computer security awareness. sans securing the human it purchased licenses for all

Computer Security Computer Security AwarenessAwareness

SANS Securing the Human

http://www.securingthehuman.org/ IT purchased licenses for all SAP GUI users

to have access to online security awareness training modules. There are modules on all security topics and a simple one question verification at the end. There are still licenses available. If you want a license let me know and you will receive an email shortly with the site and login information necessary to access the training.

Computer Security Awareness 04/19/23

http://www.securingthehuman.org/


Security AwarenessDescription:

Security awareness is the knowledge of potential threats and the ability to anticipate what types of security issues and incidents faculty, staff, and students may face in their day-to-day functions. Technology alone cannot provide adequate information security. Awareness and personal responsibility are critical to the success of any information security program.

Krizi Trivisani, Chief Security Officer, The George Washington University


Information Security Involves three elements

Confidentiality: Ensuring information is disclosed to, and reviewed exclusively by intended recipients / authorized individuals.

Threats include Phishing, Malware and unpatched systems (both operating systems and applications). Governed by red flag rules, federal laws and State Privacy disclosure laws.

Integrity: Ensuring the accuracy and completeness of information and processing methods.

Business process improvement and verification processes.

Availability: Ensuring that information and associated assets are accessible, whenever necessary, by authorized individuals.

Disaster Recovery / Business Continuity planning.Source: : Microsoft Security Resource Kit


In the News Total Breaches in 2012

680 Breaches made public 27,485,573 Records

.EDU breaches in 2012 (13% of the total breaches) 84 Breaches made public 1,503,851 Records

Total Breaches as of February 25’th 2013 63 Breaches made public (6 of these were .edu) 127,042 Records (3,780 records in .edu domain)

February 13, 2013 - University of North Carolina Chapel Hill, North Carolina- A cyber attack on two servers resulted in the exposure of employee information. The servers were at the UNC Lineberger Comprehensive Cancer Center. Employees, contractors, and visiting lecturers at the Lineberger Center may have had their Social Security numbers or passport numbers exposed. The breach was discovered in May of 2012 and notifications were sent in December of 2012. Fewer than 15 people who were subjects in research studies were also affected by the breach. 3,500 records

Source: : www.privacyrights.org

http://www.privacyrights.org/


In the NewsOctober 16, 2012 - University of Georgia (UGA) - Athens, Georgia - The passwords of two University of

Georgia (UGA) IT employees were reset and misused by an intruder. Names, Social Security numbers, and other sensitive data of current and former school employees may have been exposed. The breach may have begun as early as September 28, 2012. 8,500 records

September 28, 2012- University of Chicago - Chicago, Illinois - A postcard mailed to University of Chicago employees contained their Social Security numbers. The cards were mailed on September 24 to remind employees about open enrollment, but also had Social Security numbers printed on the outside. 9,100 records.

July 25, 2012 - Oregon State University - Corvallis, Oregon - An unnamed check printing vendor for the University copied data from the University's cashier's office during software upgrades. The information included 30,000 to 40,000 checks that contained student and employee names, University IDs, check numbers, and check amounts. Current and former student, faculty, and staff records older than 2004 may have included Social Security numbers. it does not appear that the vendor acted with malicious intent. 21,000 records.

Source: : www.privacyrights.org

http://www.privacyrights.org/


Closer to Home


Most Noteworthy Laws Governing Data Protection

GLBA (Gramm-Leach-Bliley Act)A Federal law that requires financial institutions to develop, implement, and maintain administrative, technical, and physical safeguards to protect the security, integrity, and confidentiality of customer information.

HIPAA (Health Insurance Portability and Accountability Act)Establishes national standards for the protection of certain health information.

FERPA (Family Educational Rights and Privacy Act) Protects the privacy of student education records.

Mississippi Data Breach LawPersonal information covered by this law includes a person’s first name, or first initial and last name, plus social security number, driver’s license number, state identification number, or credit/debit card number with access code or password.


What are the Threats? Security Architecture

Firewalls Anti-Virus

Unpatched Client Side Software and Applications Zero-day attacks Accessing Malicious Web Sited (Clicking links in emails) Poor Configuration Management

Screen Saver set on office PC’s Passwords required on startup Permit remote access only after VPN connection established

Cloud Computing / Storage – (Dropbox etc… No confidential data) Removable Media

Use 256 bit encryption either via software or hardware Mobile Devices Botnets Phishing

Collection of Recent Phishing



From: [email protected]: Thursday, February 21, 2013 11:33 AMSubject: Mailbox Capacity Exceeded Your mailbox has exceeded its allowable storage space. To improve storage capacity for better functionality of your e-mailbox, you are required to click or copy and paste the below link in a web page, then follow the instruction therein. Click below to enhance mailbox capacity http://auchibreaking.medianewsonline.com/login.php Thanks for your co-operation!

http://auchibreaking.medianewsonline.com/login.php


From: Social Security [mailto:[email protected]] Sent: Sunday, February 03, 2013 5:36 AMTo: misuseSubject: Update your Social Security online

my Social Security– Sign In Or Create An Account At each stage of your life, my Social Security is for you. Your personal online my Social Security account is a valuable source of information beginning in your working years and continuing throughout the time you receive Social Security benefits.If You Receive Benefits, You Can:Use a my Social Security online account to:•Get your benefit verification letter; •Check your benefit and payment information and your earnings record; •Change your address and phone number; and •Start or change direct deposit of your benefit payment.If You Do Not Receive Benefits, You Can:Use a my Social Security online account to get your Social Security Statement, to review:•Estimates of your retirement, disability, and survivors benefits; •Your earnings record; and •The estimated Social Security and Medicare taxes you’ve paid.How Do I Create A my Social Security Online Account?To create an account, you must provide some personal information about yourself and give us answers to some questions that only you are likely to know. Next, you create a username and password that you will use to access your online account. This process protects you and keeps your personal Social Security information private.To get started, select this button:Sign In or Create an Account <<<< This points to :http://www.coreencon.com/images/stories/social.login/social.login/

http://www.core-encon.com/images/stories/social.login/social.login/


























From: no-reply [mailto:[email protected]] Sent: Thursday, January 24, 2013 8:35 AMSubject: Your account has been temporarily limited Dear Customer,

Your account has been temporarily limited. To remove the limitation from your account please sign in to your online banking torecognize that you are the account holder. For confirmation, please click the link below:

Sign In to Bank of America online account <<<< http://teknikismetal.com/kay

We apologise for any inconvenience caused. Thank you. Copyright © 1999-2013 Bank of America Corporation. All rights reserved.

http://teknikismetal.com/kay


From: Delta Air Lines [mailto:[email protected]] Sent: Wednesday, January 23, 2013 7:51 AMSubject: Your account has been flagged Dear Customer, Your Delta SkyMiles account has been flagged as one of the numerous accounts that needs to be reviewed.The main reason for this action are: *Billing/ Payments issues Download the Attached Form on this mail to rectify this problem.

These normally come with an attachment. DO NOT OPEN!

mailto:[email protected]


From: Li Xie <[email protected]>Date: January 15, 2013, 6:03:51 PM CSTTo: "[email protected]" <[email protected]>Subject: Message From Administrator

Attention;

An automatic security update has been carried outon your email address.Click here to complete update

Please note that you havewithin24 hours to complete this update. because you might loseaccessto your Email Box.

Typos were actually in the message above.




http://record.byethost6.com/t/home.html


From: Serna Uchima, Ruben Raul [mailto:[email protected]] Sent: Friday, July 27, 2012 5:33 AMSubject: Important Notice From Help Desk Attn. Mail User! Information Technology Services (ITS) are currently updating our new website accounts. This will provide you the ability to store a greatly Increased amount of e-mail correspondence in your e-mail account. Your account has been selected, as one of the accounts that are to be upgraded. Please click the link below and follow the instruction to view our new website after login CLICK HERE: http://www.boomerangnetwork.com/phpform2/forms/form1.html The new minimum quota level for e-mail accounts will be set to 1000mb. Web Support Team !!! WARNING! !!! Failure to log out will allow others to access your account. Closing the browser window does NOT log you out properly. To log out, please click one of the "Log out" icons in the browser window.

mailto:%5Bmailto:[email protected]%5D

http://www.boomerangnetwork.com/phpform2/forms/form1.html


From: From Administrative Assistant [mailto:[email protected]] Sent: Friday, July 27, 2012 8:19 AMSubject: From Administrative Assistant.

-- From Administrative Assistant. Below is the link to download the shared document received from the Administrative Assistant Clink on the link below to login to download the report, it's important.

http://rweas.com/semesterreport/tradefile.php

To keep you inform about the next!

Administrative AssistantBCC Office of Financial Aid


-----Original Message-----From: [] Sent: Tuesday, July 24, 2012 10:28 AMTo: [email protected]: Important Notice Important Notice Hey guys Clink on the link below to login to download the Semester Report! Have you received this one? http://rweas.com/semesterreport/tradefile.php To keep you inform about the next Semester! ---- Message sent via Adam Internet WebMail - http://www.adam.com.au/

http://rweas.com/semesterreport/tradefile.php

http://www.adam.com.au/


-----Original Message-----From: cust.service@ [mailto:[email protected]]Sent: Wednesday, February 08, 2012 9:49 AMTo: [email protected]: *** Online notification - ID : GFIPJNYOCI

Dear Renasant Client,

We have an issue with your Renasant Online Banking account.

Click Here to resolve the issue :

http://security-renasant.vea.is-a-soxfan.org/renasant/index.php?activate=R2F98431G

Renasant Commercial Banking Security Department.

Message Encrypted

FEXZQVGSMONPISUYSGSLTSTRQWPMNWWKVLTRKZ



http://security-renasant.vea.is-a-soxfan.org/renasant/index.php?activate=R2F98431G


244MB244MB

Current size um

size

From: Carl Bodnar <[email protected]>Subject: Message From Microsoft HelpdeskDate: July 23, 2012 6:11:40 AM CDTTo: <[email protected]> Your mailbox is full update now.

The Microsft Helpdesk is currently updating database Server from the old Microsoft Server to the new Microsoft Server( No4407193x ) click the link below and fill all information required. CLICK HERE (** https://docs.google.com/a/smps.k12.ok.us/spreadsheet/viewform?formkey=dFplTWMzX2hqXzJEbEduU29qX3YyRVE6MQ **)Thank YouMicrosft Helpdesk Team.



https://docs.google.com/a/smps.k12.ok.us/spreadsheet/viewform?formkey=dFplTWMzX2hqXzJEbEduU29qX3YyRVE6MQ



http://www.olemiss.edu/

Computer Security Awareness


From: BancorpSouth <[email protected]>Date: Wed, Jun 13, 2012 at 10:54 AMSubject: Activate AccountTo: Recipients <[email protected]>

Your BancorpSouth Bank Card 545510XXXXXXXXX has been deactivated.To activate call 5302303680

========================================================

text message Phishing Example:

- message: -null- Please Call 248-479-1272 BancorpSouth Issue

From: Maggie Whatley [mailto:[email protected]] Sent: Sunday, January 29, 2012 3:40 PMSubject: Helpdesk: Upgrade to the New 2012 Mail Server Immediately

Dear Account Owner,

We are currently Migrating to Microsoft Exchange 2012 (from Exchange 2003/2011). With the introduction of Internet Explorer 9, Outlook Express has apparently been removed from the installation package on our Message Center. OWA 2012 provides the same conversation view and experience as Outlook 2011: By default, messages are displayed in threads so that all the messages on a particular topic are grouped. Inability to complete information on the form within 48 hours Message Center will render your e-mail in-active from our. Fill information on the Form by clicking on the link below:

http://upgradeto2012.ucoz.com/webmail.htm

You will receive an e-mail within 48 hours when your mailbox account is moved.

Thank you.Help Desk(@)2012.All Rights Reserved



More Phishing


General Tips on Phishing1. NEVER CLICK ON A LINK IN Email

2. Phishing sites typically ask for your Credit Card or other confidential information directly from the link.

3. Never respond to requests for personal information via e-mail.

4. Only visit Web sites by typing the URL into your address bar or using your favorites.

5. Check to make sure the Web site is using encryption.

6. Routinely review your credit card and bank statements.

7. Report suspected abuses to the proper authorities.


How Does IT Protect the Data


How do we Protect the Data?

Ownership of Data If you have access and you don’t need it, Let IT know If you don’t need a local copy of data from the

system, don’t make it. Destroy local copies when they are no longer needed Install Desktop Firewall Software (Symantec Endpoint

Protection has it built in) on ANY PC containing sensitive data.


How do we Protect the Data?Physical Security

Laptops Backups Portable storage

Transmission or Transportation of Data Email – UM Gmail and Ole Miss account’s

• Email is an unsecure medium

File sharing• Use Secure document exchange (found via Portal)• http://my.olemiss.edu


How do we Protect the Data?Storage (Dropbox, Google Apps etc…)

Google Apps Cloud Storage and Export ControlExport controls are United States federal government laws and regulations that

restrict the release of items, information and software to restricted foreign countries, persons and entities (including universities). Google Apps (mail, calendar, docs, etc.) is maintained on servers which may be physically located outside the United States.

Cloud storage and Google Apps should not be used to store, maintain or transmit export-controlled information. If you need to store or maintain scientific or technical information and you are not confident this is covered by export control laws, please use the secured systems physically located at the University of Mississippi.

Local Storage Delete local copies of sensitive data.

Please Review the Information Confidentiality/Security Policy for detailed storage matrix.


How do we Protect the Data?

Keep the tools Sharp The latest version of Antivirus Software from the

helpdesk now has Firewall built in. (Symantec Endpoint Protection)

Anti Virus Software updates Anti Spyware Software and updates Windows Updates Strong Passwords

• Set them• Use them• Change them often

Storage Platform

DATA TYPE IT Managed Computers, Servers,

and Storage Devices Residing in

Data Center and Approved 3rd Party

Services1

UM Google Apps 2

UM Box 2 UM Computers, Servers and

Storage Devices Connected to

Campus Network 3

Other UM Technology 4

Personally Owned / Managed

Technology

Instructional Data Must be protected by user

Must be protected by user

Must be protected by user

Student Educational Records (FERPA)

Protected Health Information (ePHI-

HIPAA)Mississippi State Law

Notice-Triggering Information *

Gramm Leach Bliley (GLBA) student loans

application information

Payment Card Information (PCI)

Sensitive Identifiable Human Subject

Research **

Export Controlled Research (ITAR, EAR)

All Other Non-Sensitive Data



How do we Protect the Data? Disable any user accounts not necessary (Guest) Deactivate peer-to-peer file sharing when not in use or

when not necessary for job function DO NOT RUN Server Software if not absolutely

necessary FTP Server WEB Server SMTP (E-Mail_ Server IRC Server

Server Registry Shutdown PC when not in use “Wipe” hard drives before salvaging


Security Checklist

1. Assign a data security person

2. Keep operating system patches up to date (daily)

3. Install antivirus/anti-Spyware software and configure daily updates

4. Use VPN when remotely connecting

5. Enable personal desktop firewall

6. Secure PC user accounts and processes


Security Checklist7. Utilize “good” passwords and change them at

least every 90 days8. NEVER use email to transmit Confidential

data. 9. Exercise Extreme Caution Using Peer-to-Peer

File Sharing10. Be very cautious with email attachments11. Perform regular scheduled backups12. Shutdown your computer when not in use

This also satisfies the “going green” initiative.


Tools Http://ITSecurity.olemiss.edu

Free annual Credit Report for MS Residents. https://www.annualcreditreport.com/

Google Alerts http://http://www.google.com/alerts

• site:pastebin.com olemiss.edu• site:olemiss.edu ssn filetype:xls

Cornell University Spider http://www.cit.cornell.edu/security/tools/

Data Encryption – http://truecrypt.org

Request a vulnerability Scan - E-mail your IP to [email protected]


Resources David Drewrey [email protected] Phone 662.915-5210

Complaints [email protected]

Ole Miss Policy Directory http://www.olemiss.edu/policies

• Select Keyword search and use computer

Remember, the Hacker only has to be right once...


Questions

computer security awareness. sans securing the human it purchased licenses for all

Documents

security topics

adequate information

information security

social security numbers

chief security officer

types of security issues

records total breaches

completeness of information