Protect Yourself from Cyber Risks

Transcription

1 Protect Yourself from Cyber Risks 2012 SEAS Cybersecurity Awareness Day 10/17/12 Jay Carter, CISSP CISA

2 Agenda Overview Notable Targets of Hackers What You Can Do to Protect Yourself Identity Theft Questions 2

3 Overview The intent of this presentation is to raise your awareness to the continuous cybersecurity risks we all face daily in our personal lives, and to discuss what you can do to reduce your level of risk. This information is for personal consideration only, and must not be applied to University owned computers. The events discussed in this presentation were reported publically, and links to the sources are provided. No application mentioned in this presentation is endorsed by Harvard, nor used in the University s Information Security Program. 3

4 Torn from the Headlines How Apple and Amazon Security Flaws Led to My Epic Hacking (08/06/12) Million Passwords Reportedly Stolen From LinkedIn Website (06/06/12) - Dropbox gets hacked... Again (08/01/12) - 4

5 Torn from the Headlines Anonymous Claims To Have Hacked Facebook s Website (06/01/12) - Like LinkedIn, eharmony is hacked; 1.5 million passwords stolen (06/06/12) - itunes Hack: Users Report Unauthorized Charges On Accounts (02/10/12) - 5

6 There is Hope 6

7 Defense in Depth - Network Enable the firewall native to your Operating System - Windows-Firewall-settings - Test your firewall - (Windows only) Wi-Fi Security - Best security practices Tips.htm 7

8 Defense in Depth - OS Install antivirus software, good free choices: Patch your computer to most current level Enable Automatic Updates - Windows-automatic-updating - Operating System and software patch scanner

9 Defense in Depth - Browser Consider using Chrome as your browser - orses_chrome_as_most_secure_browser Security browser extensions

10 Protect Yourself Multi-factor Authentication something you know AND something you have - Gmail 2-step verification - Yahoo! second sign-in verification - PayPal Security Key ey-outside&bn_r=o - Facebook Login Approvals - Dropbox two-step verification 10

11 Protect Yourself Password Manager/Safe DON T SAVE VIA BROWSER - LastPass - KeePass Google Alerts for your personal information - Review your Credit Reports - All purpose security resources

12 Protect Yourself Encrypt your hard disk - Windows BitLocker US/windows7/products/features/bitlocker - Mac OS X FileVault or - TruCrypt Backup your hard disk - Backup both locally AND online Windows US/windows7/products/features/backup-and-restore Mac OS X Commodo Backup (Windows) SugarSync MozyHome 12

13 Protect Yourself Securely erase your hard disk - UCSD Center for Recording Magnetic Research - Darik s Boot And Nuke (DBAN) Encrypt containing your sensitive data - Hushmail Mobile Device Security - Android - ios - Windows Phone 13

14 When It All Goes Wrong If you become a victim of identity theft - Federal Trade Commission - United States Postal Service es/mailtheft/identitytheft.aspx - FBI - Massachusetts 14

15 Questions?