Introduction to Computer Security

Similar documents
Computer Security Self-Test: Questions & Scenarios

For All HIPAA Workforce Members Revised April 2013

National Cyber Security Month 2015: Daily Security Awareness Tips

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Information Security

PROTECT YOUR COMPUTER AND YOUR PRIVACY!

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY

NC DPH: Computer Security Basic Awareness Training

Network and Workstation Acceptable Use Policy

NATIONAL CYBER SECURITY AWARENESS MONTH

Don t Fall Victim to Cybercrime:

Malware & Botnets. Botnets

High Speed Internet - User Guide. Welcome to. your world.

Information Technology Acceptable Use Policy

STOP. THINK. CONNECT. Online Safety Quiz

Initial Cyber Security Briefing

Protecting your business from fraud

C-SAVE. Scenario #1 Jake and the Bad Virus. The two major C3 concepts this scenario illustrates are:

Infocomm Sec rity is incomplete without U Be aware,

10 Quick Tips to Mobile Security

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

FIRBANK GRAMMAR SCHOOL

Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Working Practices for Protecting Electronic Information

HFS DATA SECURITY TRAINING

Responsible Access and Use of Information Technology Resources and Services Policy

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Frequently Asked Questions

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Learn to protect yourself from Identity Theft. First National Bank can help.

ABERDARE COMMUNITY SCHOOL

The Internet and 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

INFORMATION SECURITY PROGRAM

Security & SMEs. An Introduction by Jan Gessin. Introduction to the problem

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

CBI s Corporate Internet Banking Inquiry Services gives you the ability to view account details and transactions anytime, anywhere.

Information Security It s Everyone s Responsibility

HIPAA Security Training Manual

Protecting Yourself from Identity Theft

7 PRACTICES FOR SAFER COMPUTING

Delaware State University Policy

Responsible Administrative Unit: Computing, Communications & Information Technologies. Information Technology Appropriate Use Policy

COMPUTER USE POLICY. 1.0 Purpose and Summary

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

STOP THINK CLICK Seven Practices for Safer Computing

WORTHING COLLEGE STUDENT IT SECURITY POLICY. October 2014

FTC Fact Sheet Identify Yourself

Caldwell Community College and Technical Institute

Small businesses: What you need to know about cyber security

THE OPEN UNIVERSITY OF TANZANIA INSTITUTE OF EDUCATIONAL AND MANAGEMENT TECHNOLOGIES. ICT security procedures for staff

Network Security and the Small Business

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

10 Smart Ideas for. Keeping Data Safe. From Hackers

'Namgis First Nation. 1.0 Overview. 2.0 Purpose. 3.0 Scope. 4.0 Policy

Network Security Policy

3 day Workshop on Cyber Security & Ethical Hacking

OVERVIEW. 1. Cyber Crime Unit organization. 2. Legal framework. 3. Identity theft modus operandi. 4. How to avoid online identity theft

Identity Theft Protection

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

Safe Practices for Online Banking

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

Cyber Security: Beginners Guide to Firewalls

Your security is our priority

Marlon R Clarke, Ph. D., CISSP, CISM Director Network Operations and Services, NSU

Cybercrimes NATIONAL CRIME PREVENTION COUNCIL

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY

Cybercrime Prevention and Awareness

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES

HIPAA: Privacy/Info Security

IA/CYBERSECURITY IS CRITICAL TO OPERATE IN CYBERSPACE

Information Security and Privacy. WHAT is to be done? HOW is it to be done? WHY is it done?

Why is a strong password important?

Information Technology Security Policies

The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015.

Transcription:

Introduction to Computer Security Rev. Sept 2015

What is Computer Security? 2

Computer Security is the protection of computing systems and the data that they store or access 3

Why is Computer Security Important? Computer Security allows the University to carry out its mission by: l Enabling people to carry out their jobs, education, and research l Supporting critical business processes l Protecting personal and sensitive information 4

Why do I need to learn about Computer Security? Isn t this just an IT Problem? 5

Good Security Standards follow the 90 / 10 Rule: l l 10% of security safeguards are technical 90% of security safeguards rely on the computer user ( YOU ) to adhere to good computing practices Example: The lock on the door is the 10%. You remembering to lock the lock, checking to see if the door is closed, ensuring others do not prop the door open, keeping control of the keys, etc. is the 90%. You need both parts for effective security. 6

What Does This Mean for Me? l This means that everyone who uses a computer or mobile device needs to understand how to keep their computer, devices and data secure. Ø Information Security is everyone s responsibility l Members of the UCSC community are also responsible for familiarizing themselves and complying with all University policies, procedures and standards relating to information security. Ø http://its.ucsc.edu/policies/ 7

SEC- -Y Objectives l Learn good computing security practices. l Incorporate these practices into your everyday routine. Encourage others to do so as well. l Report anything unusual Notify your supervisor and the ITS Support Center if you become aware of a suspected security incident. 8

The Internet can be a hazardous place: How many attacks to computers on campus do you think take place everyday? 9

l Thousands of attacks per minute bombard our campus network. l An unprotected computer can become infected or compromised within a few seconds after it is connected to the network. I just keep finding new ways to break in! 10

A compromised computer is a hazard to everyone else, too not just to you. 11

Quiz: A hacked computer can be used to (select all that apply) a) Record keystrokes and steal passwords. b) Send spam and phishing emails. c) Harvest and sell email addresses and passwords. d) Access restricted or personal information on your computer or other systems that you have access to. e) Infect other systems. f) Hide programs that launch attacks on other computers. g) Illegally distribute music, movies and software. h) Distribute child pornography. i) Generate large volumes of traffic, slowing down the entire system. See next page for answer 12

Of course, the answer is All of the above. A compromised computer can be used for all kinds of surprising things. 13

Many cyber security threats are largely avoidable. Some key steps that everyone can take include (1 of 2): l Use good, cryptic passwords that can t be easily guessed - and keep your passwords secret l Make sure your computer, devices and applications (apps) are current and up to date l Make sure your computer is protected with up-to-date anti-virus and anti-spyware software l Don t click on unknown or unsolicited links or attachments, and don t download unknown files or programs onto your computer or other devices 14

Key steps, continued (2 of 2): l Remember that information and passwords sent via standard, unencrypted wireless are especially easy for hackers to intercept Ø To help reduce the risk, look for https in the URL before you enter any sensitive information or a password (the s stands for secure ) Ø Also avoid standard, unencrypted email and unencrypted Instant Messaging (IM) if you re concerned about privacy l See ITS' Top 10 List and the other links on the training page for more. Ø Top 10 List: http://its.ucsc.edu/security/top10.html Ø Training page: http://its.ucsc.edu/security/training/index.html#cs 15

Protecting UCSC s Networks Computers posing a serious threat will be blocked or disconnected from the campus network. Passwords known to be compromised will be scrambled. From UCSC s Procedures for Blocking Network Access (http://its.ucsc.edu/policies/blockingproc.html): Campus network and security personnel must take immediate action to address any threats that may pose a serious risk to campus information system resources... If the threat is deemed serious enough, the account(s) or device(s) presenting the threat will be blocked or disconnected from network access. 16

What are the consequences for security violations? l Risk to security and integrity of personal or confidential information l e.g. identity theft, data corruption or destruction; lack of availability of critical information in an emergency, etc. l Loss of valuable business information l Loss of employee and public trust, embarrassment, bad publicity, media coverage, news reports l Costly reporting requirements in the case of a compromise of certain types of personal, financial and health information l Internal disciplinary action(s) up to and including termination of employment, as well as possible penalties, prosecution and the potential for sanctions / lawsuits 17

The different links on ITS Security Training page will: l Discuss the risks to your computer and portable devices and the data they contain l Provide guidelines and tips for avoiding common computer security risks l Suggest some practical and easy steps for keeping your information and devices safe Ø http://its.ucsc.edu/security/training/ index.html#cs 18

GETTING HELP: If you have questions, please contact the ITS Support Center: Ø Online: http://itrequest.ucsc.edu Ø Email: help@ucsc.edu Ø Phone: 831-459-HELP (4357) Ø In Person: 54 Kerr Hall, M-F, 8AM to 5PM Ø Web Page: http://its.ucsc.edu/get-help/index.html 19

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information