Protecting against identity theft and improving computer security - PowerPoint PPT Presentation

1 / 18
About This Presentation
Title:

Protecting against identity theft and improving computer security

Description:

Comprehensive maintenance and repair services. Complete maintenance records and history ... 24 to 48 hour quick delivery available ... – PowerPoint PPT presentation

Number of Views:29
Avg rating:3.0/5.0

less

Transcript and Presenter's Notes

Title: Protecting against identity theft and improving computer security


1
Protecting against identity theft and improving
computer security
  • Presented by Blake Penn, CISSP
  • Information Security Officer
  • University of Wisconsin-Whitewater
  • pennb_at_uww.edu

2
Information Security Related Issues
  • Identity Theft
  • Phishing
  • Viruses/Spyware
  • Bots and Zombies
  • Key Loggers
  • File Sharing/Peer to Peer
  • Network Sniffing

3
Identity Theft
  • Over 155,000,000 personal records compromised
    since early 2005.
  • http//www.privacyrights.org/ar/ChronDataBreaches.
    htm
  • Ex TJX Companies experienced theft of 45,700,000
    credit and debit card account numbers.
  • I shop at Marshalls and had to cut up my credit
    card!

4
Identity Theft What can you do?
  • Be careful to whom you disclose your financial
    and identity data.
  • Check your credit reports at least annually.
  • Shred any documents containing financial or
    identity information before disposal.

5
Phishing
  • Emails asking you to click on a link to
    fix/verify your financial account information.
  • DONT click on links sent in email messages if
    you must, open a browser window and type in the
    address manually.
  • Delete unsolicited emails dont open and read
    these!

6
Viruses and Spyware
  • Make sure you are running anti-virus and
    anti-spyware and keep your definitions up to
    date.
  • Dont install un-approved and unknown programs
    (especially those found on the Web).
  • Run your computer as a regular user instead of as
    an administrator-level account.

7
Bots and Zombies
  • Compromised computers become part of a
    command-and-control network.
  • These bots respond to the control of a hacker,
    usually involving sending out SPAM or attacking
    other computers.
  • Can adversely affect performance of your computer.

8
Key loggers
  • Malicious programs that record every keystroke on
    your system.
  • Can be used to gather sensitive information
    particularly usernames and passwords.

9
File Sharing/Peer to Peer
  • Most peer to peer (P2P) file sharing is of
    questionable legality.
  • Most P2P programs give other users access to your
    computer.
  • Content owners and associations are stepping up
    their effort to find offenders and sue them.
  • Dont use P2P programs use legitimate
    alternatives such as Apples iTunes store.

10
Network Sniffing
  • Spying on the network by watching network
    packets.
  • Sniffers can read all unencrypted data going over
    the wire!
  • Email and http are NOT encrypted those sniffing
    the network can read email and web information.
  • Use secure protocols (such as https) in order to
    prevent unauthorized disclosure dont use http,
    email, telnet and ftp when dealing with sensitive
    information.

11
Solutions
  • Dont run your computer as an administrator log
    in as a regular user instead.
  • Use a strong password and change it periodically
    never share your password with others.
  • Dont install unknown programs.

12
Solutions
  • Dont click on unknown emailed links or
    attachments.
  • Use and update your anti-virus/spyware software.
  • Use a desktop or network firewall to protect your
    computer.

13
Solutions
  • Apply security patches regularly set your
    computer to do this automatically.
  • Back up any sensitive or important information
    kept on your computer.
  • Dont send sensitive information over
    un-encrypted channels.

14
Problems at Work
  • Do you or those in your unit deal with sensitive
    information?
  • Are you affording this information the same level
    of protection that you give your own personal and
    financial data?
  • Have you ever shared your Net-ID password with
    anyone?

15
Problems at Work
  • Have you clicked on emailed links (Phishing) at
    work?
  • Have you installed any programs on your computer
    that you have downloaded from the Internet?
  • Have you sent sensitive information via email or
    over unencrypted http?

16
What can I do?
  • If you have any security questions call the
    Computer Helpdesk (x4357) immediately!
  • Follow university security and network policies.
  • Remember that YOU are responsible for the data
    under your custodianship treat it like you
    would your own personal/financial data.
  • Help others by educating them to their
    responsibilities in keeping university safe.

17
Questions?
  • Any questions?
  • Email me for copies of the presentation
    pennb_at_uww.edu

18
Links
  • www.privacyrights.org
  • www.annualcreditreport.com
  • www.donotcall.gov
Write a Comment
User Comments (0)
About PowerShow.com