SlideShare ist ein Scribd-Unternehmen logo
1 von 25
eSecurity! Keeping your Business and
Customers Safe
Michael McKinnon, Security Advisor
mmckinnon@avg.com.au
Let’s Work Together to Protect Us

A little bit about AVG Australia New Zealand
• We are an Avalanche Technology Group company, has
  been operating in Bayside suburbs for many years.

• Our AVG Free Edition product is widely known
  throughout the world with over 98 Million Users

• What will we be covering tonight?
   • How can I protect my business and customers?

   • Why is it important to do so?

   • Top 10 Practical Tips to Secure your Business

   • An exclusive offer for BBN Members, supporting local
     bayside businesses 


                                                            2
As if running a Business isn’t Hard Enough!




As more Businesses take advantage of the booming Internet
economy, so too do the criminals, intent on getting what they
can... Often at the sacrifice of your Reputation, your Money, or
even-worse your entire Business.




                                                                   3
The Stakes are Higher Than Ever




Distribute I.T. Pty
Ltd, started in 2002 and
collapsed in June 2011 due
to a Hacking Incident...




                                  4
What are the Threats?

• Vectors:                • Payloads:
   • Web Pages               • Malware

   • E-mail Attachments      • Trojan horses

   • Pop-Up Windows          • Worms

   • Network Based           • Spyware

   • Instant Messaging           • Password Stealers

   • Chat Rooms                  • Keyboard Loggers

   • Deception




                                                       5
Growth of Malicious Computer Code




                                    6
10 Tips to Secure Your Business
1.   Use Secure Passwords

2.   Control your Internet Connection

3.   Secure your Wireless Networks

4.   Secure your Mobile Devices

5.   Apply all Software Updates on all Computers

6.   Prevent Viruses & Malware

7.   Reduce Spam

8.   Smart settings on your Internet Browsers

9.   Secure Internet Banking

10. Be Aware of Scams and Social Engineering Tactics


                                                       7
#1 Passwords – Back to Basics




What should be aim for in a password?

• Should be easy to remember

• Should be hard to guess (and “brute-force”)




                                                8
#1 Passwords – World’s Top 10 Most Used

• 123456              • 12345

• 123456789           • Password123

• Password            • 1234567

• 12345678            • abc123

• 654321              • Qwerty




                                          9
Can you guess their password?




                                10
#1 Passwords – Rank in order of Strength


1. E56#av+Yb!

2. Password123

3. aaaaaAAAAA#####43

4. 123456

5. lucasjames




                                           11
#1 Passwords – Why Size Matters!

Length is more
 important than
 randomness...

0 – 9 = 10

A – Z = 26

a – z = 26

#$%^ etc. = 10

That’s 72 combinations
 for each letter of your
 password, for a 10 letter password that’s 72^10




                                                   12
#1 Passwords - Summary

• Never, never, ever give your password to someone else!

• Absolute minimum of 10 characters

• Use a mix of UPPER and lowercase; and
  at least one numeral; and
  At least one symbol character

• Remember: Length is always better than Randomness!

• MUST BE EASY TO REMEMBER – so you don’t have to
  write them down

• Strongly advise separating passwords between all
  different sites, just needs a few characters different.




                                                            13
#2 Control your Internet Connection

• Change the default password on your Routers/Firewalls

• Only allow Outgoing connections for known
  services – generally this means choosing
  the highest security level in the Firewall

• Consider turning off the Internet when
  it is not being used – i.e. Weekends

• If unsure of the setup or configuration,
  always consult with an IT Professional and
  ask for them to explain how they are making
  it secure.




                                                          14
#3 Secure your Wireless Networks

• Amazing how many

• Never use “WEP”, always use “WPA” or “WPA2”

• If you have visitors that want wireless access, have an
  IT professional setup a “DMZ” wireless network that
  only provides Internet access only – and not into your
  internal network

• Exception to our Password Rule here – the wireless
  encryption key should NOT be easy to remember (it will
  be too long), and should be written down somewhere
  safe




                                                            15
#4 Securing Mobile Devices for Business

• Use of these devices has grown at an astonishing
  rate, and attacks are starting to appear

• Always turn-on PIN number locking features

• iPhone users can use Apple’s “Find My iPhone”
  application to recover a lost/stolen device or remote
  wipe.

• Android phone users can use AVG Mobilation to recover
  lost/stolen phone or remote wipe.




                                                          16
#5 Always Apply Software Updates

• Why are so many people afraid of Software Updates?

• Rule No. 1 – Always Install the Latest Updates

• Rule No. 2 – Refer to Rule No. 1

• Turn On Automatic Updates

• This applies to updates for EVERYTHING, including:
   • Windows or Mac OS-X

   • Adobe Flash and PDF Reader

   • Java, and Internet Web Browsers (Firefox, Chrome etc.)




                                                              17
#6 Prevent Viruses and Malware

• Use an Internet Security solution that includes:
   • Scanning of e-mail attachments

   • Scanning of web-links that blocks access to pages

   • Regular scheduled scanning of files on your computer

• Never, never, ever, use Peer to Peer networks like
  BitTorrent

• Don’t forget to install an
  Antivirus software on the
  office File Server!




                                                            18
#7 Reduce Spam

• If you don’t know who sent you and e-mail, delete it.
   • Far easier to say, much harder to do!

   • Need to be vigilant

• Have an Anti-spam software solution in place

• Reduce Spam for others as well by protecting your own
  business domain
   • Implement Sender Policy Framework (SPF) or Domain
     Keys (DKIM) – speak to an IT professional

   • Change your e-mail account passwords regulary
     (especially POP and IMAP accounts)




                                                          19
#8 Use Smart settings on Internet Browsers

• Which Browser do you use?
   • Internet Explorer, Firefox, Chrome, Safari…

• Is it up to date? Make sure it is!

• Don’t let the browser remember passwords, because if
  it gets hacked all your passwords can be stolen!




                                                         20
#9 Secure your Bank Accounts

• Know the web address (URL) of your Internet Banking
  website – be aware of any misspelling
  or anything unusual

• Always make sure your Internet
  Banking website is secured by
  HTTPS (Secure) – look for padlock

• Insist on “Two-Factor” authentication
  for Business Banking; either a security
  token or SMS response code is OK

• Contact your bank ASAP if you find anything unusual




                                                        21
#10 Be Aware, Be Very Aware

Great Sources of Information
• Latest security news
  www.avg.com.au

• Information on Scams
  www.scamwatch.org.au

• How to Clean an Infected Computer
  www.icode.net.au

• Improving Security at Home
  www.cybersmart.gov.au

• Defence Signals Directorate
  www.dsd.gov.au/infosec



                                      22
Who needs to know all of this stuff?

• Business Owners

• All Staff

• Temps and Contractors

• Everyone!



• Don’t underestimate the power of some basic IT
  knowledge when it comes to improving security!




                                                   23
What is your Business Risking?

• Data / Information
   • Trade Secrets, things you don’t want competitors to know

   • Financial Data, could be deleted or tampered with

   • Payroll Information, could be shared with staff

   • Any number of items!

• Money
   • Available through your Internet Bank Accounts

   • Credit Card Details




                                                                24
Questions?


             Thank you 

             And who won the door prize?



             Michael McKinnon
             Security Advisor

             mmckinnon@avg.com.au




                                           25

Weitere ähnliche Inhalte

Was ist angesagt?

Itsa end user 2013
Itsa end user 2013Itsa end user 2013
Itsa end user 2013salleh1n
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Mohammed Adam
 
Harbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidHarbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidErnest Staats
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2DallasHaselhorst
 
Information Security Awareness With Shawn Changes
Information Security Awareness With Shawn ChangesInformation Security Awareness With Shawn Changes
Information Security Awareness With Shawn ChangesMichael Dessecker
 
Security and privacy
Security and privacySecurity and privacy
Security and privacyMohammed Adam
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamMohammed Adam
 
Trial by Fire: Security @ DEF CON 21
Trial by Fire: Security @ DEF CON 21Trial by Fire: Security @ DEF CON 21
Trial by Fire: Security @ DEF CON 21Lookout
 
Keeping Denial of Service and Financial Fraud out of Your Contact Center
Keeping Denial of Service and Financial Fraud out of Your Contact CenterKeeping Denial of Service and Financial Fraud out of Your Contact Center
Keeping Denial of Service and Financial Fraud out of Your Contact CenterCase IQ
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanAhmed Musaad
 
Computing remotely in a secure manner
Computing remotely in a secure mannerComputing remotely in a secure manner
Computing remotely in a secure mannerKevin Bryant
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber WorldEmil Tan
 

Was ist angesagt? (20)

Network Security
Network SecurityNetwork Security
Network Security
 
Itsa end user 2013
Itsa end user 2013Itsa end user 2013
Itsa end user 2013
 
Personal security
Personal securityPersonal security
Personal security
 
Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2Webinar On Ethical Hacking & Cybersecurity - Day2
Webinar On Ethical Hacking & Cybersecurity - Day2
 
Cyber security and crime
Cyber security and crimeCyber security and crime
Cyber security and crime
 
INSECURITYBLANKET
INSECURITYBLANKETINSECURITYBLANKET
INSECURITYBLANKET
 
Harbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vidHarbin clinic iot-mobile-no-vid
Harbin clinic iot-mobile-no-vid
 
Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2Cybersecurity Awareness Training Presentation v1.2
Cybersecurity Awareness Training Presentation v1.2
 
Information Security Awareness With Shawn Changes
Information Security Awareness With Shawn ChangesInformation Security Awareness With Shawn Changes
Information Security Awareness With Shawn Changes
 
Security and privacy
Security and privacySecurity and privacy
Security and privacy
 
BugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed AdamBugBounty Roadmap with Mohammed Adam
BugBounty Roadmap with Mohammed Adam
 
Trial by Fire: Security @ DEF CON 21
Trial by Fire: Security @ DEF CON 21Trial by Fire: Security @ DEF CON 21
Trial by Fire: Security @ DEF CON 21
 
Internet security
Internet securityInternet security
Internet security
 
Keeping Denial of Service and Financial Fraud out of Your Contact Center
Keeping Denial of Service and Financial Fraud out of Your Contact CenterKeeping Denial of Service and Financial Fraud out of Your Contact Center
Keeping Denial of Service and Financial Fraud out of Your Contact Center
 
Information Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing SudanInformation Security Awareness, Petronas Marketing Sudan
Information Security Awareness, Petronas Marketing Sudan
 
Information Security Engineering
Information Security EngineeringInformation Security Engineering
Information Security Engineering
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry Pi
 
Computing remotely in a secure manner
Computing remotely in a secure mannerComputing remotely in a secure manner
Computing remotely in a secure manner
 
Securing Yourself in the Cyber World
Securing Yourself in the Cyber WorldSecuring Yourself in the Cyber World
Securing Yourself in the Cyber World
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 

Ähnlich wie eSecurity! Keeping your Business and Customers Safe

Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online PrivacyKazi Sarwar Hossain
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraudRadiant Minds
 
Online reputation
Online reputationOnline reputation
Online reputationesl2m
 
How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!AVG Technologies AU
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Abzetdin Adamov
 
Let me in! 10 tips to better passwords
Let me in! 10 tips to better passwordsLet me in! 10 tips to better passwords
Let me in! 10 tips to better passwordsMarian Merritt
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProRonald Soh
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slidesjubke
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Keeping hackers out of your POS!
Keeping hackers out of your POS!Keeping hackers out of your POS!
Keeping hackers out of your POS!AVG Technologies AU
 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital AgeMarian Merritt
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh  building trust in the digital age teenagers and studentsRayane hazimeh  building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh  building trust in the digital age teenagers and studentsRayane hazimeh  building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and studentsRayane Hazimeh
 
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Tom Eston
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 

Ähnlich wie eSecurity! Keeping your Business and Customers Safe (20)

Users awarness programme for Online Privacy
Users awarness programme for Online PrivacyUsers awarness programme for Online Privacy
Users awarness programme for Online Privacy
 
Online reputation
Online reputationOnline reputation
Online reputation
 
E business internet fraud
E business internet fraudE business internet fraud
E business internet fraud
 
Online reputation
Online reputationOnline reputation
Online reputation
 
How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!How I'd hack into your business and how you can stop me!
How I'd hack into your business and how you can stop me!
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
 
Let me in! 10 tips to better passwords
Let me in! 10 tips to better passwordsLet me in! 10 tips to better passwords
Let me in! 10 tips to better passwords
 
Cyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-ProCyber Security Awareness Training by Win-Pro
Cyber Security Awareness Training by Win-Pro
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
ICT and end user security awareness slides
ICT and end user security awareness slidesICT and end user security awareness slides
ICT and end user security awareness slides
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigation
 
Keeping hackers out of your POS!
Keeping hackers out of your POS!Keeping hackers out of your POS!
Keeping hackers out of your POS!
 
Building Trust in the Digital Age
Building Trust in the Digital AgeBuilding Trust in the Digital Age
Building Trust in the Digital Age
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh  building trust in the digital age teenagers and studentsRayane hazimeh  building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
 
Rayane hazimeh building trust in the digital age teenagers and students
Rayane hazimeh  building trust in the digital age teenagers and studentsRayane hazimeh  building trust in the digital age teenagers and students
Rayane hazimeh building trust in the digital age teenagers and students
 
Judy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 PresentationJudy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 Presentation
 
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
Five Lessons Learned From Breaking Into A Casino: Confessions of a Penetratio...
 
Basic Security Training for End Users
Basic Security Training for End UsersBasic Security Training for End Users
Basic Security Training for End Users
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
security.ppt
security.pptsecurity.ppt
security.ppt
 

Mehr von AVG Technologies AU

How To Be Facebook Friends With The Boss & Keep Your Job
How To Be Facebook Friends With The Boss & Keep Your JobHow To Be Facebook Friends With The Boss & Keep Your Job
How To Be Facebook Friends With The Boss & Keep Your JobAVG Technologies AU
 
Computing on the Move - Mobile Security
Computing on the Move - Mobile SecurityComputing on the Move - Mobile Security
Computing on the Move - Mobile SecurityAVG Technologies AU
 
The Endless Wave of Online Threats - Protecting our Community
The Endless Wave of Online Threats - Protecting our CommunityThe Endless Wave of Online Threats - Protecting our Community
The Endless Wave of Online Threats - Protecting our CommunityAVG Technologies AU
 
AVG Community Powered Threat Report: Q1 2012
AVG Community Powered Threat Report: Q1 2012AVG Community Powered Threat Report: Q1 2012
AVG Community Powered Threat Report: Q1 2012AVG Technologies AU
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityAVG Technologies AU
 

Mehr von AVG Technologies AU (7)

AVG Threat Report Q4 2012
AVG Threat Report Q4 2012AVG Threat Report Q4 2012
AVG Threat Report Q4 2012
 
AVG Q3 2012 Threat Report
AVG Q3 2012 Threat ReportAVG Q3 2012 Threat Report
AVG Q3 2012 Threat Report
 
How To Be Facebook Friends With The Boss & Keep Your Job
How To Be Facebook Friends With The Boss & Keep Your JobHow To Be Facebook Friends With The Boss & Keep Your Job
How To Be Facebook Friends With The Boss & Keep Your Job
 
Computing on the Move - Mobile Security
Computing on the Move - Mobile SecurityComputing on the Move - Mobile Security
Computing on the Move - Mobile Security
 
The Endless Wave of Online Threats - Protecting our Community
The Endless Wave of Online Threats - Protecting our CommunityThe Endless Wave of Online Threats - Protecting our Community
The Endless Wave of Online Threats - Protecting our Community
 
AVG Community Powered Threat Report: Q1 2012
AVG Community Powered Threat Report: Q1 2012AVG Community Powered Threat Report: Q1 2012
AVG Community Powered Threat Report: Q1 2012
 
Emerging Threats and Trends in Online Security
Emerging Threats and Trends in Online SecurityEmerging Threats and Trends in Online Security
Emerging Threats and Trends in Online Security
 

Kürzlich hochgeladen

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 

Kürzlich hochgeladen (20)

Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 

eSecurity! Keeping your Business and Customers Safe

  • 1. eSecurity! Keeping your Business and Customers Safe Michael McKinnon, Security Advisor mmckinnon@avg.com.au
  • 2. Let’s Work Together to Protect Us A little bit about AVG Australia New Zealand • We are an Avalanche Technology Group company, has been operating in Bayside suburbs for many years. • Our AVG Free Edition product is widely known throughout the world with over 98 Million Users • What will we be covering tonight? • How can I protect my business and customers? • Why is it important to do so? • Top 10 Practical Tips to Secure your Business • An exclusive offer for BBN Members, supporting local bayside businesses  2
  • 3. As if running a Business isn’t Hard Enough! As more Businesses take advantage of the booming Internet economy, so too do the criminals, intent on getting what they can... Often at the sacrifice of your Reputation, your Money, or even-worse your entire Business. 3
  • 4. The Stakes are Higher Than Ever Distribute I.T. Pty Ltd, started in 2002 and collapsed in June 2011 due to a Hacking Incident... 4
  • 5. What are the Threats? • Vectors: • Payloads: • Web Pages • Malware • E-mail Attachments • Trojan horses • Pop-Up Windows • Worms • Network Based • Spyware • Instant Messaging • Password Stealers • Chat Rooms • Keyboard Loggers • Deception 5
  • 6. Growth of Malicious Computer Code 6
  • 7. 10 Tips to Secure Your Business 1. Use Secure Passwords 2. Control your Internet Connection 3. Secure your Wireless Networks 4. Secure your Mobile Devices 5. Apply all Software Updates on all Computers 6. Prevent Viruses & Malware 7. Reduce Spam 8. Smart settings on your Internet Browsers 9. Secure Internet Banking 10. Be Aware of Scams and Social Engineering Tactics 7
  • 8. #1 Passwords – Back to Basics What should be aim for in a password? • Should be easy to remember • Should be hard to guess (and “brute-force”) 8
  • 9. #1 Passwords – World’s Top 10 Most Used • 123456 • 12345 • 123456789 • Password123 • Password • 1234567 • 12345678 • abc123 • 654321 • Qwerty 9
  • 10. Can you guess their password? 10
  • 11. #1 Passwords – Rank in order of Strength 1. E56#av+Yb! 2. Password123 3. aaaaaAAAAA#####43 4. 123456 5. lucasjames 11
  • 12. #1 Passwords – Why Size Matters! Length is more important than randomness... 0 – 9 = 10 A – Z = 26 a – z = 26 #$%^ etc. = 10 That’s 72 combinations for each letter of your password, for a 10 letter password that’s 72^10 12
  • 13. #1 Passwords - Summary • Never, never, ever give your password to someone else! • Absolute minimum of 10 characters • Use a mix of UPPER and lowercase; and at least one numeral; and At least one symbol character • Remember: Length is always better than Randomness! • MUST BE EASY TO REMEMBER – so you don’t have to write them down • Strongly advise separating passwords between all different sites, just needs a few characters different. 13
  • 14. #2 Control your Internet Connection • Change the default password on your Routers/Firewalls • Only allow Outgoing connections for known services – generally this means choosing the highest security level in the Firewall • Consider turning off the Internet when it is not being used – i.e. Weekends • If unsure of the setup or configuration, always consult with an IT Professional and ask for them to explain how they are making it secure. 14
  • 15. #3 Secure your Wireless Networks • Amazing how many • Never use “WEP”, always use “WPA” or “WPA2” • If you have visitors that want wireless access, have an IT professional setup a “DMZ” wireless network that only provides Internet access only – and not into your internal network • Exception to our Password Rule here – the wireless encryption key should NOT be easy to remember (it will be too long), and should be written down somewhere safe 15
  • 16. #4 Securing Mobile Devices for Business • Use of these devices has grown at an astonishing rate, and attacks are starting to appear • Always turn-on PIN number locking features • iPhone users can use Apple’s “Find My iPhone” application to recover a lost/stolen device or remote wipe. • Android phone users can use AVG Mobilation to recover lost/stolen phone or remote wipe. 16
  • 17. #5 Always Apply Software Updates • Why are so many people afraid of Software Updates? • Rule No. 1 – Always Install the Latest Updates • Rule No. 2 – Refer to Rule No. 1 • Turn On Automatic Updates • This applies to updates for EVERYTHING, including: • Windows or Mac OS-X • Adobe Flash and PDF Reader • Java, and Internet Web Browsers (Firefox, Chrome etc.) 17
  • 18. #6 Prevent Viruses and Malware • Use an Internet Security solution that includes: • Scanning of e-mail attachments • Scanning of web-links that blocks access to pages • Regular scheduled scanning of files on your computer • Never, never, ever, use Peer to Peer networks like BitTorrent • Don’t forget to install an Antivirus software on the office File Server! 18
  • 19. #7 Reduce Spam • If you don’t know who sent you and e-mail, delete it. • Far easier to say, much harder to do! • Need to be vigilant • Have an Anti-spam software solution in place • Reduce Spam for others as well by protecting your own business domain • Implement Sender Policy Framework (SPF) or Domain Keys (DKIM) – speak to an IT professional • Change your e-mail account passwords regulary (especially POP and IMAP accounts) 19
  • 20. #8 Use Smart settings on Internet Browsers • Which Browser do you use? • Internet Explorer, Firefox, Chrome, Safari… • Is it up to date? Make sure it is! • Don’t let the browser remember passwords, because if it gets hacked all your passwords can be stolen! 20
  • 21. #9 Secure your Bank Accounts • Know the web address (URL) of your Internet Banking website – be aware of any misspelling or anything unusual • Always make sure your Internet Banking website is secured by HTTPS (Secure) – look for padlock • Insist on “Two-Factor” authentication for Business Banking; either a security token or SMS response code is OK • Contact your bank ASAP if you find anything unusual 21
  • 22. #10 Be Aware, Be Very Aware Great Sources of Information • Latest security news www.avg.com.au • Information on Scams www.scamwatch.org.au • How to Clean an Infected Computer www.icode.net.au • Improving Security at Home www.cybersmart.gov.au • Defence Signals Directorate www.dsd.gov.au/infosec 22
  • 23. Who needs to know all of this stuff? • Business Owners • All Staff • Temps and Contractors • Everyone! • Don’t underestimate the power of some basic IT knowledge when it comes to improving security! 23
  • 24. What is your Business Risking? • Data / Information • Trade Secrets, things you don’t want competitors to know • Financial Data, could be deleted or tampered with • Payroll Information, could be shared with staff • Any number of items! • Money • Available through your Internet Bank Accounts • Credit Card Details 24
  • 25. Questions? Thank you  And who won the door prize? Michael McKinnon Security Advisor mmckinnon@avg.com.au 25