/1.jpg)
Protecting Yourself in Our
Digital World
Jodi Ito • Information Security Officer
Information Technology Services
[email protected] • (808) 956-2400
![Page 2: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/2.jpg)
From Our President
QuickTime™ and a decompressor
are needed to see this picture.
2
![Page 3: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/3.jpg)
Today’s Thoughts
Our Digital World TodayThreats and VulnerabilitiesMitigation StrategiesSecurity Awareness
3
![Page 4: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/4.jpg)
Today’s Environment
4
![Page 5: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/5.jpg)
has become a verb!
![Page 6: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/6.jpg)
Technologies and Trends
INFORMATION AGE!NOW GenerationPDAs, laptops, netbooks + (wireless networks/cellular broadband) = Mobile Computing
Cellphones --> Smartphones“Texting”, “Tweeting”, “Friending” --> Social Networking
WHOLE NEW WORLD!6
![Page 7: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/7.jpg)
Sign of Things to Come…
http://www.informationweek.com/news/showArticle.jhtml?articleID=219100621
7
![Page 8: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/8.jpg)
Fun, Convenience, OR….?
Toy car lets kids spy on othershttp://www.networkworld.com/video/?bcpid=60965047001&bclid=1363192037&bctid=68172212001
Using mobile devices to open hotel doorshttp://www.tnooz.com/2010/03/01/mobile/hotel-door-opening-technology-moving-to-mobile-devices/
8
![Page 9: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/9.jpg)
QuickTime™ and aH.264 decompressor
are needed to see this picture.
9
![Page 10: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/10.jpg)
FTC P2P data leak alarm…
The Federal Trade Commission this week sent letters to almost 100 organizations that personal information, including sensitive data about customers and employees, has been shared from their computer networks and is available on peer-to-peer (P2P) file-sharing networks to any users of those networks, who could use it to commit identity theft or fraud.
Search for “FTC P2P data leak” using your favorite search engine
10
![Page 11: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/11.jpg)
More P2P Filesharing Risks…
“P2P Snoopers Know What's In Your Wallet”
http://www.networkworld.com/news/2010/020710-shmoocon-p2p-snoopers-know-whats.html
“File Sharers, Beware!” http://www.cbsnews.com/stories/2005/05/03/eveningnews/main692765.shtml
11
![Page 12: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/12.jpg)
Digital Threats
Viruses, Spyware, Trojans & Other Malicious Software
BotnetsPhishing & SpamIdentity TheftCyber Stalking, Cyber Bullying, Online Predators
Etc., etc., etc….
12
![Page 13: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/13.jpg)
Form Phishing
North Carolina State University Phishing Attack
“Security” email directed recipients to web site to “protect” their accounts
Phishers used NCSU graphics to replicate phishing web page
http://www.ncsu.edu/it/security/webmail-phishing.html
13
![Page 14: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/14.jpg)
Anti-Phishing Phil
http://wombatsecurity.com/antiphishingphil
14
![Page 15: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/15.jpg)
Useful Information
Federal Trade Commission
http://www.onguardonline.gov/Department of Homeland Security
www.staysafeonline.org
15
![Page 16: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/16.jpg)
Tapping Your Cell Phone
http://www.wthr.com/Global/story.asp?s=9346833
QuickTime™ and a decompressor
are needed to see this picture.
16
![Page 17: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/17.jpg)
Booming Cyber Crime Industry!Botnets: Rent-a-botnet SPAM generators (steal email accounts and passwords)
$$$ - Stolen sensitive informationTop 3 categories:
Bank account - £5 ($8)Credit cards - 50 credit cards for £20 ($35)
Personal identities - EU identities are worth more
17
![Page 18: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/18.jpg)
Underground Economy
Multi-Billion $$$ industryTJX Data Breach:
Estimated 94 million victimsEstimated losses: $65M - $83M
August 2008: Hacker ring charged with conspiracy, computer intrusion, fraud, & identity theft: http://www.consumeraffairs.com/news04/2008/08/hacker_ring.html 18
![Page 19: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/19.jpg)
Background Resources
“Botnet probe turns up 70G bytes of personal, financial data” estimated worth $8.3Mhttp://www.networkworld.com/news/2009/050409-botnet-probe-turns-up-70g.html
UCSB Computer Science Study:http://www.cs.ucsb.edu/~seclab/projects/torpig/index.html
19
![Page 20: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/20.jpg)
Data Breaches
Privacy Rights Clearinghousehttp://www.privacyrights.org/ar/ChronDataBreaches.htm#CP
Over 260 millions records containing sensitive information are involved in security breaches
Educational Security Incidents: http://www.adamdodge.com/esi/ 20
![Page 21: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/21.jpg)
Example
21
![Page 22: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/22.jpg)
This Cyber “stuff”…
Affects us all!Each unprotected/unpatched computer is a threat: Infected worm/virus/bot Could be used in a concerted attack against a critical infrastructure
Computers, servers, mobile storage devices with any sensitive information represent a vulnerability
22
![Page 23: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/23.jpg)
What Do We Do?
Practice safe computing!
23
![Page 24: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/24.jpg)
Keep Your Computers Safe
Update the software on your computer weekly (or more frequently)
Install anti-virus and anti-spyware software and keep it up-to-date
Use accounts and strong passwords Encrypt sensitive information
http://www.hawaii.edu/askus/729
Don’t install unknown software from unknown sites
Don’t share your accounts/passwords Use password protected screen savers 24
![Page 25: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/25.jpg)
Use STRONG Passwords
Not easily guessableDo not use dictionary wordsUse a combination of upper and lowercase letters, numbers, and special characters
No less than 8 characters Check your password strength:
https://www.microsoft.com/protect/fraud/passwords/checker.aspx
25
![Page 26: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/26.jpg)
Password Strategies
Replace letters with numbers or characters
Incorporate something memorable to youExample:
need password for CitiBank online account got your mortgage in April 2005: 04C7t7B@nk05
Use a phrase and turn it into a password
Example: My Favorite Food is Chocolate Ice Cream MfFiCiC2010m@r
26
![Page 27: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/27.jpg)
More on Passwords
Don’t use the same password for all accounts
Change passwords frequentlyUse more difficult passwords on more sensitive accounts
Use a password safe (but don’t lose the master password!)
http://passwordsafe.sourceforge.net/http://www.hawaii.edu/askus/705
27
![Page 28: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/28.jpg)
Protect Yourself and Information Don’t open unknown emails & attachments Visit only reputable web sites http://safeweb.norton.com/
Do not reply to SPAM or Phishing emails Only login to servers for the duration needed - disconnect when done
Don’t let others use your computer irresponsibly
Use a credit card for online shopping http://www.hawaii.edu/askus/729
28
![Page 29: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/29.jpg)
DO NOT EVER…
…Give out your personal information in response to an UNSOLICTED email, phone call, voice mail
If in doubt, CHECK IT OUT! Call the company using another legitimate phone number (not the one provided in the email or phone call)
New scams use social networking sites to get background personal information
29
![Page 30: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/30.jpg)
Protect Your Sensitive InformationBE SUSPICIOUS!You can’t take back information you’ve already given out
Ask “Why?” when someone asks for your SSN
Check your credit report:www.annualcreditreport.com
30
![Page 31: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/31.jpg)
Social Networking
Do not post TOO MUCH INFORMATION!Internet is FOREVER!
Whatever you post may circulate even AFTER you delete it
New scams use social networking sites to get background personal information
Watch what your children do on the computer
31
![Page 32: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/32.jpg)
TTMI…
Tweeting Too Much Information:
http://pleaserobme.com/
32
![Page 33: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/33.jpg)
Laptops and Mobile DevicesImplement passwords on the deviceBackup your data frequently & test backupsStore backups away from the laptopEncrypt sensitive informationWatch your laptop at all times
Keep your laptop in your possession at all times Don’t leave it out in your hotel room Consider using a laptop lock Consider laptop recovery services Don’t leave your laptop in a car
33
![Page 34: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/34.jpg)
Wireless & Public ComputersBe cautious when using open wireless networks Others using the network maybe be “sniffing” the network
If you must use a public computer, change the password on the account accessed using a secure computer ASAP
34
![Page 35: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/35.jpg)
Wi-Fi Dangers…
Security Expert Claims Thieves Can Detect Wi-Fi In Sleeping Computers
http://www.wired.com/gadgetlab/2010/03/security-expert-claims-thieves-can-detect-wi-fi-in-sleeping-computers/#ixzz0hKGscGjt
Hidden dangers of free public WiFi
http://news.zdnet.com/2100-1035_22-149778.html
35
![Page 36: Protecting Yourself in Our Digital World Jodi Ito Information Security Officer Information Technology Services jodi@hawaii.edu (808) 956-2400.](https://reader036.fdocuments.us/reader036/viewer/2022062619/551761095503463e368b4738/html5/thumbnails/36.jpg)
BE AWARE!
Know what’s out there
(Google yourself)