Basic Computer Security Part 3 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University
Welcome to Basic Computer Security Passwords vs. Passphrases Regular Backup Strategies Protecting our Children
Passwords & Social Engineering By Jimmy Kimmel
Passwords vs. Passphrases Your username and password protects confidential data Good password pointers: Don t make passwords that are easy to guess 1. Don t use passwords like god or 12345678 Pets Name Birthdate 2. Use passwords that are easy to remember If you keep forgetting your passwords they are not too helpful
Passwords vs. Passphrases 3. Make your password longer The Longer the password the harder it is for unethical attackers to use programs that can guess the passwords quickly. Use Multiple words for your password aka passphrase (see comic by xkcd):
Passwords vs. Passphrases 4. Use Different Passwords for different accounts Example: Don t use your Facebook password for your Twitter account or your work account.» If one of the passwords gets stolen, then only one account will be compromised. 5. Use a password manager such as KeePass (example) to encrypt and store multiple passwords and usernames. This stores all your passwords for you. Only open the password manager when you need it and if you think your computer is infected, don t open it. This makes it simple because you only need to remember the password to your computer and the password manager program (yes they should be different) Be sure to back it up to a safe location
Password Safe Example
Passwords vs. Passphrases 6. Never share your passwords with anyone including coworkers or friends. If anyone else knows your password it s no longer secure. 7. Do not use public computers to log into a highly sensitive network such as a: Work Computer Bank Account Or any other system that has your highly sensitive information on Since anyone can use these computers they may be infected with a Key Logger program designed to capture your key strokes 8. Only log onto systems you trust and know that is safe. 9. Change your password immediately if you mistakenly gave your password away or found out it was compromised. 10. Be careful when answering personal questions on websites like Facebook Those answers can be used for security questions and against you later they are also easy to look up.
Passwords vs. Passphrases 11. Use two factor authentication if available to you. You need more than just your password to login using two factors» Example: Setting up your phone to get a security code that you have to put in instead of the password when you login. 12. If you no longer use an account, disable or delete it.
Regular Backup Strategies Backup Strategies are important to ensuring your data is available for you to use in case of a: Computer malfunction Someone accidently deleting/altering your data For home consider using offline media USB hard drives for larger amounts of data USB thumb smaller amounts of data Utilize a 2 + 1 Data Backup Strategy Maintain two full copies of your backup on Separate devices For highly critical data store it in a separate location Stagger the backups over periods of times like 3 months This minimizes the chances of you backing up corrupted data to all devices
Common Backup Tools Time Machine for Mac Great tool to use, basically you the following to your computer: Hard drive Airport Extreme with a hard drive attached Turn on Time Machine, and let it go It even has an option to encrypt the data! https://support.apple.com/en-us/ht201250 Windows Windows Backup Easy Transfer Manually coping the files you need over to the hard drive Internet Services (aka Cloud) such as: Mozy or Carbonite may have to pay monthly fees
Protecting Our Children Security doesn t stop at us We need to protect the gift of children Three types of dangers that children will face Threats from Themselves May share too much information about themselves, passwords, social security numbers, family, phone number, email addresses, or location» May even lead to identity theft» Accounts may be compromised Employers and Universities may perform background checks on what kids have posted
Protecting Our Children Strangers Physically or emotionally may hurt our children Pretend to be someone else and build trust with our babies Friends» Exploits trust for their own purpose Bullying» Make fun of or harass by publically posting comments and humiliating our kids» Sending of harassing messages to mobile devices» Messages may be anonymous
Protecting Our Children 1. Make sure you are talking to your children about these risks Education is the best defense for you children 2. Make sure they are selective about who they talk to 3. Make sure they don t share any private information Define what is private vs. what is not Also what is appropriate vs. non appropriate to talk about 4. Make sure they are comfortable to talking to you if they are a victim of any of the threats.
Protecting Our Children 5. Have a private computer for only your children to use. Ensures they don t accidently infect your main computer that you use for online banking, etc. Put the computer in a public area you can monitor Make sure they don t have administrator rights 6. For mobile devices Consider having a centralized charging station in your bedroom Children can place the mobile devices at the charging stations before they go to bed.
Protecting Our Children 7. Establish rules for using computer related devices State: How long they can use the computer Who to report problems to What they can or can t do online Post the rules by your children's computer 8. Use Filtering or monitoring capabilities in your operating system Allows you to control what children can do online such as: What times they can access the computer What websites they may visit May prevent them from accidently accessing something inappropriate or dangerous to the computer Consider purchasing software if your operating system doesn t have it Commercial software may have more advanced features Some of these programs may have monitoring capabilities to tell you what websites they are looking at
Linux Load app called Nanny..
Default Windows Parental Controls Set specific time limits on your children's computer use. Prevent your children from playing games you don't want them to play. Keep your children from running specific programs.
Default OS X Yosemite Parental controls Specify apps a child can access Limit by age appropriate Web limit access to websites or allow unrestricted People Restrict content via game center, mail, and messages Time limits weekday, weekdays, and bedtime Hide Block profanity using the built in camera Dictation Burning CDs/DVDs Changing password Changing Printer settings
Default Parental Controls Android Have to setup a user account per each person you want to limit access to apps Will also need to password protect these settings from the kids otherwise they can change them
Default Apple Mobile Devices Need to enable restrictions Also enable password
ios Apps you can restrict Safari Camera (also disables FaceTime) FaceTime itunes Store ibooks Store In-App Purchases Siri AirDrop CarPlay (available only with iphone 5 or later) Installing apps Deleting apps
ios Content Restrictions Ratings (select the country in the ratings section to automatically apply the appropriate content ratings for that region) Music and podcasts Movies TV shows Books Apps Siri Websites If you don t use Touch ID for paid and in-app purchases, you can choose between two options for how often you need to enter your password for these purchases.
ios Privacy Setting Restrictions Location Services Contacts Calendars Reminders Photos Bluetooth sharing Microphone Twitter Facebook Advertising
ios settings and accounts & Features in Game Center Accounts (you can prevent changes to Mail, Contacts, Calendars, icloud, Twitter, Facebook, Vimeo, Flickr, itunes, App Store, imessage, and FaceTime) Background app refresh Find My Friends (available when you install the Find My Friends app) Volume limit Cellular data use (available only on cellular-enabled ios devices) Multiplayer games Adding friends
Parental Control Software Android Sample Email
Parental Control Software Android Website Sample
Sample Website Activities and Apps
Sample Website
Activities Logged and Block Control
Great Tools to limit activities! Sorry kids
Lot of packages let you try the software for free Depending on the app, they may: limit functions limits amount of kids you can monitor limits amount of devices
Then you have free apps.. K9 Web Protection Great blocking program Spyrix Free Keylogger Windows Live Family Safety Blocker not a monitor Kidlogger allows password protection Monitors keystrokes, clipboard, skype chats, usb media insertion, website URLs Naomi Filters out adult content
Parental Control Free apps vs. Paid Apps Paid applications Generally Speaking: Can include more functionality Combine multiple features from the free apps into one application Can be central managed You create a user account for your kid Then assign that account to multiple computers» Those settings follow the user account as the kid moves from device to device
The End Hope you enjoyed this presentation Passwords vs. Passphrases Regular Backup Strategies Protecting our Children
My Personal Contact Info My Web Page: www.surrealparadigm.com My Email Address: surrealparadigm@surrealparadigm.com