SlideShare ist ein Scribd-Unternehmen logo

Make Your Employees More Security Aware

Als PPTX, PDF herunterladen
PortalGuard dba PistolStar, Inc.
PortalGuard dba PistolStar, Inc.

Top 10 Ways to Make Your Employees More Security Aware

Technologie
1 von 15
Top 10 Ways to Make Your Employees More Security Aware 2:00PM EDT, Thursday August 26th, 2010 Presented By: Gregg Browinski CTO, PistolStar Inc. Moderated By: Kimberly Johnson Marketing Associate, PistolStar Inc.
Welcome to the Event • Setting Your Expectations: – Objective is to give you “food for thought” • Housekeeping Points • Introducing the Speaker: Gregg Browinski, CTO PistolStar, Inc.
Security Awareness o Many organizations tend to overlook o Forms the first line of defense against attacks o Security Awareness Programs = Headaches o Arm your employees with 10 tips to be more aware
Tip #1: Provide Credentials on HTTPS Protected Sites o Users should get in the habit of looking at a URL before logging in o HTTPS is Hypertext Transfer Protocol layered on an encrypted SSL/TLS o Prevents “eavesdropping” attacks
Tip #2: Creating Strong Passwords – Give Them a Clue o Provide a visual clue for employees when creating passwords o Avoids risks associated with weak passwords o Standards for passwords ever increasing – demands for “super passwords” o Pass “Phrases”
Tip #3: Watch for Your Personal Watermark Going to the beach is the best! o Provides compliance when multi-factor authentication is required o Another visual clue for the user o Usually used by financial institutions o Mutual authentication - proves server’s identity to user
Tip #4: Look at Your Last Login Date and Time o Provides a quick check for fraudulent logins o Can be a log or a simple phrase
Tip #5: Password History Policies o The challenge is to maintain usability while increasing compliance and security o Enforce only when appropriate o Expiration interval and password history limit are inversely proportional
Tip #6: Using Security Question(s) Examples: Bad Question: What was your first pet? Good Question: Who was your first kiss? o Use mandatory or optional sets of questions o It is better to require more answers o Can be used to reset passwords or to augment login security
Tip #7: Avoid Password Lockout – Stop Logging In! o Caused by users’ habit of repeatedly trying to login with the same credentials o Configure Password Lockouts to expire o Use helpful warning messages to educate and reduce Help Desk calls
Tip #8: Watch for Trouble Spots & Malicious Activity o Points throughout a user’s day where security is the weakest o Educate employees about attacks and how to watch for them
Tip #9: Use Virtual Keyboard When Available o Avoid keystroke logging attacks – educate users o Implement a virtual keyboard for password and/or challenge answer fields
Tip #10: Avoid Concurrent Login Sessions o Prevent concurrent login sessions • Inactivity timeouts • Logging in invalidates pre-existing sessions • Logging in not possible until previous sessions are logged out o Tailor to the required level of data protection
Please Answer Based on a Scale from 1 to 5: Short Q&A Session: 1. How much of an overall concern is security Thank You for Your Answers awareness and authentication in your organization currently? In order to help us provide our audience with the Please Choose One Answer for the Following: appropriate information for 2. Out of these four business drivers which one future events, please take resonates the most with you and in your a moment to respond with environment? your answers to the a) Usability following questions via b) Security Instant Message. c) Auditing d) Compliance Your answers are greatly 3. Out of these four feature categories which one appreciated. Thank you. resonates the most with you and in your environment? e) Password Management f) Self-service g) Audit/Logging h) Stronger Authentication
Q&A • Q&A Session • Thank You for Attending • Please email Kjohnson@pistolstar.com with any questions, comments or feedback you may have • For more information on this series and other webinars such as: “Securely Manage Your Corporate Portal Login: Take a Look at How the Financial Industry is Leading the Way” Please Visit: http://portalguard.com/learn-more.html

Empfohlen

4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentationRashid Khatmey
 
Daniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxDaniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxRomania Testing
 
Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident ResponseAnton Chuvakin
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 dandb-technology
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s cannersRashid Khatmey
 
Be Aware of These Security Recommendations
Be Aware of These Security RecommendationsBe Aware of These Security Recommendations
Be Aware of These Security RecommendationsDue
 
SnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms
 

Empfohlen

4 . future uni presentation
4 . future uni presentation4 . future uni presentation
4 . future uni presentationRashid Khatmey
 
Daniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxDaniel billing exploring the security testers toolbox
Daniel billing exploring the security testers toolboxRomania Testing
 
Authentication and session v4
Authentication and session v4Authentication and session v4
Authentication and session v4skimil
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident ResponseAnton Chuvakin
 
Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 Blackhat 2014 Conference and Defcon 22
Blackhat 2014 Conference and Defcon 22 dandb-technology
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s cannersRashid Khatmey
 
Be Aware of These Security Recommendations
Be Aware of These Security RecommendationsBe Aware of These Security Recommendations
Be Aware of These Security RecommendationsDue
 
SnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms for Security Awareness
SnapComms for Security AwarenessSnapComms
 
How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Spring Security
Spring SecuritySpring Security
Spring SecurityKnoldus Inc.
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdfAliza Oscar
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag501 Commons
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordNicholas Davis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityEvernym
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGHuman Capital Media
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Supporttodd.lewis
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceRingLead
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end usersProgressive Integrations
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfinfosec train
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeAngela Williams
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipseGrabber
 
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 

Weitere ähnliche Inhalte

Ähnlich wie Make Your Employees More Security Aware

How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureIIMBNSRCEL
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxinfosec train
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More UsableJim Fenton
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdfAliza Oscar
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application SecurityNicholas Davis
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag501 Commons
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordNicholas Davis
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezEC-Council
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityEvernym
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramFRSecure
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGHuman Capital Media
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Supporttodd.lewis
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceRingLead
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSECSean Whalen
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfinfosec train
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeAngela Williams
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipseGrabber
 

Ähnlich wie Make Your Employees More Security Aware (20)

How to-become-secure-and-stay-secure
How to-become-secure-and-stay-secureHow to-become-secure-and-stay-secure
How to-become-secure-and-stay-secure
 
Spring Security
Spring SecuritySpring Security
Spring Security
 
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptxTop_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
Top_10_Interview_Questions_That_You_Should_Know_as_an_Information.pptx
 
Making User Authentication More Usable
Making User Authentication More UsableMaking User Authentication More Usable
Making User Authentication More Usable
 
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
350-701 Certification Exam Dumps Pdf Your Path to Success.pdf
 
Survey Presentation About Application Security
Survey Presentation About Application SecuritySurvey Presentation About Application Security
Survey Presentation About Application Security
 
Security and Privacy Brown Bag
Security and Privacy Brown BagSecurity and Privacy Brown Bag
Security and Privacy Brown Bag
 
Electronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a PasswordElectronic Authentication, More Than Just a Password
Electronic Authentication, More Than Just a Password
 
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby DominguezThe Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
The Cloud 9 - Threat & Solutions 2016 by Bobby Dominguez
 
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign IdentityThe Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
The Future of Authentication - Verifiable Credentials / Self-Sovereign Identity
 
Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor ProgramSlide Deck – Class Session 1 – FRSecure CISSP Mentor Program
Slide Deck – Class Session 1 – FRSecure CISSP Mentor Program
 
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNINGEMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
EMBRACING DISRUPTION: HOW ONE MULTINATIONAL IS CHANGING ITS APPROACH TO LEARNING
 
Power Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional SupportPower Of 30 Seconds: Best Practices for Exceptional Support
Power Of 30 Seconds: Best Practices for Exceptional Support
 
Sales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and SalesforceSales Email Hacks for Gmail and Salesforce
Sales Email Hacks for Gmail and Salesforce
 
Intro to INFOSEC
Intro to INFOSECIntro to INFOSEC
Intro to INFOSEC
 
10 things to teach end users
10 things to teach end users10 things to teach end users
10 things to teach end users
 
Vulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdfVulnerability Analyst interview Questions.pdf
Vulnerability Analyst interview Questions.pdf
 
Argumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And TimeArgumentative Essay Space Exploration Is A Waste Of Money And Time
Argumentative Essay Space Exploration Is A Waste Of Money And Time
 
Engage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationshipsEngage prospects on LinkedIn and start building business relationships
Engage prospects on LinkedIn and start building business relationships
 

Mehr von PortalGuard dba PistolStar, Inc.

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationPortalGuard dba PistolStar, Inc.
 

Mehr von PortalGuard dba PistolStar, Inc. (11)

The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor AuthenticationThe Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
The Cost and Loss of Not using Single Sign-On with Two-Factor Authentication
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Password Management
Password ManagementPassword Management
Password Management
 
Password Synchronization
Password SynchronizationPassword Synchronization
Password Synchronization
 
Self-service Password Reset
Self-service Password ResetSelf-service Password Reset
Self-service Password Reset
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual Authentication
 
Password management
Password managementPassword management
Password management
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 

Kürzlich hochgeladen

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 

Kürzlich hochgeladen (20)

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 

Make Your Employees More Security Aware

  • 1. Top 10 Ways to Make Your Employees More Security Aware 2:00PM EDT, Thursday August 26th, 2010 Presented By: Gregg Browinski CTO, PistolStar Inc. Moderated By: Kimberly Johnson Marketing Associate, PistolStar Inc.
  • 2. Welcome to the Event • Setting Your Expectations: – Objective is to give you “food for thought” • Housekeeping Points • Introducing the Speaker: Gregg Browinski, CTO PistolStar, Inc.
  • 3. Security Awareness o Many organizations tend to overlook o Forms the first line of defense against attacks o Security Awareness Programs = Headaches o Arm your employees with 10 tips to be more aware
  • 4. Tip #1: Provide Credentials on HTTPS Protected Sites o Users should get in the habit of looking at a URL before logging in o HTTPS is Hypertext Transfer Protocol layered on an encrypted SSL/TLS o Prevents “eavesdropping” attacks
  • 5. Tip #2: Creating Strong Passwords – Give Them a Clue o Provide a visual clue for employees when creating passwords o Avoids risks associated with weak passwords o Standards for passwords ever increasing – demands for “super passwords” o Pass “Phrases”
  • 6. Tip #3: Watch for Your Personal Watermark Going to the beach is the best! o Provides compliance when multi-factor authentication is required o Another visual clue for the user o Usually used by financial institutions o Mutual authentication - proves server’s identity to user
  • 7. Tip #4: Look at Your Last Login Date and Time o Provides a quick check for fraudulent logins o Can be a log or a simple phrase
  • 8. Tip #5: Password History Policies o The challenge is to maintain usability while increasing compliance and security o Enforce only when appropriate o Expiration interval and password history limit are inversely proportional
  • 9. Tip #6: Using Security Question(s) Examples: Bad Question: What was your first pet? Good Question: Who was your first kiss? o Use mandatory or optional sets of questions o It is better to require more answers o Can be used to reset passwords or to augment login security
  • 10. Tip #7: Avoid Password Lockout – Stop Logging In! o Caused by users’ habit of repeatedly trying to login with the same credentials o Configure Password Lockouts to expire o Use helpful warning messages to educate and reduce Help Desk calls
  • 11. Tip #8: Watch for Trouble Spots & Malicious Activity o Points throughout a user’s day where security is the weakest o Educate employees about attacks and how to watch for them
  • 12. Tip #9: Use Virtual Keyboard When Available o Avoid keystroke logging attacks – educate users o Implement a virtual keyboard for password and/or challenge answer fields
  • 13. Tip #10: Avoid Concurrent Login Sessions o Prevent concurrent login sessions • Inactivity timeouts • Logging in invalidates pre-existing sessions • Logging in not possible until previous sessions are logged out o Tailor to the required level of data protection
  • 14. Please Answer Based on a Scale from 1 to 5: Short Q&A Session: 1. How much of an overall concern is security Thank You for Your Answers awareness and authentication in your organization currently? In order to help us provide our audience with the Please Choose One Answer for the Following: appropriate information for 2. Out of these four business drivers which one future events, please take resonates the most with you and in your a moment to respond with environment? your answers to the a) Usability following questions via b) Security Instant Message. c) Auditing d) Compliance Your answers are greatly 3. Out of these four feature categories which one appreciated. Thank you. resonates the most with you and in your environment? e) Password Management f) Self-service g) Audit/Logging h) Stronger Authentication
  • 15. Q&A • Q&A Session • Thank You for Attending • Please email Kjohnson@pistolstar.com with any questions, comments or feedback you may have • For more information on this series and other webinars such as: “Securely Manage Your Corporate Portal Login: Take a Look at How the Financial Industry is Leading the Way” Please Visit: http://portalguard.com/learn-more.html