OUR DIOCESAN ENCOUNTER WITH CYBER THEFT. Roni Argetsinger Diocese of Des Moines FACTS AND INVESTIGATION

Transcription

1 OUR DIOCESAN ENCOUNTER WITH CYBER THEFT Roni Argetsinger Diocese of Des Moines FACTS AND INVESTIGATION 1

2 RETRIEVAL PROCESS CHANGE 2

3 PROCESSES IMMEDIATELY AFFECTED Update Server Administrator Passwords Stop all Internet Banking activity Require Dual Signors for financial transfers of money Close all affected accounts, checking and money market Two written authorizations required for ANY disbursement $2500 or above. Including transfers between our own bank accounts Stop all Overdraft Protection Complete new Signature Cards Turn off VPN Access for Finance staff with bank account access Rent Laptops for Finance Staff for interim (to replace ones taken by the FBI) Configure Laptops & Workstations with No Local Administrative Access Secure Microsoft Exchange Web Access Purchase & Implement Security Certificate Secure FTP Server Implement Web Filtering software Implement Dual Authorization for VPN Access (Token) 3

4 Require install of Diocesan owned Antivirus/Antispyware/Firewall application on remote computer for any VPN access Implement Dual Authorization for all online bank account access (FOB) Utilize Finance Laptop for online banking ONLY no other access including internet or Store Finance Laptop in a secure location Adapt Finance Laptop with Biometric Access SPECULATION 4

5 IN THE END LOOKING BACK 5

6 Confirm security on any outside access to the network Do not allow any online banking unless it is completed on a designated organization owned computer/laptop Be sure to have appropriate online banking checks & balances in place A A single person in complete control of those processes is not appropriate Continuously educate users of risky online behavior Have a good, close relationship with the bank Have an outside party look at Business Processes & Procedures Establish clear policies and controls for staff working from home No online banking from a home or remote computer Make your organization very aware of what Best Practices are in both Accounting & Technology It is not okay to say Well, that s s how we ve always done it. Or We have to do it this way because I frequently and consistently have to work from home. You are doing your organization a favor by pointing out those processes that do not have Checks & Balances regarding security that is questionable. 6

7 Remind other users in your organization over and over and over again about general, every day Best Practices, such as: Do not open unexpected attachments Filter known bad websites and educate users why Do not click on links in an message Recognize oddities and report them User Education is a key Criminals in general pick the lowest hanging fruit. If we have several layers of defense, it is harder for them to pick us! INFORMATION SYSTEMS SECURITY GUIDELINES 7

8 PERSONAL COMPUTER (PC) SECURITY Firewall Antivirus Antispyware Spam Filters Backups Updates User Access Rights PERSONAL COMPUTER (PC) SECURITY Hibernate/Screen Saver/Password Protect Passwords Executable (.exe) files Employee Security Training Computer Usage & Internet Usage Policies Electronic File Destruction & Archiving Policy Third Party Contracts/Vendors 8

9 Phishing Attachments Links Encryption SECURITY 9

10 10

11 11

12 Fraudulent Examples Change Notification Trouble Logging Into Account Periodic Account Review MOBILE DEVICES Laptops Hard Drive Encyrption Cell Phones/Smart Phones I-Pads USB s/flash Drives/External Hard Drives 12

13 INTERNET USAGE SOCIAL NETWORKING SITES Computer Usage Policy Internet Usage Policy Web Filters Re-Directing Pop-Ups Downloads Drive by Downloads Online Forms 13

14 14

15 15

16 16

17 INTERNET USAGE SOCIAL NETWORKING SITES Log Off/Close Browser/Shut Down Cookies & Temporary Internet Files Online Banking Security Social Networking Sites Virtual Private Network (VPN) Access PCI COMPLIANCE Policy Payment Card Industry Data Security Standards Adherence Testing/Proving 17

18 RESOURCES RESOURCES Norton Antivirus: us.norton.com/ McAfee Antivirus: Kaspersky Antivirus: usa.kaspersky.com/ Microsoft Security Essentials: us/security_essentials/default.aspx Zone Alarm Firewall: us/zonealarm- pro-firewall firewall-anti-spyware.htm Privatefirewall Firewall: Fortinet Firewall: Comodo Firewall: personalfirewall.comodo.com/ Spybot Search & Destroy AntiSpyware: spybot.searchdestroynow.com/ Spyware Doctor Antispyware: KeePass Password Safe management tool: keepass.info/ LastPass password management tool: lastpass.com/ 1Password password management tool: WipeDrive hard drive eraser: erase- hard-drive.php drive.php HardDriveEraser: TrueCrypt Encryption: Encryption Shield Encryption: Shield.shtml Safe Guard Easy Encryption: us/products/encryption/safeguard-easy.aspx easy.aspx Spam Assassin Filter: spamassassin.apache.org/ Appriver Filter: Barracuda Web Filters: K9Web Protection Web Filters: Net Nanny Web Filters:

19 RESOURCES Microsoft Updates Site: ln=en-us Adobe Product Updates Site: PCI Security Standards Council Site: Catholic Mutual Group Site: /InternetC ybersecurity.aspx User Name: 0084des Password: service Diocese of Des Moines Computer Usage Policy: omputer %20Usage%20Security%20Policy%20Acknowledgement% pdf 10.pdf Diocese of Des Moines Social Networking Policy: ocial%20 networking%20policy.pdf United States Conference of Catholic Bishops: 19