keeping 'em safe: ways to protect your clients online

Keeping 'em Safe:8 More Ways to Help Your Clients

More than 8 in 10 US small businesses believe their firms are safe from cyber threats yet

almost 80% have no formal security policies in place.

You can be attacked and not even know it. Even worse, your system could be used to attack

other people, and you may not know it.

What Is Cyber Crime?● Spam● Fraud● Obscene or offensive content● Harassment● Child pornography● Drug trafficking● Cyber terrorism● Cyber warfare

Who Is Behind Cyber Crime?

● Script kiddies● Hacktivists● Individual miscreants● National & transnational organized criminal

enterprises● Nation states

Why Should You Care?● Your clients trust you with very sensitive data. ● If they become victims, your clients have less of

an ability to bounce back.● Systems that are used to commit crimes often

support the same organized networks that are behind human trafficking, identity theft, child pornography, and other issues you battle against daily.

Biggest Threat?

You

What? No Way!● Acting maliciously● Forgetting to log off● Losing laptops, USB keys, or smartphones● Storing client data in questionable places● Downloading viruses and malware● Using social network sites carelessly● Leaving metadata in documents● Having bad password practices● Getting tricked

Acting maliciously

What You Can Do● Put policies in place and enforce them● Trust your gut

Forgetting to log off

What You Can Do● Log off when you leave your computer● Shut down your computer at the end of the

day● Set up your computer to automatically lock

when the screensaver comes on

Losing laptops, USB keys, or smartphones

What You Can Do● Pay special attention and be careful● Store only the client data you absolutely need● Encrypt your data● Set up phones so you can erase them remotely● Use strong passwords● Back up the data before you leave

Storing client data in questionable places

What You Can Do● Read privacy policies● Develop a set of approved sites that client

information can be stored on and train staff to not store data on any other sites

● Don't include identifiable client information in emails

Downloading viruses and malware

What You Can Do● Patch software and systems religiously● Read before you click● Ask if the email or attachment seems “funny”● Avoid downloading screensavers, fonts, & porn● Use your anti-virus software● Ignore any website that pops up a virus warning

Using social network sites carelessly

What You Can Do● Be careful what you click● Don't friend people you don't know● Use strong passwords● Avoid playing games and installing applications● Be very careful about what you post

Leaving metadata in documents

What You Can Do● Clean metadata from documents before sending

electronic copies● Use the Document Inspector tool in Office● Download and use Metadata Removal tool for

WordPerfect

Having bad password practices

What You Can Do● Use strong passwords● Change passwords quarterly● Don't use a password for more than one site● Don't share passwords● Establish password guidelines for the

organization and follow them● Try a password manager

Getting tricked

What You Can Do● Be skeptical● Don't give anyone your passwords● Don't click a link to your bank website

What If?● Tell your supervisor immediately● Be prepared to help figure out what happened● Notify the proper authorities

Who Are the Proper Authorities?

Computer Intrusion Local FBI OfficeUS Secret ServiceInternet Crime Complaint Center

Password trafficking Local FBI OfficeUS Secret ServiceInternet Crime Complaint Center

Counterfeiting of currency US Secret Service

Who Are the Proper Authorities?

Child pornography or exploitation

Local FBI OfficeUS Customs and Enforcement (if imported)Internet Crime Complaint Center

Internet fraud & SPAM Local FBI OfficeUS Secret Service (Financial Crimes Division)Federal Trade CommissionSecurities & Exchange Commission (if securities/investment-related)Internet Crime Complaint Center

Internet harassment Local FBI Office

Resources● Cybercrime Reporting

http://www.cybercrime.gov/reporting.htm

● Stay Safe Onlinehttp://www.staysafeonline.org/

● US CERThttp://www.us-cert.gov/nav/nt01/

Resources● US CERT

http://www.us-cert.gov/cas/tips/

● OnGuard Onlinehttp://www.onguardonline.gov/topics/computer-security.aspx

Picture AttributionsIn orderhttp://www.flickr.com/photos/jesseshapins/3788641411/http://commons.wikimedia.org/wiki/File:Harry_Potter_Lightning.gifhttp://commons.wikimedia.org/wiki/File:Computer_n_screen.svghttp://www.flickr.com/photos/dunechaser/385847284/sizes/l/http://www.flickr.com/photos/sravi_in/3623242288/sizes/z/http://www.flickr.com/photos/stukjefotogebeuren/2081170312/http://www.flickr.com/photos/librarianbyday/3983719036/http://www.flickr.com/photos/booleansplit/4650422195/http://www.flickr.com/photos/the-icing-on-the-cake/2424326595/http://www.flickr.com/photos/sshb/3619977273/http://www.flickr.com/photos/esm723/4377802647/http://www.flickr.com/photos/stevendepolo/4027405671/

Contact Information

Kate BladowFounder & Strategistpresentations@poweredpursuits.com