Chris Schroeder, vice president of information security with Lowe's Companies, Inc., presents tips and advice on protecting your personal information online as part of the Project Ignite series of forums.
2. Welcome!
Chris Schroeder, CISM,
Loweโs Companies, Inc.
Ken Robey, CISSP
Security in Focus, Inc.
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 2
4. a
Learn how to protect your personal data wherever you go.
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 4
5. Todayโs Roadmap to Protecting Your Data
โ Avoid โscammersโ
โ Learn wireless network basics
โ Picking passwords
๏ Creation
๏ Protection
โ Backing up your data
โ Q&A
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 5
6. 6 Rules to Avoid Scammers
1. Donโt share personal info with anyone who calls you to ask for it.
2. Donโt share passwords.
3. Treat unexpected emails suspiciously.
4. Donโt respond to company emails requesting personal info.
5. Confirm the identity of anyone asking for personal info.
6. ALWAYS follow the correct procedure; donโt make exceptions.
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 6
7. Wireless Network Basics
4 Ways to Protect
Yourself from Network
Attackers 4
1 Enabling
Renaming your password
default SSID protection
2 3
Preventing SSID Using
broadcasting encryption
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 7
8. 1
Wireless Network Basics
Renaming your
default SSID
โข By default, the wireless access pointโs SSID will typically
be some form of a the manufacturerโs name example,
Linksys wireless access points have SSIDs of โLinksysโ.
โข Renaming the default SSID is the first step to hardening a
wireless network from attacks.
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 8
9. 2 Wireless Network Basics
Preventing SSID
broadcasting
โ Turn off SSID broadcasting on your wireless access point
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 9
10. Wireless Network Basics
3
Using
encryption
โข Utilizing encryption ensures that someone cannot start a
network analyzer and easily view all of the data you have
transmitted to and/or received from the wireless access
point.
โข Common wireless security specifications include, from
weakest to strongest:
โข WEP (Bad)
โข WPA (Better)
โข WPA2 (Best)
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 10
11. 4 Wireless Network Basics
Enabling
password
protection
โข By default, wireless access points do not require a
password; the default to published admin password.
Leaving your network open allows for unauthorized access.
โข Secure your network by requiring a password and changing
the default administrative password.
**Password Hint**
The longer and more complex the hard to crack.
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 11
12. Creating and Protecting Passwords
Do Your โ While servers tend to have passwords
on accounts, did you know that most
Passwords workstations do not?
Pass the โ We all believe our systems have
passwords โ have you ever checked
Test? every system?
โ Do you have strong passwords?
โ Do you know what is a strong
password?
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 12
13. Passing the Password Test
Length Characters Alpha
The longer the Numeric
better Casing
Special
Example: Alpha, Numeric and Casing (16 Characters Long)
โPassw0rdPassw0rdโ
47,672,401,706,823,533,450,263,330,816 (47 octillion combinations)
53,493,822,905,617 53 trillion years to crack
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 13
14. Password Protection
โข Use a Password Safe to
securely store your
passwords
โข LastPass.com
โข Passwordsafe.sourceforge.net
โข Keypass.info
โข Do not use the same
password on every
site/system
โข If one is compromised, so are
the others
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 14
15. What is Your Backup Plan?
Sooner or later, you You MUST backup
will lose your data your data
Hard-drive will crash
Back up regularly
Computer gets stolen
Back up on-site
Building burns down
Back up off-site
Phone lost/stolen
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 15
16. Backups
โข Ensure the backups are encrypted
โข Use a cloud based backup for off-site, $5.00/month
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 16
17. Protecting Your Personal Data on the Street
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 17
18. Protecting Your Personal Data
Whatโs wrong with
this ATM?
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 18
19. Protecting Your Personal Data
A card reader is placed
over the original!
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 19
20. Protecting Your Personal Data
Anything wrong here?
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 20
21. Protecting Your Personal Data
The pamphlet holder
has a camera!
NPower Charlotte Region | Proprietary and Confidential | Not for Distribution 21