LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan"

Transcription

1 LAW OFFICE SECURITY for Small Firms and Sole Practitioners Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan 1. Introduction CONTENTS 2. Security Consciousness Having a Firm Security Policy 3. Paper File Security 4. Computer Hardware security i) Minimizing Risk of hardware failure Hard disk replacement Hard disk redundancy ii) Preventing loss of information Backups Off-site storage Know how to Restore the Backup 5. Computer Operating System and Application Security i) System Log ii) System Passwords iii) Application Passwords iv) Anti-Virus Software v) Malware avoidance vi) Keeping systems up-to-date 6. Network Security i) Firewalls. ii) Wireless Security Encryption iii) Remote access iv) Network Intrusion Detection v) Portable computers and USB sticks vi) Recovering a lost/stolen computer 7. security 8. Internet security 9. Conclusion

2 2 1. Introduction Security used to be a simple matter: Turn off the lights and lock the door behind you when you leave. That is still good advice, of course. But, in this age of electronic information and world-wide online access, it is not enough. Office technology and the internet have transformed the practice of law and present daily challenges in maintaining law office security. In this paper I will present an outline of the security issues that small firms and sole practitioners face with office technology and the internet. These are issues that large city firms usually hand over to information technology specialists to manage. In the small firm or in rural or remote communities where IT support may not be affordable or available, these tasks have to be managed in-house by you. The goal is to take advantage of the benefits of technology while meeting the standard of security that the Law Society and your clients reasonably expect. 2. Security Consciousness - Having a Firm Security Policy Good law office security starts with the people in your office who access information on a daily basis. There should be a simple, general, firm policy regarding office security that everyone in your office should be aware of and understand. The policy need not be complicated: It is the responsibility of every lawyer and member of staff to strive to ensure that client information is preserved, protected and accessible for the benefit of the client only. This means that you will strive to ensure that confidential information remains confidential and that client information is accessible for client purposes only; that you will avoid practices that may put client information at risk of being lost or accessed by unauthorized persons; that you will not open from an unknown source; and that you will lock the doors when you are the last to leave the office. If you have every member of the firm read and sign such a policy, you have made a good start.

3 3 3. Paper File Security Paper is a pain. It accumulates and it has to be manually filed. Despite all your attempts to move toward the paperless office you still seem to be managing more and more paper. I dislike paper. I do not manage it well. Be wary of taking your advice on how to manage paper from me. The Law Society of Upper Canada has some pretty good advice at this site: 4. Hardware Security Hardware breaks down. When it does, you can lose the information stored on it. You can minimize but you cannot eliminate the risk of hardware failure. You need a twopronged strategy. Here is what you can do: i) Minimizing Risk of hardware failure Hard disk replacement. The information on your computers is stored on mechanical devices called hard drives. A hard drive consist of high speed rotating metal wheels and fast little pointy things that move in and out to read what is on the wheels. They are well made and are reliable for a long time but they will eventually wear out or fail. You want to replace them before they stop working. The reliability of a hard drive is measured in mean time between failure - MTBF or mean time to failure MTTF. Desktop drives typically have a MTTF of 600,000 hours or 68 years. This does not mean that they all last that long before failing. What it means is that out of 1000 drives running for one year, about 15 of them will fail. If you use computers with single desktop drives, a good policy would be to replace the hard drives every two to three years. Hard Disk Redundancy. Since hard drive failure is an unlikely event, the chance of two drives independently failing at the same time is miniscule. So a better solution is

4 4 to have redundant drives using a RAID 1 controller (usually found in a file server but some desktop computers can have RAID controllers). Using two Enterprise class 2 hard drives in a RAID1 (mirror) configuration (you will need a RAID controller board - they are found in some higher end computers and all file servers), identical copies of all information are maintained on each drive so if one drive fails the data can be retrieved from the one that is still working. Monitoring Drives: With a RAID system, you should monitor the drives. This may be accomplished by having the server configured to send an in the event of a drive failure or other major problem. ii) Preventing loss of information Backups. If your office catches fire, is flooded or suffers a malicious attack, redundancy alone may not save you. RAID mirroring does not replace backing up your computer data and storing the backup data in a secure offsite location. Backing up Office Data. You should backup your office time/billing/accounting data on a daily basis. This can be done on Windows machines using the Backup utility (for Xp Home and Vista/Windows 7 Home users you will have to install the backup program manually from your Windows CD). If you backup the data to a hard drive on your system, once a week you should also back it up onto a CD or DVD to be stored off site (your home, for example). Be sure to have a reliable labeling system. You can also use an off-site backup service (see below). Backing up Document files. It is not practical to backup your client documents on a daily basis to an offsite server. I suggest keeping them on mirrored (RAID1) drives and doing weekly incremental backups onto a DVD, which is then stored off-site, or use an off-site service. 1 RAID means Redundant Array of Independent Disks and is the industry standard for configuring redundant disk storage. 2 Enterprise drives, which must be used on servers in RAID configurations, are also more reliable. They have a MTTF of 1.2 million hours or 136 years.

5 5 Live document backup: Have you ever accidentally erased or copied over a document that you are working on? Word processors can be configured to perform live backups at short intervals. You should configure the program to store the backup on a different drive than you are using to store the document. Caution: Live backups may only work if you have a file name for the document. So when you create a new document save it and give it a name before you begin to work on it. Off-site Storage: You can use an online backup service to backup your data to an off-site server. SaskTel ( ) offers a service. Other providers include Fibercloud ( ) and VaultLogic ( ). Be sure to ask how the off-site service maintains security of your data. Know how to Restore the Backup. It is important that you periodically test the restorability of your backups. So at least once a year you should do a complete system restore to be sure that your backup system is working. This will also keep you conversant with the restore process so you will know what to do in the event that you need to restore data. 5. Computer Operating System and Application Security The key here is to balance accessibility with security. Multiple levels of simple security may be just as secure, or more secure, than one level of elaborate security. i) System Log. Start by having a paper notebook for your system maintained by your office or system manager. The purpose is to store all technical settings, computer passwords, and other sensitive information relating to your system. It should be kept in a locked filing cabinet or other secure place. ii) System Passwords. Passwords can be a pain, but they are a good starting point for maintaining office security. Each computer should have a user password to control access. Access to the file server, if you have one, should also be secured with a logon password. These passwords should be written down and kept in the system log.

6 6 iii) Application Security. Access to office data (eg. PCLaw, Easilaw, Quickbooks) should be by user and password. These should also be kept in the system log. It is generally not a good idea to password protect documents on your office system. If the password is lost, the document is lost. There can be exceptions to this rule for very sensitive documents, in which case special care must be taken not to lose the password. Generally, document passwords should be used when putting the document on a portable computer or portable media. In these cases, an unpassworded copy should be maintained on your office system. Beware of meta-data. If you send a word-processor file to someone you may think it just contains the information that is displayed in the printed document. But it may contain a lot more. It may contain all the confidential original draft and revisions to the draft that you made that your client may not want to disclose. To avoid this, it is best to provide PDF copies of the document or send a non-metadata version of the word-processor file. iv) Anti-Virus Software. Your network should be protected from viruses, ad-ware and other malicious software (generally referred to as malware). This should be installed on each workstation. Good anti-virus programs are Norton, McAfee, VIPREE, Kaspersky, and ZoneAlarm. These must be kept up-to-date using the online updating service that is provided by the software developer. v) Malware avoidance. When a new virus gets established it may defeat even the most up-to-date anti-virus software. So it is always a good practice to instruct your staff and lawyers on how to minimize the risk of infection. Be careful about s Never click a link in an or open an attachment if you are not 100% sure of its origin. If you are unsure, phone the sender to confirm. Internet sites offer all sorts of ways for you to unknowingly pick up annoying and malicious ad-ware that can potentially slow your system down or cause it to become unstable. It is recommended that office computers be used for office purposes using reliable sites.

7 7 vi) Keep Systems up-to-date. Internet browsers and programs are supposed to prevent unauthorized persons or programs from gaining access to your system. But hackers are constantly coming up with new ways of getting through them to your computer to wreak havoc. The first line of defence is to ensure that the operating system and internet software is kept up to date. This can be done with the Automatic Update feature in Windows and MacIntosh operating systems. Once an operating system ceases to be supported by the developer you should look at upgrading the operating system. This will likely mean that you will have to upgrade or replace your computer as well. 6. Network Security. i) Firewall. A firewall is a software or firmware program that prevents packets of information from being sent between your network and an unauthorized user or site. It prevents unauthorized outside users from receiving packets from your system and it prevents your system from receiving packets from unauthorized outsiders. It is an essential tool for network security. In order to connect to the internet your network must use a router. A router is a hardware device that handles network traffic between your local area network (your office computers) and a wide area network (the one your internet service provider - eg. Sasktel - is connected to) so you can access the internet. Built into the router is a firewall. This is the most efficient and effective place to eliminate unauthorized network traffic: the router knows the IP addresses of your computer and the computers with which your office computers are communicating. It is highly recommended that you do not turn this firewall off. Your computer operating system also has the ability to act as a firewall but use of this firewall together with your router firewall can cause technical headaches and limit legitimate access within your office. Unless you need to secure someone s computer from access within the firm, the firewall on the router should be adequate.

8 8 ii) Wireless Security Encryption. Wireless access can be very useful within your office, particularly if you have portable computers. This can be easily accomplished with a wireless router or access point. However, wireless access also adds to your network s vulnerability. Be sure to use secured encryption. WEP 128 bit, or WPA encryption are the standard methods and should be adequate. Be sure to write down the encryption key in the System log. With wireless access to your network, anyone in the immediate area (which could be anyone in your building) can access your network if they have the encryption key. So BE VERY CAREFUL about who obtains the key. You should not give it to clients to use while in your office. If you do, be sure to change it afterward. It is a good idea to change the encryption key periodically, in any event. iii) Remote access: With a variety of software products 3 you can access your desktop computer - and everything it can access -from anywhere in the world. When I say you I mean anyone who has the passwords that control access to your computer. So, while this can be a very useful tool, it exposes your system to a potentially huge security risk. Not only can someone with the passwords access your computer and network, but they can also do nasty things and make it appear that YOU are doing it! So, if you are going to allow remote desktop access to computers on your network, you should use only a reputable service and you must strictly control the passwords. You should never, ever, configure another computer (especially a portable computer) so that a user can access the remote desktop automatically without having to manually enter the passwords/keys. iv) Network Intrusion Detection: Some routers (eg. Cisco Systems) will keep log files of network activity. These are not terribly useful. But there are some more sophisticated programs that are available to alert you to suspicious network activity. Just Google: Network Intrusion Detection Systems or NIDS. 3 The remote desktop features of Apple or Windows operating systems provide limited access. Third party providers such as Logmein.com, gotomypc.com, are very easy to use and offer free versions of their remote access software.

9 9 v) Portable computers and USB sticks. These are very handy devices. But if your portable computer or USB stick has client data on it and it is lost or stolen, that information falls into the hands of - who knows? So at least you should password protect access to the device. All computers and some USB sticks will provide this. That just makes it difficult to access not impossible. For better security, you could have the data on the drive encrypted so that it cannot be read by anyone without the encryption key. Just make sure you write the encryption key/password down in your System log. Recovering a lost/stolen computer: There are programs and services that you can purchase that will enable you to locate your computer if it gets lost or stolen. These programs may even work in the event that the disk is erased or reformatted. Some newer Apple computers have tracking chips built into them. Google: computer tracking software. 7. Security is an essential tool for the lawyer. Clients expect you to use it. Other lawyers expect you to use it. But use poses potentially serious security risks. For office use, you should use Outlook, Outlook Express or Thunderbird or other reputable program. Be mindful of the fact that anyone who has access to your computer can access your if you store the password in the program, as most of us do. (If you are using an program on a portable computer, it is probably a good idea to not have the program automatically insert the password). Most services provide web-based access. This comes in very handy when traveling. But be very wary of using Web-Access on public computers. If you are in a hotel and you access your over the web be sure to log off and erase the browser history. Otherwise, the next user may be able to access your confidential !

10 10 As mentioned earlier, and it bears repeating: Never click a link in an or open an attachment if you are not 100% sure of its origin. If you are unsure, phone the sender to confirm. 8. Internet Security Your internet browser - eg. Internet Explorer, Firefox, Google Chrome or Safari (for Mac users) - is a potential source of infection from viruses, worms, trojans, adware and other malicious software. Make sure you have the latest up-to-date version of your browser (you can do this with automatic update from the software supplier) and make sure that you do not have any of the browser settings configured for automatic download for such things as executable files and ActiveX controls. Be sure to use an anti-virus program that provides , intrusion prevention and anti-spyware protection. 9. Conclusion Proper use of modern computer technology is essential to providing the legal services that clients expect from you. But they also expect that you will preserve important client information and protect its confidentiality. To do this you should have some understanding of the essential means of ensuring that your office systems are secure. If you follow the steps that I have set out above you will very likely meet the standard of care that can be reasonably expected of a law practitioner at least for the present. Andrew Mason October 26, 2011

7 Steps to Safer Computing

7 Steps to Safer Computing 7 Steps to Safer Computing These are the seven essentials: - Use a firewall. - Keep your software up to date. - Use an up to date antivirus program. - Use an up to date anti-spyware program. - Only download

More information

Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses.

Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses. Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses. Anthony Suda Network Manager marketing + technology 701.235.5525 888.9.sundog fax: 701.235.8941 2000

More information

Stable and Secure Network Infrastructure Benchmarks

Stable and Secure Network Infrastructure Benchmarks Last updated: March 4, 2014 Stable and Secure Network Infrastructure Benchmarks 501 Commons has developed a list of key benchmarks for maintaining a stable and secure IT Infrastructure for conducting day-to-day

More information

Open an attachment and bring down your network?

Open an attachment and bring down your network? Open an attachment and bring down your network? Many people think this will never happen to them, but virus attacks can come from unlikely sources and can strike when you least expect it. They can wreak

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Computer Security Maintenance Information and Self-Check Activities

Computer Security Maintenance Information and Self-Check Activities Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.

More information

Reliance Bank Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

High Speed Internet - User Guide. Welcome to. your world.

High Speed Internet - User Guide. Welcome to. your world. High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a

More information

Cyber Security: Beginners Guide to Firewalls

Cyber Security: Beginners Guide to Firewalls Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started

More information

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know

More information

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

When you listen to the news, you hear about many different forms of computer infection(s). The most common are: Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,

More information

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0 BCS IT User Syllabus IT for Users Level 2 Version 1.0 June 2009 ITS2.1 System Performance ITS2.1.1 Unwanted messages ITS2.1.2 Malicious ITS2.1.1.1 ITS2.1.1.2 ITS2.1.2.1 ITS2.1.2.2 ITS2.1.2.3 ITS2.1.2.4

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information

White Paper - Crypto Virus. A guide to protecting your IT

White Paper - Crypto Virus. A guide to protecting your IT White Paper - Crypto Virus A guide to protecting your IT Contents What is Crypto Virus?... 3 How to protect yourself from Crypto Virus?... 3 Antivirus or Managed Agents... 3 Enhanced Email Services & Extra

More information

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013

Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 Welcome To The L.R.F.H.S. Computer Group Wednesday 27 th November 2013 BACKUP SECURITY AND THE CLOUD BACK UP ALWAYS BACK UP TO AN EXTERNAL DEVICE OR REMOVAL MEDIA- NEVER DIRECTLY ON TO YOUR COMPUTER IF

More information

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET FACTSHEET When setting up a small business there can be many areas of uncertainty, but getting your IT or computer systems right and connected does not need to be one of them. If your company is either

More information

Chapter 8: Security Measures Test your knowledge

Chapter 8: Security Measures Test your knowledge Security Equipment Chapter 8: Security Measures Test your knowledge 1. How does biometric security differ from using password security? Biometric security is the use of human physical characteristics (such

More information

SAFEGUARDING YOUR WINDOWS COMPUTER

SAFEGUARDING YOUR WINDOWS COMPUTER SAFEGUARDING YOUR WINDOWS COMPUTER February 2011 www.cybersecurityguy.com 1 SAFEGUARDING YOUR WINDOWS COMPUTER It's important to safeguard your computer to protect your personal information against hackers

More information

Data Flow and Management in Radiation Therapy

Data Flow and Management in Radiation Therapy Data Flow and Management in Radiation Therapy Issues in Data Flow and Data Management in Radiation Oncology DICOM- an Overview with an Emphasis on Therapy - R. Siochi Issues in Data Flow Management in

More information

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household This appendix is a supplement to the Cyber Security: Getting Started Guide, a non-technical reference essential for business managers, office managers, and operations managers. This appendix is one of

More information

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers Multi-State Information Sharing and Analysis Center (MS-ISAC) U.S.

More information

Business ebanking Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special

More information

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization

More information

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Why should you be concerned? There are over 1 million known computer viruses. An unprotected computer on the

More information

Frequently Asked Questions

Frequently Asked Questions FAQs Frequently Asked Questions Connecting your Linksys router to the Internet 1 What computer operating systems does my Linksys router support? 1 Why can t I connect my computer or device to my router?

More information

Desktop and Laptop Security Policy

Desktop and Laptop Security Policy Desktop and Laptop Security Policy Appendix A Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious

More information

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know

More information

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15. NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities

More information

Small Business Backup & Recovery (File Servers, Peer-to-Peer, Laptops, Desktops)

Small Business Backup & Recovery (File Servers, Peer-to-Peer, Laptops, Desktops) Small Business Backup & Recovery (File Servers, Peer-to-Peer, Laptops, Desktops) Smart Features: Continuous Backup Anywhere Access to Backed Up Data Simple Rate Plan Secure Bank Grade Encryption Open Files

More information

TECHNICAL SECURITY AND DATA BACKUP POLICY

TECHNICAL SECURITY AND DATA BACKUP POLICY TECHNICAL SECURITY AND DATA BACKUP POLICY PURPOSE Effective technical security depends not only on technical measures, but also on appropriate policies and procedures and on good user education and training.

More information

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice Like most small business owners, you must protect your dental practice s computer

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness User IDs and Passwords Home Computer Protection Protecting your Information Firewalls Malicious Code Protection Mobile Computing Security Wireless Security Patching Possible Symptoms

More information

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 1 Introduction As small and mid-sized companies rely more heavily on their computer networks to

More information

COMPUTER-INTERNET SECURITY. How am I vulnerable?

COMPUTER-INTERNET SECURITY. How am I vulnerable? COMPUTER-INTERNET SECURITY How am I vulnerable? 1 COMPUTER-INTERNET SECURITY Virus Worm Trojan Spyware Adware Messenger Service 2 VIRUS A computer virus is a small program written to alter the way a computer

More information

Top tips for improved network security

Top tips for improved network security Top tips for improved network security Network security is beleaguered by malware, spam and security breaches. Some criminal, some malicious, some just annoying but all impeding the smooth running of a

More information

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data

Avoiding Malware in Your Dental Practice. 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice 10 Best Practices to Defend Your Data Avoiding Malware in Your Dental Practice Like most small business owners, you must protect your dental practice s computer

More information

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning Lee Zelyck Network Administrator Regina Public Library Malware, Spyware, Trojans

More information

Open Source and License Source Information

Open Source and License Source Information BlackArmor NAS 220 BlackArmor NAS 220 User Guide 2010 Seagate Technology LLC. All rights reserved. Seagate, Seagate Technology, the Wave logo, and FreeAgent are trademarks or registered trademarks of Seagate

More information

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM Internet Security Protecting Your Business Hayden Johnston & Rik Perry WYSCOM Introduction Protecting Your Network Securing Your Information Standards & Best Practices Tools & Options Into The Future Creating

More information

Information Security

Information Security Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff

More information

Introduction to Computer Security Table of Contents

Introduction to Computer Security Table of Contents Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...

More information

Use Bring-Your-Own-Device Programs Securely

Use Bring-Your-Own-Device Programs Securely Use Bring-Your-Own-Device Programs Securely By Dale Gonzalez December 2012 Bring-your-own-device (BYOD) programs, which allow employees to use their personal smartphones, tablets and laptops in and out

More information

Chapter 3 Safeguarding Your Network

Chapter 3 Safeguarding Your Network Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate

More information

Email Security. 01-15-09 Fort Mac

Email Security. 01-15-09 Fort Mac Email Security 01-15-09 Fort Mac Most Common Mistakes in Email Security Email Security 1. Using just one email account. 2. Holding onto spammed-out accounts too long. 3. Not closing the browser after logging

More information

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005 Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department

More information

MN-700 Base Station Configuration Guide

MN-700 Base Station Configuration Guide MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station

More information

Cyber Security Education & Awareness. Guide for User s

Cyber Security Education & Awareness. Guide for User s Cyber Security Education & Awareness Guide for User s Release Q1 2010 Version 1.1 CONTENTS 1. Introduction 2. Protection against Nasty Code 3. System Security Maintenance 4. Personal Firewalls 5. Wireless

More information

Cyber Security Awareness

Cyber Security Awareness Cyber Security Awareness William F. Pelgrin Chair Page 1 Introduction Information is a critical asset. Therefore, it must be protected from unauthorized modification, destruction and disclosure. This brochure

More information

Free and Legal Software You Can Download By Tom Krauser

Free and Legal Software You Can Download By Tom Krauser Free and Legal Software You Can Download By Tom Krauser Here is a list of free programs that you can download for your personal use. They are legal and free for you to install. Some may have restrictions

More information

Email and Security. U3A Radlett Computer Group Meeting 6-Oct-2014 V1.1

Email and Security. U3A Radlett Computer Group Meeting 6-Oct-2014 V1.1 Email and Security U3A Radlett Computer Group Meeting 6-Oct-2014 V1.1 Agenda Introduction Email Security Q&A Introduction Gary Harding email:- U3A@GaryHarding.com Spent more than 40 years working in the

More information

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group

10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group 10 Best Practices to Protect Your Network presented by Saalex Information Technology and Citadel Group Presented by: Michael Flavin and Stan Stahl Saalex Information Technology Overview Saalex Information

More information

Best Practices Guide to Electronic Banking

Best Practices Guide to Electronic Banking Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have

More information

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics SBA Cybersecurity for Small Businesses 1.1 Introduction Welcome to SBA s online training course: Cybersecurity for Small Businesses. SBA s Office of Entrepreneurship Education provides this self-paced

More information

Course # CPU 911! A Guide to Office Computer Security

Course # CPU 911! A Guide to Office Computer Security Course # 155 CPU 911! A Guide to Office Computer Security DISCLOSURE STATEMENT No disclosures. SECO 2012 February 29-March 4, 2012 Course Title: CPU 911! A Guide to Office Computer Security A Guide to

More information

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee Windows Server Security Best Practices Initial Document Created By: 2009 Windows Server Security Best Practices Committee Document Creation Date: August 21, 2009 Revision Revised By: 2014 Windows Server

More information

This guide will go through the common ways that a user can make their computer more secure.

This guide will go through the common ways that a user can make their computer more secure. A beginners guide in how to make a Laptop/PC more secure. This guide will go through the common ways that a user can make their computer more secure. Here are the key points covered: 1) Device Password

More information

Computer and Information Security End User Questionnaire

Computer and Information Security End User Questionnaire Computer and Information Security End User Questionnaire Human Factors Issues in Computer and Information Security Funded by the National Science Foundation: EIA-0120092 Project http://cis.engr.wisc.edu/

More information

A guide from Chiltern Business Computing Ltd

A guide from Chiltern Business Computing Ltd Backing IT Up A guide from Chiltern Business Computing Ltd Every business depends on its computer systems to some degree or other. For many, systems are vital to business survival and success. This brief

More information

Data Loss Prevention in the Enterprise

Data Loss Prevention in the Enterprise Data Loss Prevention in the Enterprise ISYM 525 Information Security Final Paper Written by Keneth R. Rhodes 12-01-09 In today s world data loss happens multiple times a day. Statistics show that there

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud

Cloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud Cloud Computing Chapter 10 Disaster Recovery and Business Continuity and the Cloud Learning Objectives Define and describe business continuity. Define and describe disaster recovery. Describe the benefits

More information

INFORMATION SECURITY PROGRAM

INFORMATION SECURITY PROGRAM Approved 1/30/15 by Dr. MaryLou Apple, President MSCC Policy No. 1:08:00:02 MSCC Gramm-Leach-Bliley INFORMATION SECURITY PROGRAM January, 2015 Version 1 Table of Contents A. Introduction Page 1 B. Security

More information

Computer and Internet Safety

Computer and Internet Safety Computer and Internet Safety In This Article A firewall blocks or permits traffic Hidden file extensions pose serious threats Keep anti-virus software and operating systems up to date Today people use

More information

Business continuity. Protecting your systems in today s world

Business continuity. Protecting your systems in today s world Business continuity Protecting your systems in today s world Introduction Lee Drake, OS-Cubed, Inc. Contact: ldrake@os-cubed.com Phone: 585-756-2444 30 years of support LOL Cat warning Warning this presentation

More information

Computer Backup Strategies

Computer Backup Strategies Computer Backup Strategies Think how much time it would take to recreate everything on your computer...if you could. Given all the threats to your data (viruses, natural disasters, computer crashes, and

More information

Information Security Policy. Policy and Procedures

Information Security Policy. Policy and Procedures Information Security Policy Policy and Procedures Issue Date February 2013 Revision Date February 2014 Responsibility/ Main Point of Contact Neil Smedley Approved by/date Associated Documents Acceptable

More information

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1 JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us

More information

Endpoint Security Management

Endpoint Security Management Endpoint Security Management LANDESK SOLUTION BRIEF Protect against security threats, malicious attacks and configuration vulnerabilities through strong endpoint security control and maintenance. Protect

More information

High Speed Internet - User Guide. Welcome to. your world.

High Speed Internet - User Guide. Welcome to. your world. High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a great

More information

Norton Personal Firewall for Macintosh

Norton Personal Firewall for Macintosh Norton Personal Firewall for Macintosh Evaluation Guide Firewall Protection for Client Computers Corporate firewalls, while providing an excellent level of security, are not always enough protection for

More information

Introduction to Computing @ WSU

Introduction to Computing @ WSU Introduction to Computing @ WSU Table of Contents 1 - Information Technology (IT) Security... 2 Information to Remember... 2 2 - Malware... 2 Information to Remember... 3 3 - Firewalls... 3 Information

More information

Countermeasures against Spyware

Countermeasures against Spyware (2) Countermeasures against Spyware Are you sure your computer is not infected with Spyware? Information-technology Promotion Agency IT Security Center http://www.ipa.go.jp/security/ 1. What is a Spyware?

More information

PC Security and Maintenance

PC Security and Maintenance PC Security and Maintenance by IMRAN GHANI PC Maintenance and Security-Forecast. Major sources of danger. Important steps to protect your PC. PC Security Tools. PC Maintenance Tools. Tips. PC Security-

More information

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS? What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software

More information

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS $ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security

More information

Kaspersky Endpoint Security 10 for Windows. Deployment guide

Kaspersky Endpoint Security 10 for Windows. Deployment guide Kaspersky Endpoint Security 10 for Windows Deployment guide Introduction Typical Corporate Network Network servers Internet Gateway Workstations Mail servers Portable media Malware Intrusion Routes Viruses

More information

Cloud Backup and Recovery for Endpoint Devices

Cloud Backup and Recovery for Endpoint Devices Cloud Backup and Recovery for Endpoint Devices Executive Summary Armed with their own devices and faster wireless speeds, your employees are looking to access corporate data on the move. They are creating,

More information

Key Steps to a Secure Remote Workforce

Key Steps to a Secure Remote Workforce Key Steps to a Secure Remote Workforce Telecommuting benefits the employee and the company, the community and the environment. With the right security measures in place, there s no need to delay in creating

More information

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work How Firewalls Work By: Jeff Tyson If you have been using the internet for any length of time, and especially if

More information

The Essential Guide for Protecting Your Legal Practice From IT Downtime

The Essential Guide for Protecting Your Legal Practice From IT Downtime The Essential Guide for Protecting Your Legal Practice From IT Downtime www.axcient.com Introduction: Technology in the Legal Practice In the professional services industry, the key deliverable of a project

More information

Austin Peay State University

Austin Peay State University 1 Austin Peay State University Identity Theft Operating Standards (APSUITOS) I. PROGRAM ADOPTION Austin Peay State University establishes Identity Theft Operating Standards pursuant to the Federal Trade

More information

2. PMP New Computer Installation. & Networking Instructions

2. PMP New Computer Installation. & Networking Instructions ONTARIO CHIROPRACTIC ASSOCIATION PATIENT MANAGEMENT PROGRAM PUTTING EXPERIENCE INTO PRACTICE PMP New Computer Installation & Networking Instructions This document provides installation instructions for

More information

Sophos Anti-Virus for Mac OS X: Home Edition Help

Sophos Anti-Virus for Mac OS X: Home Edition Help Sophos Anti-Virus for Mac OS X: Home Edition Help For standalone Macs running Mac OS X Product version: 9C Document date: June 2013 Sophos TOC 3 Contents About Sophos Anti-Virus...5 About the Scans window...5

More information

SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM BUSINESSES

SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM BUSINESSES SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM BUSINESSES What does an SMB need? A successful business works on the basis of revenue growth and loss prevention. Small and medium-sized businesses are particularly

More information

Malware & Botnets. Botnets

Malware & Botnets. Botnets - 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online

More information

Online Banking Customer Awareness and Education Program

Online Banking Customer Awareness and Education Program Online Banking Customer Awareness and Education Program Electronic Fund Transfers: Your Rights and Responsibilities (Regulation E Disclosure) Indicated below are types of Electronic Fund Transfers we are

More information

Safe Practices for Online Banking

Safe Practices for Online Banking November 2012 Follow these guidelines to help protect your information while banking online. At First Entertainment Credit Union, our goal is to provide you with the best all around banking experience.

More information

Sophos Anti-Virus for Mac OS X Help

Sophos Anti-Virus for Mac OS X Help Sophos Anti-Virus for Mac OS X Help For networked and standalone Macs running Mac OS X Product version: 9 Document date: June 2013 Sophos TOC 3 Contents About Sophos Anti-Virus...5 About the Scans window...5

More information

Boston University Security Awareness. What you need to know to keep information safe and secure

Boston University Security Awareness. What you need to know to keep information safe and secure What you need to know to keep information safe and secure Introduction Welcome to Boston University s Security Awareness training. Depending on your reading speed, this presentation will take approximately

More information

Countering and reducing ICT security risks 1. Physical and environmental risks

Countering and reducing ICT security risks 1. Physical and environmental risks Countering and reducing ICT security risks 1. Physical and environmental risks 1. Physical and environmental risks Theft of equipment from staff areas and Theft of equipment from public areas Theft of

More information

Protect your personal data while engaging in IT related activities

Protect your personal data while engaging in IT related activities Protect your personal data while engaging in IT related activities Personal Data (Privacy) Ordinance Six Data Protection Principles Principle 1 purpose and manner of collection of personal data Collection

More information

Information Security Guide for Students

Information Security Guide for Students Information Security Guide for Students August 2009 Contents The purpose of information security and data protection...1 Access rights and passwords...2 Internet and e-mail...3 Privacy protection...5 University

More information

BE SAFE ONLINE: Lesson Plan

BE SAFE ONLINE: Lesson Plan BE SAFE ONLINE: Lesson Plan Overview Danger lurks online. Web access, social media, computers, tablets and smart phones expose users to the possibility of fraud and identity theft. Learn the steps to take

More information

Preparing Your Personal Computer to Connect to the VPN

Preparing Your Personal Computer to Connect to the VPN Preparing Your Personal Computer to Connect to the VPN (Protecting Your Personal Computer Running Windows) Using the VPN to connect your computer to the campus network is the same as bringing your computer

More information

Tk20 Network Infrastructure

Tk20 Network Infrastructure Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...

More information

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against

More information

Best Practices for DanPac Express Cyber Security

Best Practices for DanPac Express Cyber Security March 2015 - Page 1 Best Practices for This whitepaper describes best practices that will help you maintain a cyber-secure DanPac Express system. www.daniel.com March 2015 - Page 2 Table of Content 1 Introduction

More information