+GAMES. Information Security Advisor. Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains

Transcription

1 Information Security Advisor December 2015 Be a Human Firewall! The Human Firewall' s Top Concerns in the Cyber, People & Physical Domains +GAMES Spot the insider & Human firewall Filtering EXerCISE Good security comes from timely response. Report security incidents immediately!

2 WHAT IS A HUMAN FIREWALL? A human firewall uses street smarts, common sense and situational security awareness to do the same things physical and digital firewalls do keep good things in and bad things out. YOU act as a bidirectional control agent for what comes into and goes out of both the company networks and your personal home networks. YOU help keep company data confidential and secure. YOU help protect against internal and external threats. YOU know what to do in the case of a potential security incident. You, the human firewall, have many responsibilities. You know that threats are everywhere and you must be alert at all times. You also know that threats to our security are constantly changing. We must all maintain constant vigilance and stay aware of the latest tricks that criminals and others use to harm us, our networks, our clients or our reputation. You don t need to be a technical expert to be security aware, you just need to know how and when to call one. Being a strong human firewall is all about using common sense, making good decisions and asking for clarification whenever you are in doubt! BUT HOW DO FIREWALLS WORK? A firewall for your computer or network is just like a firewall in a building a wall that keeps a potential fire from spreading to other areas. In a computer or network, it prevents destructive, hostile or malformed packets, data and programs from crossing and potentially spreading beyond the cyberbarrier. Firewalls also allow companies to control how their networks are being used. Data packets from a network attempt to pass through a firewall. INTERNET There are two types of firewalls: HARDWARE and SOFTWARE. Both types of firewalls work the same way. SOFTWARE FIREWALLS are programs that can be installed on computers, devices or servers. Software firewalls are the best option for most home computers and networks. A good security practice is to install firewall software on every computer or device, even if it is protected by a hardware firewall. HARDWARE FIREWALLS are special network boxes that can hide a company s network from the outside world. It is becoming more popular to isolate resources using intranet, or next generation firewalls, too. This type of firewall is used by small or large enterprises and is managed either internally or by a third party security service. However, many routers for the home also contain some type of simple firewall hardware. SOFTWARE FIREWALL Data packets are analyzed then compared to a set of criteria or filters. If the data is deemed acceptable, it is allowed to continue on to its destination. HARDWARE FIREWALL FireStopper 4000 If the data or programs are deemed to be potentially hostile or damaging, they are discarded. The data is compared to another set of criteria when it reaches the software firewall. Only data that meets the criteria is allowed to pass. Human firewalls function the same way you filter out the bad and only let in the approved.

3 THE HUMAN FIREWALL S TOP SECURITY CONCERNS IN THE CYBER DOMAIN PHISHING: In addition to conventional widespread phishing, the human firewall knows about two specific kinds of targeted attacks. Whale phishing attacks target high profile individuals within organizations. Spear phishing attacks target specific organizations and all of the people who work there. MALWARE: Malware isn t just viruses, and it s not just something you can get on your desktop PC. Mobile malware has exploded; in the first quarter of 2015, Kaspersky Lab saw 3.3 times as many new mobile malware than it did in the final quarter of Check out the link below for a cool infographic about the history of malware. WEBMAIL: Are you clear about work webmail policies and what you are permitted to send out from company networks? If not, ask. SOCIAL NETWORKING: On social networking sites and forums, be exceedingly careful what you say about any aspect of your professional life. PASSWORDS: How confident are you that your passwords are strong and unhackable? Do you use a password manager at home? When was the last time you updated your passwords? Do each of your online accounts have a unique login? DATA CLASSIFICATION: How do you classify data at home? Do you know your data classification responsibilities at work? Do your family members know what data is acceptable to post in public? SECURITY SOFTWARE & CONTROLS: At work, never, ever attempt to bypass any security controls or change any software on your devices. At home, make sure you use anti-virus and antimalware software and keep it updated! POLICY: It is imperative to know and always follow policy at work regarding , social media, passwords, data classification and software installation. If you are ever unsure about anything, be sure to ask ASAP! THE HUMAN FIREWALL S GUIDE TO DATA CLASSIFICATION BORDER CONTROL & FIREWALLS One way to understand firewalls is to look at the border controls between countries. Border controls are designed to monitor, inspect and limit what you are removing from the country such as antiquities and cash and operate in two directions. Countries want to know who is coming in or out, what they are carrying with them and what their intentions are. Often, border control agents have lists of items and people that are not allowed to leave or enter. Their job is to monitor for these items or individuals and prevent them from passing through the borders. It s the same with computer and network-based firewalls. The firewall acts like a border control agent. It checks the data wanting to enter a network for proper credentials, it scans items for potential contraband and then either detains the data or lets it pass through to its destination. Like border control agencies, firewalls can prevent data from leaving a network as well. Whether at work or at home, there are essentially two types of data: at the highest level, data that can be made public and data that requires secrecy and privacy. The key to being a great human firewall is knowing which category data falls into, and where and how to store it. Common sense is the best approach to determining what you should do with each piece of data. Should I post my SSN on Facebook? Common sense would say no. To be a human firewall at home, you can make your own Data Classification Policies. You get to determine what data you keep private, and what data you make public. You decide where and how to store and backup your data. You should note that some data is automatically public. Do a public search online to see what data you can find about yourself. At work you should always follow company policy. If you see misplaced data, be it physical or digital, report it. If you don t know where to store or what to do with specific data, ASK! You, the human firewall, have control of the data you put out into the world.

4 The Human Firewall s TOP SECURITY CONCERNS in the People Domain Human Error According to researchers, human error and failure to follow policy are the two most common causes of data loss, accounting for roughly three quarters of all security incidents. The Insider Threat We must be aware that all insiders pose a potential threat: unintentional errors or omissions as well as intentional hostile acts can all cause the same amount of damage to an organization. Malicious insiders can be motivated by anger, revenge, monetary gain, etc. Social Engineering Remember, social engineering comes in many forms and a social engineer can look like anyone. We must all be alert to scams and con artists trying to get us to reveal sensitive information or give them access to restricted areas. Read more in this article: Think Before You Click This might sound like something that belongs in the cyber domain but who s doing the clicking? You are! You are your organization s greatest defense against phishing scams, malware, advanced persistent threats and criminal hackers. Common Sense Always remember to think like a human firewall - because you are responsible for any action taken with your user ID. We call it situational awareness or street smarts. Policy Stay up to date on policy at work so you know what to do if you suspect someone isn t who they say they are. Read More Here 5 TRAITS OF A SECURITY AWARE EMPLOYEE SPOT THE INSIDER Here are four different people who work for an unnamed tech organization. Read each of their comments and determine who you think could be an inside threat to the organization. GABRIELLA Hey, what s the passcode to the supply closet? I need to get another box of file folders. KADEN Check out this 64 GB thumb drive I found! Let s go to my office and see what s on it! CLAUDIA I can t believe Shelly beat me out for that promotion! I ve been here way longer than she has. RAYMOND Phew, so glad Rachel let me walk in the side door with her! I didn t want to have to drive all the way home for my badge. Answers on next page >>>

5 THE HUMAN FIREWALL S TOP SECURITY CONCERNS IN THE PHYSICAL DOMAIN CLEAN DESK Keep your work area neat, especially when handling data of different sensitivities. POLICY Always be sure to follow policy, even if it seems like extra work. Policies are in place to protect data and the networks, and it is your job to respect and follow that policy no matter what. DISASTERS At home, make sure your family has a disaster recovery plan. What would happen if your house got flooded or robbed? Are all of your important family documents backed up somewhere? At work, ask about disaster recovery and make sure you know what the backup plans are! SHRED At home, be sure to shred documents containing personal info before disposing. At work, ask about company shredding policy. LOCK SCREEN USB STICKS Never stick an unknown USB stick or external drive into your machine. These devices can be infected with malware set to auto-run. HARD COPIES Always check and double check that you have not left any documents in public areas, printers, copy or fax machines or conference rooms. Be sure to not only set a lock screen with a passphrase or PIN on your mobile device, but to also lock your workstation every time you leave your desk! Human Firewall Filtering Exercise WAYFINDER CORPORAT BADGES Do you know your organization s badge policy? TMI Don t talk loudly in public when discussing sensitive or confidential information. Always be aware of who can be listening. Sometimes the decisions human firewalls must make are easy, like deleting an obvious phishing or always following policy. But sometimes the decisions are more complex, like, Should I question that unfamiliar person entering the building without a badge? or Who do I give this unmarked USB drive to? Remember, when you are in doubt, always ask an admin or manager. A good human firewall recognizes potential security incidents and always reports them to the proper individuals. Take a look at the wall to the right and decide: Should these things be filtered in or out? A. from the boss. B. from the IRS claiming you owe $7,500 in back taxes. C. from boss with misspellings and weird links. D. Colleague wearing a badge. E. Someone talking loudly on cell phone about company information. F. A mobile phone with a PIN code lock screen. G. Delivery man without identification. H. A zip file labeled zwd459h24.zip sent to you by a name that sounds vaguely familiar. I. from a colleague with a zip file labeled PresentationForMeeting.zip. J. Unmarked USB you found in the break room. K. This password: i@m$3cure@w0rk! L. Colleague who regularly ignores policy. M. This password: admin123. N. A friend request from someone you met at a conference. O. A shredder. P. A piece of paper on your colleague s desk with all of his passwords. Q. A friend request from someone in another country whose name you don t know. SPOT THE INSIDER: Trick question! ALL of these people could be threats to the organization. Whether it s tailgating, unknown USBs, asking for restricted access or an insider gone bad, we must always be on the look out for potential threats in the human domain! HUMAN FIREWALL FILTERING EXERCISE: Filter In - A, D, F, I, K, N, O. Filter Out - B, C, E, G, H, J, L, M, P, Q.