computer / internet security whpl

Computer / Internet SecurityWest Haven Public Librarywww.westhavenlibrary.org

Computer / Internet Security

•Use of internet services are unavoidable▫Job applications, school applications, taxes,

credit, banking, DMV forms, personal communication (email), social networking (facebook), shopping, research, entertainment

•All parts of your life potentially have an online counterpart

Computer / Internet Security

•Everything you do online…▫Every account you make▫Every purchase▫Every job application

•Creates data about you

Computer / Internet Security

•Not always a bad thing… BUT▫Danger in losing control of your data

(accounts)▫Danger in over sharing▫Danger in important data being destroyed

(photos, records, documents)

Good NewsIt’s easy to stay safe and protect yourself

Computer / Internet Security

Goals

•Secure your data•Keep what’s private PRIVATE

•Prevent attack/ intrusion•Prepare for the worst, prevent loss

Computer / Internet SecurityGoals Action

• Secure your data

• Keep what’s private PRIVATE

• Prevent attack/ intrusion

• Prepare for the worst, prevent loss

• Use better password practices

• Be aware of what/how you share

• Be proactive- use protective software- be vigilant

• BACKUP, BACKUP, BACKUP

Data?

•Your data is anything on your computer or information stored in online accounts▫Documents, files, photos▫Online shopping sites▫Banking, credit card▫Social networking profiles

•Data that you own/control•Private (banking info)•Public (online profiles)

Why bother?

•Whether public (online profiles) or private (financial info) you need to stay in control

•Ensure that only authorized people can access your data, accounts, files

Web-based accounts and services are increasingly important

Dangers

•Breaches can come from ▫Leaked/ stolen data Leaked by a company or organization

Stolen via virus on a computer you use

▫Targeted attacks▫Automated attacks- cracks

Dangers

•Virus, Malware, Spyware, Adware, Trojans▫Software created to steal information,

change settings, destroy files, take control of your system

▫Most commonly contracted online unbeknownst to the user Email attachments, malicious websites,

software downloads, toolbars

Secure Your Data

•Biggest step is use better password practices▫more difficult to guess▫Harder to crack (longer in length)▫Make it easier to deal with if

username/passwords are leaked

Better Passwords

•Don't use passwords that are based on personal information that can be easily accessed or guessed.▫It may be easier than you think to guess

your pet’s name, birthday, child’s name, favorite color, mother’s maiden name, etc.

▫“password” “love” are extremely common and easily guessed

25 Worst Passwords of 20111. password2. 1234563.123456784. qwerty5. abc1236. monkey7. 12345678. letmein9. trustno110. dragon11. baseball12. 11111113. iloveyou

14. master15. sunshine16. ashley17. bailey18. passw0rd19. shadow20. 12312321. 65432122. superman23. qazwsx24. michael25. football

http://mashable.com/2011/11/17/worst-internet-passwords/

Better Passwords

•Don't use words that can be found in any dictionary of any language.▫A single word, spelled correctly, is easy to

check against a dictionary▫Single words are also short, easy to break

using random guesses.

Stronger Passwords

•Use both lowercase and capital letters.•Use a combination of letters, numbers,

and special characters.

▫Maine96knees@MtSnow

•Develop a mnemonic for remembering complex passwords.

Stronger Passwords

•Use passphrases when you can.▫Longer in length- harder to guess/ crack▫Easier to remember

▫puppytograndmasforsummervacation

Stronger Passwords

•Use different passwords on different systems

▫If you use the same password at one site that is broken into- then attackers can access your data at other sites using that same username/password.

Use different passwords on different systems

Keep what’s private PRIVATE

•Be aware of what you share•When creating an account consider who

you are giving your data to•Any site asking for banking, social

security, or login information for a different site should be closely examined.

Keep what’s private PRIVATE

•When creating accounts consider what you are entering and how it will be used

•You decide your comfort level with what you share

Email

•Email is more like a postcard than a letter

•Chances are no one other than the recipient will see it BUT it is possible for others see its content along the way (just like a postcard)

•Do not email: credit card #, logins/passwords

Web Addresses- URL

URL (Uniform Resource Locator)

The address that connects you with a website.

Parts of the URLhttp://www.google.com

http:// = protocol [Hypertext Transfer Protocol]www. = World Wide Webgoogle = domain name.com = domain type

Domain Types.com = commercial.org = generally nonprofit organizations .edu = higher education.gov = U.S. government agency

Browsing the Web- Secure Sites

•Any site asking for sensitive info should be encrypted (Banks, Insurance, etc.)

•Encrypted site addresses begin with ▫https://www.google.com- ENCRYPTED▫http://www.google.com- NOT encrypted

Browsing the Web- Secure Sites

Browsing the Web

•As you browse the web- websites collect info about you

•Your web browser keeps a history and collects cookies from websites

•Use your browser settings to:▫Clear your browser cache/history/cookies▫Limit 3rd party cookies

Keep what’s private PRIVATE

•If you have WiFi at home, set a password▫Keep your neighbors off your network

(unless you want them there)

▫Refer to the directions that came with your Router/Modem/Wifi

Prevent attack/ intrusion

•A Virus will get in through an open door or you unwillingly open the door yourself

Anti-Virus

•A program that scans your files and actively monitors to prevent infection

•Once installed, anti-virus monitors for virus activity, quarantines, and deletes

•Be sure to frequently run the virus scan•Be sure that “definitions” are updated

Anti-Virus

•Free▫AVG▫Avast▫Microsoft Security Essentials

www.windows.microsoft.com/mse

•Commercial▫McAffee▫Symantec Norton▫Bit Defender

Prevent attack/ intrusion

•Be vigilant•Don’t download email attachments that

you don’t trust•If something from someone you trust

looks suspicious check with them before opening

Prevent attack/ intrusion

•Scareware▫Virus/Malware that looks like an anti-virus

program▫Popup while browsing the web

•Know what Anti-virus you have and how to use it

Fake Anti-Virus Warning

Prepare for the worst

•Backup your important files▫Keep duplicate copies

•Worst case scenario: you will still have what’s important to you

•Keep your backup current

Prepare for the worst

•Backup files locally▫Copy to cdr▫Flash drive▫external hard drive

•Paper copies ▫tax returns▫Important photos

Prepare for the worst

•Cloud storage- files copied to a secure site over the internet▫Be sure that service is reputable, safe,

stable▫Backup regularly

Resources• http://www.us-cert.gov/cas/tips/• http://www.ftc.gov/bcp/edu/microsites/onguard/

westhavenlibrary.org

David Cirella- dcirella@westhavenlibrary.org, 2012-03-01