Usable Privacy and Security. Ponnurangam K (PK) OWASP AppSec Asia Nov 17, 2009
|
|
- Colleen Austin
- 8 years ago
- Views:
Transcription
1 Usable Privacy and Security Ponnurangam K (PK) OWASP AppSec Asia Nov 17, 2009
2 Who am I? Faculty at IIIT Delhi Ph.D. from School of Computer Science, Carnegie Mellon University, USA Research interests InformaOon security Cyber crime Usable security Teaching a Ph.D. level course on Security and Privacy
3 Everyday Security Problems Install this so+ware?
4 Everyday Security Problems Se1ng File Permissions
5 Everyday Security Problems All channels are used
6
7 Secure, but usable?
8 Unusable security frustrates users
9 Outline Usable privacy and security challenges Making secure systems more usable Building usable secure systems AnO phishing Privacy decision making User controllable security and privacy Takeaways
10 Usable Privacy and Security Give end users security controls they can understand and privacy they can control for the dynamic, pervasive compuong environments of the future. Grand Challenges in InformaOon Security & Assurance CompuOng Research AssociaOon (2003) More research needed on how cultural and social influences can affect how people use computers and electronic informaoon in ways that increase the risk of cybersecurity breaches. Grand Challenges for Engineering NaOonal Academy of Engineering (2008)
11 Concerns may not be aligned Security experts are concerned about the bad guys ge^ng in Users may be more concerned about locking themselves out
12 Typical password advice Pick a hard to guess password Don t use it anywhere else Change it o`en Don t write it down
13 What do users do when every web site wants a password?
14 Bank = b3ayz Amazon = aa66x! Phonebill = p$2$ta1
15
16 Humans are weakest link Most security breaches abributed to human error Social engineering abacks proliferate
17 How can we make secure systems more usable? Make it just work Invisible security Make security/privacy understandable Make it visible Make it intuiove Use metaphors that users can relate to Train the user
18 Make it just work
19 Beber behind the scene Develop systems where users are not involved in solving a problem Spam filters RegulaOon ValidaOon
20 Make security understandable
21 Netcra` Displays domain registration date, hosting name and country, and popularity among other users Traps suspicious URLs with deceivable characters Enforces display of browser navigational controls
22 Privacy bird Privacy policy matches user s privacy preferences Privacy policy does not match user s privacy preferences
23 Train the user
24
25 Usable security makes users happy
26 Outline Usable privacy and security challenges Making secure systems more usable Building usable secure systems AnO phishing Privacy decision making User controllable security and privacy Takeaways
27
28 Phishing works Phishers make use of users trust Users lack computer and security knowledge People don t use good strategies VicOms Financial insotuoons and military Corporates UniversiOes Online social networking sites/games
29 MulO Pronged Approach Human side Interviews and surveys to understand decision making PhishGuru embedded training AnO Phishing Phil game Computer side PhishPatrol ano phishing filter CANTINA web ano phishing algorithm
30 How do users make decisions? Interview study Results Something to do with the band Phish, I take it. People generally not good at idenofying scams they haven t specifically seen before People don t use good strategies to protect themselves Non experts wanted advice to help them make beber trust decisions Non experts used significantly fewer meaningful signals compared to experts
31 PhishGuru Embedded Training Can we train people during their normal use of to avoid phishing abacks? Periodically, people receive a training Training looks like a phishing aback If a person falls for it, intervenoon warns and highlights what cues to look for in succinct and engaging format MoOvaOng users teachable moment Applies learning science principles for designing training intervenoons
32 Subject: Revision to Your Amazon.com InformaOon
33 Subject: Revision to Your Amazon.com InformaOon Please login and enter your informaoon hbp:// in.html
34
35 Laboratory study results Security nooces are an ineffecove medium for training users Users educated with embedded training make beber decisions than those sent security nooces ParOcipants retained knowledge a`er 7 days Training does not increase false posiove error
36 Real world studies People trained with PhishGuru were less likely to click on phishing links than those not trained People retained their training for 28 days Two training messages are beber than one PhishGuru training does not make people less likely to click on legiomate links Age was most significant factor in determining vulnerability
37 Some feedback I was more moovated to read the training materials since it was presented a`er me falling for the aback. Thank you PhishGuru, I will remember that [the 5 instrucoons given in the training material]. I really liked the idea of sending CMU students fake phishing s and then saying to them, essenoally, HEY! You could've just goben scammed! You should be more careful here's how... I think the idea of using something fun, like a cartoon, to teach people about a serious subject is awesome!
38 AnO Phishing Phil Online game Compliments PhishGuru Teaches people how to protect themselves from phishing abacks idenofy phishing URLs use web browser cues find legiomate sites with search engines Played 95,000 Omes
39
40
41
42 PhishPatrol Create filter that detects phishing s Spam filters well explored, but how good for phishing? Can we create a custom filter for phishing?
43 PhishPatrol: HeurisOcs IP addresses in link (hbp:// /blah) Age of linked to domains (younger domains likely phishing) Non matching URLs (ex. most links point to PayPal) Click here to restore your account HTML Number of links Number of domain names in links Number of dots in URLs (hbp:// JavaScript SpamAssassin raong
44 CANTINA Take five words with highest TF IDF weights Feed these five words into a search engine (Google) If domain name of current web page is in top N search results, we consider it legiomate
45
46
47 Outline Usable privacy and security challenges Making secure systems more usable Building usable secure systems AnO phishing Privacy decision making User controllable security and privacy Takeaways
48 Privacy decision making To make privacy informaoon more usable to consumers Plasorm for Privacy Preferences (P3P) XML format that web sites use to encode their privacy policies User so`ware to read P3P policies called a P3P user agent
49 Privacy bird indicator
50 Click on the bird for more info
51 Privacy policy summary mismatch Link to opt-out page
52 Outline Usable privacy and security challenges Making secure systems more usable Building usable secure systems AnO phishing Privacy decision making User controllable security and privacy Takeaways
53 User controllable security and privacy Give user the control of the informaoon Provide tools for users to audit System should learn from user behavior and suggest
54 Grey Distributed smartphone based access control system physical resources like office doors, computers, and coke machines electronic ones like computer accounts and electronic files currently only physical doors
55 Other systems Locaccino Expandable grids
56 Outline Usable privacy and security challenges Making secure systems more usable Building usable secure systems AnO phishing Privacy decision making User controllable security and privacy Takeaways
57 Takeaways Users are the weakest link in security system Usable Privacy and Security is criocal to reap the benefits of InformaOon and CommunicaOon Technologies Whirlwind tour of usable security and privacy systems Helping end users by developing usable systems
58 What can we do about it? Understanding the human in the loop Understand the usable security issue in India Collect empirical data related to security and privacy in India
59 Further readings HCISEC bibliography hbp://gaudior.net/alma/biblio.html Cranor, L. F., and Garfinkel, S. Security and Usability: Designing Secure Systems that People Can Use., James, L. Phishing Exposed. Syngress Publishing, Canada, November Wu, M. FighOng Phishing at the User Interface. PhD thesis, MIT, 2006., hbp://groups.csail.mit.edu/uid/projects/phishing/ minwu thesis.pdf. Norman, D. A. The Design of Everyday Things. Basic Books, 2002.
60 Thank you
61 QuesOons?
62 Acknowledgements Members of SupporOng Trust Decisions research group Members of CyLab Usable Privacy and Security laboratory Members of COS Ph.D. program Supported by NSF, ARO, CyLab, ISP in Portugal
63 Ponnurangam K (PK) pk@iiitd.ac.in
LEGAL ISSUES IN SHARING CYBER THREAT INTELLIGENCE: WHAT ARE THE REAL CONCERNS?
LEGAL ISSUES IN SHARING CYBER THREAT INTELLIGENCE: WHAT ARE THE REAL CONCERNS? Kim PereK September 9, 2015 2015 Cybersecurity Innova0on Forum Agenda The Cyber Threat Landscape The Legal JusOficaOon for
More informationPhishing. Foiled. Over just a few weeks, I received e-mail. Can
computer security Can Phishing Understanding the human factors that make people vulnerable to online criminals can improve both security training and technology By Lorrie Faith Cranor? Be Foiled KEY CONCEPTS
More informationSchool of Phish: A Real-World Evaluation of Anti-Phishing Training
School of Phish: A Real-World Evaluation of Anti-Phishing Training Ponnurangam Kumaraguru, Justin Cranshaw, Alessandro Acquisti, Lorrie Cranor, Jason Hong, Mary Ann Blair, Theodore Pham Carnegie Mellon
More informationSafety online: anti-phishing stress test. Sustainability
Safety online: anti-phishing stress test Sustainability 2012 AGENDA FRAMEWORK METHODOLOGY RESULS ATTACHMENTS FRAMEWORK What is phishing? Phishing is based on the use of tools to collect information and
More informationAnti-Phishing Training Modules Teach employees to recognize and avoid phishing and spear phishing attacks
Anti-Phishing Training Modules Teach employees to recognize and avoid phishing and spear phishing attacks Improve Phishing Knowledge and Reduce Susceptibility to Attack Do you already have some form of
More informationComputer Security Literacy
Computer Security Literacy Staying Safe in a Digital World Douglas Jacobson and Joseph Idziorek CRC Press Taylor & Francis Group Boca Raton London New York CRC Press is an imprint of the Taylor & Francis
More informationScams and Schemes. objectives. Essential Question: What is identity theft, and how can you protect yourself from it? Learning Overview and Objectives
Estimated time: 45 minutes Essential Question: What is identity theft, and how can you protect yourself from it? Learning Overview and Objectives Overview: Students learn strategies for guarding against
More informationPrivacy Tool! User Studies
Lorrie Faith Cranor" Engineering & Public Policy acy & Secur ity Priv e l HT TP ratory bo La CyLab U sab November 2012 :// C DU Privacy Tool! User Studies CyLab U P S.C S.C M U.E 1 Evaluating notice and
More informationNational Cyber Security Month 2015: Daily Security Awareness Tips
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
More informationSIMULATED ATTACKS. Evaluate Susceptibility Using PhishGuru, SmishGuru, and USBGuru MEASURE ASSESS
SIMULATED ATTACKS Evaluate Susceptibility Using PhishGuru, SmishGuru, and USBGuru Technical safeguards like firewalls, antivirus software, and email filters are critical for defending your infrastructure,
More informationScams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?
LESSON PLAN Scams and Schemes Essential Question What is identity theft, and how can you protect yourself from it? Lesson Overview Students learn strategies for guarding against identity theft and scams
More informationModusMail Software Instructions.
ModusMail Software Instructions. Table of Contents Basic Quarantine Report Information. 2 Starting A WebMail Session. 3 WebMail Interface. 4 WebMail Setting overview (See Settings Interface).. 5 Account
More informationScams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?
LESSON PLAN Scams and Schemes Essential Question What is identity theft, and how can you protect yourself from it? Lesson Overview Students learn strategies for guarding against identity theft and scams
More informationA Hybrid Approach to Detect Zero Day Phishing Websites
International Journal of Information & Computation Technology. ISSN 0974-2239 Volume 4, Number 17 (2014), pp. 1761-1770 International Research Publications House http://www. irphouse.com A Hybrid Approach
More informationComputing Services Information Security Office. Security 101
Computing Services Information Security Office Security 101 Definition of Information Security Information security is the protection of information and systems from unauthorized access, disclosure, modification,
More informationLessons From a Real World Evaluation of Anti-Phishing Training
Lessons From a Real World Evaluation of Anti-Phishing Training Ponnurangam Kumaraguru, Steve Sheng Carnegie Mellon University ponguru@cs.cmu.edu, shengx@cmu.edu Alessandro Acquisti, Lorrie Faith Cranor,
More informationTools to Protect Against Identity Theft
Tools to Protect Against Identity Theft Mario A. Garcia Texas A&M University-Corpus Christi SNIDJ 2/8/2007 1 Identity Theft - Definition Identity theft, Web spoofing, identity fraud are terms used to refer
More informationFORBIDDEN - Ethical Hacking Workshop Duration
Workshop Course Module FORBIDDEN - Ethical Hacking Workshop Duration Lecture and Demonstration : 15 Hours Security Challenge : 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once
More informationSimple SEO Success. Google Analytics & Google Webmaster Tools
Google Analytics & Google Webmaster Tools In this module we are going to be looking at 2 free tools and why they are essential when running any online business website. First of all you need to ensure
More information[Ramit Solutions] www.ramitsolutions.com SEO SMO- SEM - PPC. [Internet / Online Marketing Concepts] SEO Training Concepts SEO TEAM Ramit Solutions
[Ramit Solutions] www.ramitsolutions.com SEO SMO- SEM - PPC [Internet / Online Marketing Concepts] SEO Training Concepts SEO TEAM Ramit Solutions [2014-2016] By Lathish Difference between Offline Marketing
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationHow To Create A Spam Detector On A Web Browser
Design and Evaluation of a Real-Time URL Spam Filtering Service Geraldo Franciscani 15 de Maio de 2012 Teacher: Ponnurangam K (PK) Introduction Initial Presentation Monarch is a real-time system for filtering
More informationA Secure Login Process Using USB for Various Phishing Prevention System
International Journal of Computer Systems (ISSN: 2394-1065), Volume 01, Issue 02, November, 2014 Available at http://www.ijcsonline.com/ Amit Solanki, S. R. Dogiwal Dept. of Computer Science & Engineering,
More informationANNUAL SECURITY RESPONSIBILITY REVIEW
ANNUAL SECURITY RESPONSIBILITY REVIEW For Faculty and Staff Who Use Computers Minimally in their work May 2012 Training Topics What is Information Security? Review Security Vulnerabilities Phishing email
More informationDomain Name Abuse Detection. Liming Wang
Domain Name Abuse Detection Liming Wang Outline 1 Domain Name Abuse Work Overview 2 Anti-phishing Research Work 3 Chinese Domain Similarity Detection 4 Other Abuse detection ti 5 System Information 2 Why?
More informationDefense Media Activity Guide To Keeping Your Social Media Accounts Secure
Guide To Keeping Your Social Media Accounts Secure Social media is an integral part of the strategic communications and public affairs missions of the Department of Defense. Like any asset, it is something
More informationNon- UW User Account Creation Procedure for the UW School of Social Work s (SSW) Web Application STAR
Non- UW User Account Creation Procedure for the UW School of Social Work s (SSW) Web Application STAR Welcome to the UW School of Social Work s (SSW) online data management tool called System To Administrate
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationIntroduction to Computing @ WSU
Introduction to Computing @ WSU Table of Contents 1 - Account Information... 2 2 - Setting up Accounts for First Time Use... 3 3 - Important Systems... 4 4 - CaTS Website... 5 5 - Logging into the Campus
More informationHow To Understand The Health Insurance Portability And Accountability Act (Hipaa)
Common HIPAA Risks & The New HITECH Final Rule Eric W. Humes 1 What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 to protect the privacy of patient
More informationFitCause Privacy Policy
FitCause Privacy Policy EFFECTIVE DATE: June 19, 2013 FuelGooder Inc. d/b/a FitCause ( FitCause ) values your privacy. FitCause is a social fundraising platform empowering individuals to turn their exercising
More informationThe Devil is Phishing: Rethinking Web Single Sign On Systems Security. Chuan Yue USENIX Workshop on Large Scale Exploits
The Devil is Phishing: Rethinking Web Single Sign On Systems Security Chuan Yue USENIX Workshop on Large Scale Exploits and Emergent Threats (LEET 2013) Web Single Sign On (SSO) systems Sign in multiple
More informationWho will win the battle - Spammers or Service Providers?
Who will win the battle - Spammers or Service Providers? Pranaya Krishna. E* Spam Analyst and Digital Evidence Analyst, TATA Consultancy Services Ltd. (pranaya.enugulapally@tcs.com) Abstract Spam is abuse
More informationAccepting advertising on the Netcraft web sites.
Netcraft is an Internet services company based in Bath, England. Netcraft is funded through retained profit and derives its revenue in the following ways: Providing internet security services, including
More informationCloud Services. Email Anti-Spam. Admin Guide
Cloud Services Email Anti-Spam Admin Guide 10/23/2014 CONTENTS Introduction to Anti- Spam... 4 About Anti- Spam... 4 Locating the Anti- Spam Pages in the Portal... 5 Anti- Spam Best Practice Settings...
More informationProtecting Yourself Against Identity Theft. Identity theft is a serious. What is Identity Theft?
Protecting Yourself Against Identity Theft Identity theft is a serious crime. Identity theft happens when someone steals your personal information and uses it without your permission. It is a growing threat
More informationEmerging risks for internet users
Sabeena Oberoi Assistant Secretary, Cyber Security and Asia Pacific Branch Department of Broadband, Communications and the Digital Economy Government s role - DBCDE The new Australian Government Cyber
More informationThe Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015
The Cost of Phishing Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015 Executive Summary.... 3 The Costs... 4 How To Estimate the Cost of an Attack.... 5 Table
More informationA New Era. A New Edge. Phishing within your company
Phishing within your company Learning Objectives What is phishing and how to minimize its impact Obtain a basic understanding of how to use virtual machines Use BackTrack, a tool used by many security
More informationApplication of Machine Learning and Crowdsourcing. to Detection of Cybersecurity Threats
Application of Machine Learning and Crowdsourcing to Detection of Cybersecurity Threats February 2011 Eugene Fink, Mehrbod Sharifi, and Jaime G. Carbonell eugenefink@cmu.edu, mehrbod@cs.cmu.edu, jgc@cs.cmu.edu
More informationOnline Security Information. Tips for staying safe online
Online Security Information ProCredit Bank is committed to protecting the integrity of your transactions and bank account details. ProCredit Bank therefore uses the latest security software and procedures
More informationPassword Depot for Android
Password Depot for Android Table Of Contents Table Of Contents... 2 User interface... 3 Action Bar... 3 Overflow Menu... 4 Entry menu... 5 Context Bar... 6 Settings... 7 Creating a password file... 8 Opening
More informationNATIONAL CYBER SECURITY AWARENESS MONTH
NATIONAL CYBER SECURITY AWARENESS MONTH Tip 1: Security is everyone s responsibility. Develop an awareness framework that challenges, educates and empowers your customers and employees to be part of the
More information3 day Workshop on Cyber Security & Ethical Hacking
3 day Workshop on Cyber Security & Ethical Hacking 1 st day-highlights-hands On Phishing Attack Hammad Mashkoor Lari Freelancer What is Cyber Security? What is Ethical hacking? What is Computer Science?
More informationThe SMB Cyber Security Survival Guide
The SMB Cyber Security Survival Guide Stephen Cobb, CISSP Security Evangelist The challenge A data security breach can put a business out of business or create serious unbudgeted costs To survive in today
More informationBULK MAIL CAMPAIGN RULES
BULK MAIL CAMPAIGN RULES No matter what you do, or how closely you follow the guidelines we provide, the issue of spam is an ever changing and always evolving problem it is estimated that more than 70%
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationData protection. Protecting your personal information online
Data protection Protecting your personal information online 3 Introduction More and more people are conducting their personal affairs online. Online shopping, social networking, job hunting and the ability
More informationHint: Best actions: Find out more in videos and FAQ: Hint: Best actions: Find out more in videos and FAQ:
Game Cheatsheet This is a spam email, an unsolicited and unwanted email from an unknown sender. Hint: Does this offer seem too good to be true? Perhaps you need to know more? Best actions: Delete, Check
More informationBad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams. May 2014. TrustInAds.org. Keeping people safe from bad online ads
Bad Ads Trend Alert: Shining a Light on Tech Support Advertising Scams May 2014 TrustInAds.org Keeping people safe from bad online ads OVERVIEW Today, even the most tech savvy individuals can find themselves
More informationAUDIT REPORT NO MORE PHONE TAG. 10 Jun 2015. Report Content Last Updated. On-Page Optimization. Off-Page Optimization. Keywords Report.
WEBSITE AUDIT REPORT Report Content Last Updated 1 Jun 215 On-Page Optimization Off-Page Optimization Social Media Keywords Report NO MORE PHONE TAG support@nomorephonetag.com 787 S. State Street, Suite
More informationCybersecurity Best Practices
Ten Essential Cybersecurity Best Practices Banking Business Employees Brought to you by: 1 Did you know? One in five small-to-medium-sized companies were the victims of cyber breaches in 2013.1 In 76%
More informationEncrypted Email Users Guide. Revised 6/8/2015
Encrypted Email Users Guide Revised 6/8/2015 Contents Encrypted email service overview Registering, activating and maintaining an account Online Help Accessing the encrypted email portal screens Downloading
More informationHow to Register for Training
How to Register for Training We have created a Training Console to help you manage your Tenable training from the Tenable Support Portal. You will be able to enroll in On Demand Training Course(s) or Certification
More informationAnti-Phishing Best Practices for ISPs and Mailbox Providers
Anti-Phishing Best Practices for ISPs and Mailbox Providers Version 2.01, June 2015 A document jointly produced by the Messaging, Malware and Mobile Anti-Abuse Working Group (M 3 AAWG) and the Anti-Phishing
More informationFrequently Asked Questions (FAQ)
Your personal information and account security is important to us. This product employs a Secure Sign On process that includes layers of protection at time of product log in to mitigate risk, and thwart
More informationThe Internet (Computer Networking)
The Internet (Computer Networking) In what ways do we use the Internet for? Fun facts about the Internet Almost impossible to measure how much data you can access on the Internet Estimated to take about
More informationEvaluating DMARC Effectiveness for the Financial Services Industry
Evaluating DMARC Effectiveness for the Financial Services Industry by Robert Holmes General Manager, Email Fraud Protection Return Path Executive Summary Email spoofing steadily increases annually. DMARC
More information5 Simple Ways To Avoid Getting An Avalanche of Spam
Customer Education Series 5 Simple Ways To Avoid Getting An Avalanche of Spam A Business Owners Guide To Eliminating The 10-15 Most Unproductive Minutes Of Each Employee s Day 5 Easy Ways to Avoid Getting
More informationPortal Recipient Guide
Portal Recipient Guide Lindenhouse Software Limited 2015 Contents 1 Introduction... 4 2 Account Activation... 4 3 Forgotten Password... 9 4 Document signing... 12 5 Authenticating your Device & Browser...
More informationCommon Cyber Threats. Common cyber threats include:
Common Cyber Threats: and Common Cyber Threats... 2 Phishing and Spear Phishing... 3... 3... 4 Malicious Code... 5... 5... 5 Weak and Default Passwords... 6... 6... 6 Unpatched or Outdated Software Vulnerabilities...
More information2009 Antispyware Coalition Public Workshop
2009 Antispyware Coalition Public Workshop Jeffrey Fox Technology Editor, Consumer Reports Media contact: Lauren Hackett, 914-378-2561 Background For several years, Consumer Reports has been testing and
More informationPhishing: Facing the Challenge of Email Identity Theft with Proper Tools and Practices
Phishing: Facing the Challenge of Email Identity Theft with Proper Tools and Practices A Leadfusion White Paper 2012 Leadfusion, Inc. All rights reserved. The Threat of Phishing Email is an indispensable
More informationPhishing Scams Security Update Best Practices for General User
Phishing Scams Security Update Best Practices for General User hishing refers to the malicious attack Pmethod by attackers who imitate legitimate companies in sending emails in order to entice people to
More informationLoophole+ with Ethical Hacking and Penetration Testing
Loophole+ with Ethical Hacking and Penetration Testing Duration Lecture and Demonstration: 15 Hours Security Challenge: 01 Hours Introduction Security can't be guaranteed. As Clint Eastwood once said,
More informationPhishing Past, Present and Future
White Paper Phishing Past, Present and Future By Theodore Green, President, SpamStopsHere.com Abstract A particularly dangerous and now common type of spam known as "Phishing attempts to trick recipients
More informationInsight Student for Chromebooks - Auto Configuration
1 s - Auto Configuration Technical Paper Last modified: June 2015 Web: www.faronics.com Email: sales@faronics.com Phone: 800-943-6422 or 604-637-3333 Fax: 800-943-6488 or 604-637-8188 Hours: Monday to
More informationSecurity And Backups. Topic Website Tutorial 18
Topic Website Tutorial 18 Security And Backups Since your online strategy is a core component of your business plan, you need to ensure that you are able to recover all your files should your website crash
More informationWEB QUARANTINE USER GUIDE VERSION 4.3
WEB QUARANTINE USER GUIDE VERSION 4.3 WEB QUARANTINE USER GUIDE Version 4.3 The content of this manual is for informational use only and is subject to change without notice. Neither Norman nor anyone else
More information2010 AICPA Top Technology Initiatives. About the Presenter. Agenda. Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP
2010 AICPA Top Technology Initiatives Presenter: Dan Schroeder, CPA/CITP Habif, Arogeti, & Wynne, LLP Georgia Society of CPAs Annual Convention June 16, 2010 About the Presenter Partner-in-Charge, Habif,
More informationSTOP. THINK. CONNECT. Online Safety Quiz
STOP. THINK. CONNECT. Online Safety Quiz Round 1: Safety and Security Kristina is on Facebook and receives a friend request from a boy she doesn t know. What should she do? A. Accept the friend request.
More informationMay 2011 Report #53. The following trends are highlighted in the May 2011 report:
May 2011 Report #53 The unexpected raid and resulting death of Osama Bin Laden shocked the world. As always, spammers were quick to jump on this headline, and send a variety of spam messages leveraging
More informationSocial Application Guide
Social Application Guide Version 2.2.0 Mar 2015 This document is intent to use for our following Magento Extensions Or any other cases it might help. Copyright 2015 LitExtension.com. All Rights Reserved
More informationCyber Security. Maintaining Your Identity on the Net
Cyber Security Maintaining Your Identity on the Net Why Cyber Security? There are three points of failure in any secure network: Technology (hardware and software) Technology Support (ITS) End Users (USD
More informationSingle Property Website Quickstart Guide
Single Property Website Quickstart Guide Win More Listings. Attract More Buyers. Sell More Homes. TABLE OF CONTENTS Getting Started... 3 First Time Registration...3 Existing Account...6 Administration
More informationDISCLAIMER AND NOTICES
DISCLAIMER AND NOTICES The opinions expressed in this presentation are those of the author and presenter alone. They do not represent the views of any other entity. Nothing in this presentation should
More informationCyber Secure your Home and Family. 10/13/15 Cybersecurity for all of us 1
Cyber Secure your Home and Family 10/13/15 Cybersecurity for all of us 1 Agenda Securing your home network Password Safety Web browsing safety Phishing & Spam Digital Millennium Copyright Act (DMCA) Mobile
More informationTop 40 Email Marketing Terms You Should Know
1601 Trapelo Road Phone 781-472-8100 Suite 246 Fax 781-472-8101 Waltham, MA 02451 www.constantcontact.com Top 40 Email Marketing Terms You Should Know If you have ever felt out of your depth in a discussion
More informationSMALL BUSINESS IT SECURITY PRACTICAL GUIDE
SMALL BUSINESS IT SECURITY PRACTICAL GUIDE How to make sure your business has comprehensive IT security protection #protectmybiz Small businesses come in all shapes and sizes. But in today s world, no
More informationNCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.
NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities
More informationSearch Engine Optimization and Web 2.0
Introduction Web 2.0 is a fairly recent phenomenon whose predominate features are composed of a high level of user or community participation as well as leading-edge technical features such as AJAX. Because
More informationCreate A Google Site. Introduction to Sites. Create, format, and customize a site. Adapted from:
Create A Google Site Adapted from: http://edutraining.googleapps.com/training-home/module-5-sites Introduction to Sites Google Sites is an online application that makes creating a class, school, or project
More informationWho Falls for Phish? A Demographic Analysis of Phishing Susceptibility and Effectiveness of Interventions
Who Falls for Phish? A Demographic Analysis of Phishing Susceptibility and Effectiveness of Interventions Steve Sheng, 1 Mandy Holbrook, 1 Ponnurangam Kumaraguru, 2 Lorrie Cranor, 1 Julie Downs 1 1 Carnegie
More informationMalware & Botnets. Botnets
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
More informationMulti-Factor Authentication Reference Guide
Multi-Factor Authentication Reference Guide March 2011 Support: (800) 350-3557 www.pacificwesternbank.com Table of Contents Multi-Factor Authentication (MFA) Required for All Customers...page 2 Challenge
More informationWhat is Web Security? Motivation
brucker@inf.ethz.ch http://www.brucker.ch/ Information Security ETH Zürich Zürich, Switzerland Information Security Fundamentals March 23, 2004 The End Users View The Server Providers View What is Web
More informationDon t Fall Victim to Cybercrime:
Don t Fall Victim to Cybercrime: Best Practices to Safeguard Your Business Agenda Cybercrime Overview Corporate Account Takeover Computer Hacking, Phishing, Malware Breach Statistics Internet Security
More informationGetting Users to Pay Attention to Anti-Phishing Education: Evaluation of Retention and Transfer
Getting Users to Pay Attention to Anti-Phishing Education: Evaluation of Retention and Transfer Ponnurangam Kumaraguru, Yong Rhee, Steve Sheng, Sharique Hasan, Alessandro Acquisti, Lorrie Faith Cranor,
More informationWin the Internet Security War. Keep Internet Criminals Out of Your Network and Protect Your Business
Win the Internet Security War Keep Internet Criminals Out of Your Network and Protect Your Business Takeaways Cyber-criminals are using emails & social engineering to infiltrate your network Your team
More informationHello. If you have any questions that aren t addressed here, feel free to contact our support staff.
Hello. You've imported your list, created a beautiful campaign, tested it, revised it, and sent it to your loyal subscribers. Now it's time to sit back, relax, and watch your reports come in. MailChimp
More informationSocial Media and Cyber Safety
Social Media and Cyber Safety Presented to the National Association of REALTORS by Andrew Wooten Safety and Security Consultant andrew@justbesafe.com Social Media and Cyber Safety Our instructor today
More informationCyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined?
Cyber Attacks and Liabilities Why do so many Organizations keep Getting Hacked, Sued and Fined? PRESENTED BY RICK SHAW, AWAREITY Webinar Objectives Employees (and third parties) are the weakest links Learn
More informationSoftware Solutions Digital Marketing Business Services. Email Marketing. What you need to know
Software Solutions Digital Marketing Business Services Email Marketing What you need to know Contents Building Your Email List 1 Managing Your Email List. 2 Designing Your Emails 3 Branding Your Emails.....
More informationPRIVACY POLICY. I. Introduction. II. Information We Collect
PRIVACY POLICY school2life, Inc. ( school2life ) Privacy Policy is designed to provide clarity about the information we collect and how we use it to provide a better social gaming experience. By accepting
More informationManagement and Storage of Sensitive Information UH Information Security Team (InfoSec)
Management and Storage of Sensitive Information UH Information Security Team (InfoSec) Who Are We? UH Information Security Team Jodi Ito - Information Security Officer Deanna Pasternak & Taylor Summers
More informationCriteria for web application security check. Version 2015.1
Criteria for web application security check Version 2015.1 i Content Introduction... iii ISC- P- 001 ISC- P- 001.1 ISC- P- 001.2 ISC- P- 001.3 ISC- P- 001.4 ISC- P- 001.5 ISC- P- 001.6 ISC- P- 001.7 ISC-
More informationBookmarks for Desktop Self-Defense
Basic Security Tips Bookmarks for Desktop Self-Defense Get Safe Online http://www.getsafeonline.org/ Get Safe Online will help you protect yourself against Internet threats. The site is sponsored by government
More informationPACB One-Day Cybersecurity Workshop
PACB One-Day Cybersecurity Workshop WHAT IS CYBERSECURITY? PRESENTED BY: JON WALDMAN, SBS CISA, CRISC 1 Contact Information Jon Waldman Partner, Senior IS Consultant CISA, CRISC Masters of Info Assurance
More informationTOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY
TOP 10 TIPS FOR EDUCATING EMPLOYEES ABOUT CYBERSECURITY An Inside Job Cyberthreats to your business are usually blamed on outsiders nefarious programmers writing malicious code designed to pilfer your
More informationYSU Spam Solution Guide to Using Proofpoint
Proofpoint Web Interface Introduction In 2006, YSU deployed the Proofpoint appliance in response to a growing number of spam messages infiltrating their way past current detection technologies into user
More information