SlideShare ist ein Scribd-Unternehmen logo

Onlinesecurityrecomendations2014 141230081030-conversion-gate02

A
amiinaaa
Ingenieurwesen
1 von 14
Downloaden Sie, um offline zu lesen
Best practices for on-line SECURITY by Peter Finney | Thinker | inventor | innovator | technologist | consultant | husband, dad | into eXtreem sports ____ As more of our everyday objects become connected (the internet of things) more and more of our personal data and interactions are been shared and stored on-line. Not just your name, address, age, with home automation, heating and lighting, cctv, with wearables this is extends to health data, location, with biometrics your finger or voiceprint, with telematics apps or smart-cars your driving, and with smartphones and tablets, contacts, banking and other application data. Privacy and security of our personal information is key, with all of this data frequently stored in the cloud and on social profiles a comprehensive in-depth view of our attributes could potentially be obtained. So what are the risks and how can we better protect our information. You can never say never with security! However this presentation highlights some of the on-line security risks and best practices and recommendations to get you started and help better protect you in the evolving digital world. ____ @peterfinney December 2014
Getting to know the risks the bad guys • Weak passwords default and easy to guess or crack with tools. • Shoulder surfers watching you type a password. • Social engineering masquerading as a trustworthy entity. • Phrising email, fraudulent websites, social media post, text and phone calls. • Click jacking what does that short link really point to. • Drive-by-download malware download without your knowledge when visiting a website, viewing an e-mail or by clicking a deceptive pop-up window or link. • Malware spyware such as key loggers and RATs (Remote Access Tool kits). • Man in the middle conversation controlled by the attacker, you are not in direct communication. • Rogue hot-spots is that free Wi-Fi hotspot legit and safe. • Packet sniffers intercepting data over Wi-Fi or wired connection. • Zero-day attack or threat that exploits a previously unknown vulnerability. “Objective: steal your personal data or information such as credit card numbers, passwords or other information”
Best practices Passwords • Create complex strong passwords Use non dictionary words, include upper/lowercase characters, numbers and symbols !”£$%^&*().@#<> Long length 15-20+ characters. • Change frequently, every 3 months • Use a different password for each account • Review use of a password vault, or an encrypted password file examples Lastpass https://lastpass.com/ One Password https://agilebits.com/onepassword iCloud keychain http://support.apple.com/en-us/HT5813 (Safari) Chrome password manager https://support.google.com/chrome/answer/95606?hl=en-GB (easy to find chrome://settings/passwords, password management option in advanced settings) reference http://www.microsoft.com/en-gb/security/online-privacy/passwords-create.aspx ********************
Best practices Two factor authentication • Use two factor authentication where supported Something you know, a strong “Password” and something you own, Your Phone (…is sent a text code) or by using a one time password generator such as the “Google Authenticator” for android / iphone. ******************** Site Setup guide Facebook https://www.facebook.com/help/?faq=162604937135512 Google http://support.google.com/accounts/bin/static.py?hl=en&page=guide .cs&guide=1056283 Twitter https://blog.twitter.com/2013/getting-started-with-login-verification Linkedin http://blog.linkedin.com/2013/05/31/protecting-your-linkedin- account-with-two-step-verification/ Dropbox https://blog.dropbox.com/2014/10/have-you-enabled-two-step- verification/ Wordpress http://en.support.wordpress.com/security/two-step-authentication/ Apple ID http://support.apple.com/en-us/HT204152
Best practices Shoulder surfing • Use a privacy screen to help prevent shoulder surfers, be mindful and aware of your surroundings, public spaces such as planes, trains, café, hotel, meetings, conferences. • Use a screen saver set a suitable idle time e.g. 5 mins before activation always lock the screen when you are away from your computer Recommeded http://solutions.3m.com/wps/portal/3M/en_US/SDP/Privacy_Filters/
Best practices Firewall, Antivirus / Malware • Always enable and use Firewall (software) • Install, update and use Antivirus and Malware software OS Consider Windows 8.1 Windows Defender is free anti-malware software included with Windows http://windows.microsoft.com/en-gb/windows-8/how-protect-pc- from-viruses Apple Sophos (Free) http://www.sophos.com/en-us/products/free-tools/sophos-antivirus- for-mac-home-edition.aspx Intego Virus Barrier http://www.intego.com/virusbarrier/ Mobile https://www.lookout.com/
Best practices DNS, Web filtering DNS (Web Filtering) Options Consider OpenDNS Changing DNS settings to use OPENDNS http://www.opendns.com/ DNS Servers 208.67.222.222 208.67.220.220 DNScrypt / DNSSEC https://www.opendns.com/about/innovations/dnscrypt/ Google Public DNS https://developers.google.com/speed/public-dns/ DNS servers 8.8.8.8 8.8.4.4 https://developers.google.com/speed/public-dns/docs/security ISP Parental Controls (Security inc. in your broadband package?) BT http://bt.custhelp.com/app/answers/detail/a_id/46768/~/bt- parental-controls---%27how-to...%27-guide Virgin Media http://store.virginmedia.com/discover/broadband/broadbandextras/ web-safe.html Blue Coat K9 Web Filtering, Blue Coat K9 web protection for home users http://www1.k9webprotection.com/
Best practices Wi-Fi Hotspots • Can you trust that Wi-Fi hotspot? • Always use a trusted VPN service from your laptop, tablet or smartphone, this will encrypt your session. Free Wi-Fi Here Options Consider Surfeasy https://www.surfeasy.com/ Hotspot Shield http://www.hotspotshield.com/
Best practices Updates, trusted software and applications • Keep your OS, applications and plug-in’s up to date turn on automatic updates • ONLY install software and applications from a trusted source! Otherwise it could contain malware
Best practices Encryption • Encrypt your Hard Disk and external disk / USB drives. • ENSURE that you generate and securely store a recovery KEY !! Options Consider MAC File Vault http://support.apple.com/kb/HT4790 Windows 8.1 Pro Bitlocker http://windows.microsoft.com/en-gb/windows-8/bitlocker-drive- encryption
Best practices Backups (Zero-day) • Maintain regular backups (Encrypted) of your computer and social site profiles. • Store backups on an external drive in a DATA approved firebox, offsite away from your primary location. • Consider cloud backup such as Google Drive, Dropbox. Cloud storage providers which support two-factor authentication. Social Site Backup guide Google https://www.google.com/takeout/ Facebook https://www.facebook.com/help/?page=116481065103985 Linkedin https://help.linkedin.com/app/answers/detail/a_id/3/~/exporting- your-linkedin-connections
Best practices Secure browsing • Always connect to a social site using, https:// if supported ? this encrypts your connection to the web site with SSL. • Check website's address begins with HTTPS, and that a LOCK icon appears in the Address bar. • Click the lock icon, view the site security certificate details. Check that the certificate is issued by a trusted root CA such as “VeriSign” et al • Keep your web browser software up to date. • Do not browse the web using a “admin” account, ensure your user account type is “STANDARD”. Create a “STANDARD” user account for general web browsing Use a separate “Admin” user account for system maintenance
Best practices Step to avoid being Phished Fake emails, social media posts, texts and phone calls. • IF in doubt delete it! Only call a reputable trusted company back and verify the message was genuine. • Never respond and give your login or personal details. • Do not click on embedded links. • Do not reply, mark as SPAM and delete. • Do not call or text back missed unknown numbers. Guides Phishing: Frequently asked questions http://www.microsoft.com/en-gb/security/online-privacy/phishing- faq.aspx How to recognize phishing email messages, links, or phone calls http://www.microsoft.com/security/online-privacy/phishing- symptoms.aspx Simple Steps to avoid being phished http://www.sophos.com/en-us/security-news-trends/best- practices/phishing.aspx
You can never say never with security. I hope this presentation has answered some questions and maybe a starting point to research more. Remember there is always another point of view and something else to try the examples and recommendations are a guide to get you started. Safe surfing.

Empfohlen

Border crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsBorder crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tips
Ernest Staats
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
Quick Heal Technologies Ltd.
 
Home and Business Computer Security 2014
Home and Business Computer Security 2014Home and Business Computer Security 2014
Home and Business Computer Security 2014
B2BPlanner Ltd.
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
peterhitch
 
Infosec 4 The Home
Infosec 4 The HomeInfosec 4 The Home
Infosec 4 The Home
jaysonstreet
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
Michel Bitter
 

Empfohlen

Border crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tipsBorder crossing mobile social media life-saving security tips
Border crossing mobile social media life-saving security tips
Ernest Staats
 
Dos and Don'ts of Internet Security
Dos and Don'ts of Internet SecurityDos and Don'ts of Internet Security
Dos and Don'ts of Internet Security
Quick Heal Technologies Ltd.
 
Home and Business Computer Security 2014
Home and Business Computer Security 2014Home and Business Computer Security 2014
Home and Business Computer Security 2014
B2BPlanner Ltd.
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
Camille Hazellie
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
Dmitriy Scherbina
 
Protect Yourself From Internet Pests
Protect Yourself From Internet PestsProtect Yourself From Internet Pests
Protect Yourself From Internet Pests
peterhitch
 
Infosec 4 The Home
Infosec 4 The HomeInfosec 4 The Home
Infosec 4 The Home
jaysonstreet
 
14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness14 tips to increase cybersecurity awareness
14 tips to increase cybersecurity awareness
Michel Bitter
 
Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
Jay Nagar
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
B2BPlanner Ltd.
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
Sadaf Walliyani
 
IT Security DOs and DON'Ts
IT Security DOs and DON'Ts IT Security DOs and DON'Ts
IT Security DOs and DON'Ts
Sophos
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
Mohammed Adam
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
JoshuaWisniewski3
 
Cybersecurity Awareness Infographics
Cybersecurity Awareness InfographicsCybersecurity Awareness Infographics
Cybersecurity Awareness Infographics
NetLockSmith
 
Year 7 - Week 5 esafety
Year 7 - Week 5 esafetyYear 7 - Week 5 esafety
Year 7 - Week 5 esafety
teachesict
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
EMBplc.com
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber World
Emil Tan
 
Online reputation
Online reputationOnline reputation
Online reputation
esl2m
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
Courion Corporation
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
Devsena Mishra
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
Arjun Chetry
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
Angelito Quiambao
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
ritz482
 
Harbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidHarbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vid
Ernest Staats
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
Jonathan Bacon
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and Etiquette
DOFJLCCDD
 
Evaluation #5
Evaluation #5Evaluation #5
Evaluation #5
Toni Hendry
 
практическая работа № 3
практическая работа № 3практическая работа № 3
практическая работа № 3
Илья Сыч
 

Weitere ähnliche Inhalte

Was ist angesagt?

Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
JFashant
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
Sadaf Walliyani
 
Online reputation
Online reputationOnline reputation
Online reputation
esl2m
 

Was ist angesagt? (20)

Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual Cyber security and Privacy Awareness manual
Cyber security and Privacy Awareness manual
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
 
IT Security DOs and DON'Ts
IT Security DOs and DON'Ts IT Security DOs and DON'Ts
IT Security DOs and DON'Ts
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
Cybersecurity Awareness
Cybersecurity AwarenessCybersecurity Awareness
Cybersecurity Awareness
 
Cybersecurity Awareness Infographics
Cybersecurity Awareness InfographicsCybersecurity Awareness Infographics
Cybersecurity Awareness Infographics
 
Year 7 - Week 5 esafety
Year 7 - Week 5 esafetyYear 7 - Week 5 esafety
Year 7 - Week 5 esafety
 
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
101 Internet Security Tips Slideshow - Know How To Protect Your Computer Online!
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber World
 
Online reputation
Online reputationOnline reputation
Online reputation
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
 
Cyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena MishraCyber security-awareness-for-social-media-users - Devsena Mishra
Cyber security-awareness-for-social-media-users - Devsena Mishra
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
 
Harbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidHarbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vid
 
Notes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and PrivacyNotes to The Ten Commandments of Online Security and Privacy
Notes to The Ten Commandments of Online Security and Privacy
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and Etiquette
 

Andere mochten auch

верди, выставка
верди, выставкаверди, выставка
верди, выставка
libuspu
 
Guia de turismo cultural en lambayeque museos y complejos umb
Guia de turismo cultural en lambayeque museos y complejos umbGuia de turismo cultural en lambayeque museos y complejos umb
Guia de turismo cultural en lambayeque museos y complejos umb
Emma Ramos Farroñán
 
Linen Club Catalogue 2
Linen Club Catalogue 2Linen Club Catalogue 2
Linen Club Catalogue 2
Tapan Sharma
 

Andere mochten auch (9)

Evaluation #5
Evaluation #5Evaluation #5
Evaluation #5
 
практическая работа № 3
практическая работа № 3практическая работа № 3
практическая работа № 3
 
Business Center
Business CenterBusiness Center
Business Center
 
Gost r 54500.3.2 2013
Gost r 54500.3.2 2013Gost r 54500.3.2 2013
Gost r 54500.3.2 2013
 
Bab17 mengelola sim
Bab17 mengelola simBab17 mengelola sim
Bab17 mengelola sim
 
верди, выставка
верди, выставкаверди, выставка
верди, выставка
 
Alveolitis alérgica extrínseca gea
Alveolitis alérgica extrínseca geaAlveolitis alérgica extrínseca gea
Alveolitis alérgica extrínseca gea
 
Guia de turismo cultural en lambayeque museos y complejos umb
Guia de turismo cultural en lambayeque museos y complejos umbGuia de turismo cultural en lambayeque museos y complejos umb
Guia de turismo cultural en lambayeque museos y complejos umb
 
Linen Club Catalogue 2
Linen Club Catalogue 2Linen Club Catalogue 2
Linen Club Catalogue 2
 

Ähnlich wie Onlinesecurityrecomendations2014 141230081030-conversion-gate02

WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
WISE KIDS
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
WeSecureApp
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
leahg118
 

Ähnlich wie Onlinesecurityrecomendations2014 141230081030-conversion-gate02 (20)

Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Hyphenet Security Awareness Training
Hyphenet Security Awareness TrainingHyphenet Security Awareness Training
Hyphenet Security Awareness Training
 
Secure End User
Secure End UserSecure End User
Secure End User
 
Cyber privacy and password protection
Cyber privacy and password protectionCyber privacy and password protection
Cyber privacy and password protection
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
 
7 Small Business Security Tips
7 Small Business Security Tips7 Small Business Security Tips
7 Small Business Security Tips
 
WISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurityWISE KIDS Leaflet: eSecurity
WISE KIDS Leaflet: eSecurity
 
A Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the InternetA Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the Internet
 
Internet security
Internet securityInternet security
Internet security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Digital Security and Hygiene.pptx
Digital Security and Hygiene.pptxDigital Security and Hygiene.pptx
Digital Security and Hygiene.pptx
 
It security,malware,phishing,information theft
It security,malware,phishing,information theftIt security,malware,phishing,information theft
It security,malware,phishing,information theft
 
Cybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureAppCybersecurity Awareness E-Book - WeSecureApp
Cybersecurity Awareness E-Book - WeSecureApp
 
Giarritano concept paper 4
Giarritano concept paper 4Giarritano concept paper 4
Giarritano concept paper 4
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Protecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World SafetyProtecting Your Privacy: Cyberspace Security, Real World Safety
Protecting Your Privacy: Cyberspace Security, Real World Safety
 

Kürzlich hochgeladen

UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
rknatarajan
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
ranjana rawat
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur High Profile
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
ranjana rawat
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
Tonystark477637
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Christo Ananth
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 

Kürzlich hochgeladen (20)

UNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular ConduitsUNIT-II FMM-Flow Through Circular Conduits
UNIT-II FMM-Flow Through Circular Conduits
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)Java Programming :Event Handling(Types of Events)
Java Programming :Event Handling(Types of Events)
 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
 
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
(SHREYA) Chakan Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Esc...
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
KubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghlyKubeKraft presentation @CloudNativeHooghly
KubeKraft presentation @CloudNativeHooghly
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur EscortsRussian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
Russian Call Girls in Nagpur Grishma Call 7001035870 Meet With Nagpur Escorts
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Ankleshwar 7001035870 Whatsapp Number, 24/07 Booking
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
UNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSISUNIT-III FMM. DIMENSIONAL ANALYSIS
UNIT-III FMM. DIMENSIONAL ANALYSIS
 

Onlinesecurityrecomendations2014 141230081030-conversion-gate02

  • 1. Best practices for on-line SECURITY by Peter Finney | Thinker | inventor | innovator | technologist | consultant | husband, dad | into eXtreem sports ____ As more of our everyday objects become connected (the internet of things) more and more of our personal data and interactions are been shared and stored on-line. Not just your name, address, age, with home automation, heating and lighting, cctv, with wearables this is extends to health data, location, with biometrics your finger or voiceprint, with telematics apps or smart-cars your driving, and with smartphones and tablets, contacts, banking and other application data. Privacy and security of our personal information is key, with all of this data frequently stored in the cloud and on social profiles a comprehensive in-depth view of our attributes could potentially be obtained. So what are the risks and how can we better protect our information. You can never say never with security! However this presentation highlights some of the on-line security risks and best practices and recommendations to get you started and help better protect you in the evolving digital world. ____ @peterfinney December 2014
  • 2. Getting to know the risks the bad guys • Weak passwords default and easy to guess or crack with tools. • Shoulder surfers watching you type a password. • Social engineering masquerading as a trustworthy entity. • Phrising email, fraudulent websites, social media post, text and phone calls. • Click jacking what does that short link really point to. • Drive-by-download malware download without your knowledge when visiting a website, viewing an e-mail or by clicking a deceptive pop-up window or link. • Malware spyware such as key loggers and RATs (Remote Access Tool kits). • Man in the middle conversation controlled by the attacker, you are not in direct communication. • Rogue hot-spots is that free Wi-Fi hotspot legit and safe. • Packet sniffers intercepting data over Wi-Fi or wired connection. • Zero-day attack or threat that exploits a previously unknown vulnerability. “Objective: steal your personal data or information such as credit card numbers, passwords or other information”
  • 3. Best practices Passwords • Create complex strong passwords Use non dictionary words, include upper/lowercase characters, numbers and symbols !”£$%^&*().@#<> Long length 15-20+ characters. • Change frequently, every 3 months • Use a different password for each account • Review use of a password vault, or an encrypted password file examples Lastpass https://lastpass.com/ One Password https://agilebits.com/onepassword iCloud keychain http://support.apple.com/en-us/HT5813 (Safari) Chrome password manager https://support.google.com/chrome/answer/95606?hl=en-GB (easy to find chrome://settings/passwords, password management option in advanced settings) reference http://www.microsoft.com/en-gb/security/online-privacy/passwords-create.aspx ********************
  • 4. Best practices Two factor authentication • Use two factor authentication where supported Something you know, a strong “Password” and something you own, Your Phone (…is sent a text code) or by using a one time password generator such as the “Google Authenticator” for android / iphone. ******************** Site Setup guide Facebook https://www.facebook.com/help/?faq=162604937135512 Google http://support.google.com/accounts/bin/static.py?hl=en&page=guide .cs&guide=1056283 Twitter https://blog.twitter.com/2013/getting-started-with-login-verification Linkedin http://blog.linkedin.com/2013/05/31/protecting-your-linkedin- account-with-two-step-verification/ Dropbox https://blog.dropbox.com/2014/10/have-you-enabled-two-step- verification/ Wordpress http://en.support.wordpress.com/security/two-step-authentication/ Apple ID http://support.apple.com/en-us/HT204152
  • 5. Best practices Shoulder surfing • Use a privacy screen to help prevent shoulder surfers, be mindful and aware of your surroundings, public spaces such as planes, trains, café, hotel, meetings, conferences. • Use a screen saver set a suitable idle time e.g. 5 mins before activation always lock the screen when you are away from your computer Recommeded http://solutions.3m.com/wps/portal/3M/en_US/SDP/Privacy_Filters/
  • 6. Best practices Firewall, Antivirus / Malware • Always enable and use Firewall (software) • Install, update and use Antivirus and Malware software OS Consider Windows 8.1 Windows Defender is free anti-malware software included with Windows http://windows.microsoft.com/en-gb/windows-8/how-protect-pc- from-viruses Apple Sophos (Free) http://www.sophos.com/en-us/products/free-tools/sophos-antivirus- for-mac-home-edition.aspx Intego Virus Barrier http://www.intego.com/virusbarrier/ Mobile https://www.lookout.com/
  • 7. Best practices DNS, Web filtering DNS (Web Filtering) Options Consider OpenDNS Changing DNS settings to use OPENDNS http://www.opendns.com/ DNS Servers 208.67.222.222 208.67.220.220 DNScrypt / DNSSEC https://www.opendns.com/about/innovations/dnscrypt/ Google Public DNS https://developers.google.com/speed/public-dns/ DNS servers 8.8.8.8 8.8.4.4 https://developers.google.com/speed/public-dns/docs/security ISP Parental Controls (Security inc. in your broadband package?) BT http://bt.custhelp.com/app/answers/detail/a_id/46768/~/bt- parental-controls---%27how-to...%27-guide Virgin Media http://store.virginmedia.com/discover/broadband/broadbandextras/ web-safe.html Blue Coat K9 Web Filtering, Blue Coat K9 web protection for home users http://www1.k9webprotection.com/
  • 8. Best practices Wi-Fi Hotspots • Can you trust that Wi-Fi hotspot? • Always use a trusted VPN service from your laptop, tablet or smartphone, this will encrypt your session. Free Wi-Fi Here Options Consider Surfeasy https://www.surfeasy.com/ Hotspot Shield http://www.hotspotshield.com/
  • 9. Best practices Updates, trusted software and applications • Keep your OS, applications and plug-in’s up to date turn on automatic updates • ONLY install software and applications from a trusted source! Otherwise it could contain malware
  • 10. Best practices Encryption • Encrypt your Hard Disk and external disk / USB drives. • ENSURE that you generate and securely store a recovery KEY !! Options Consider MAC File Vault http://support.apple.com/kb/HT4790 Windows 8.1 Pro Bitlocker http://windows.microsoft.com/en-gb/windows-8/bitlocker-drive- encryption
  • 11. Best practices Backups (Zero-day) • Maintain regular backups (Encrypted) of your computer and social site profiles. • Store backups on an external drive in a DATA approved firebox, offsite away from your primary location. • Consider cloud backup such as Google Drive, Dropbox. Cloud storage providers which support two-factor authentication. Social Site Backup guide Google https://www.google.com/takeout/ Facebook https://www.facebook.com/help/?page=116481065103985 Linkedin https://help.linkedin.com/app/answers/detail/a_id/3/~/exporting- your-linkedin-connections
  • 12. Best practices Secure browsing • Always connect to a social site using, https:// if supported ? this encrypts your connection to the web site with SSL. • Check website's address begins with HTTPS, and that a LOCK icon appears in the Address bar. • Click the lock icon, view the site security certificate details. Check that the certificate is issued by a trusted root CA such as “VeriSign” et al • Keep your web browser software up to date. • Do not browse the web using a “admin” account, ensure your user account type is “STANDARD”. Create a “STANDARD” user account for general web browsing Use a separate “Admin” user account for system maintenance
  • 13. Best practices Step to avoid being Phished Fake emails, social media posts, texts and phone calls. • IF in doubt delete it! Only call a reputable trusted company back and verify the message was genuine. • Never respond and give your login or personal details. • Do not click on embedded links. • Do not reply, mark as SPAM and delete. • Do not call or text back missed unknown numbers. Guides Phishing: Frequently asked questions http://www.microsoft.com/en-gb/security/online-privacy/phishing- faq.aspx How to recognize phishing email messages, links, or phone calls http://www.microsoft.com/security/online-privacy/phishing- symptoms.aspx Simple Steps to avoid being phished http://www.sophos.com/en-us/security-news-trends/best- practices/phishing.aspx
  • 14. You can never say never with security. I hope this presentation has answered some questions and maybe a starting point to research more. Remember there is always another point of view and something else to try the examples and recommendations are a guide to get you started. Safe surfing.