IT security measures.

Page 2

Instructor, PACE-IT Program – Edmonds Community College

Areas of Expertise Industry Certification

PC Hardware

Network Administration

IT Project Management

Network Design

User Training

IT Troubleshooting

Qualifications Summary

Education

M.B.A., IT Management, Western Governor’s University

B.S., IT Security, Western Governor’s University

Entrepreneur, executive leader, and proven manger with 10+ years of experience turning complex issues into efficient and effective solutions.

Strengths include developing and mentoring diverse workforces, improving processes, analyzing business needs and creating the solutions required— with a focus on technology.

Brian K. Ferrill, M.B.A.

Page 3

IT security measures.

– Principle of least privilege.

– User education.

– Digital security.

PACE-IT.

Page 4

Principle of least privilege.IT security measures.

Page 5

Principle of least privilege.

As the admin, only assign the minimum rights and permissions that are needed to get the job done.

Least privilege is an effective security measure. Unless the top level administration group is compromised, it is easier to contain a breach. People can get annoyed with this policy, as they only have the bare minimum of rights and permissions required to do their job.

Educate the users and avoid the creep of privileges.

IT security measures.

Page 6

User education.IT security measures.

Page 7

User education.

– Help the user to understand security risks.

– Train the user on:» Strong passwords.» Least privilege.» Malware.» Keeping up to date.» Social engineering.» Other attack vectors.

– Training can be formal and documented.

– Training can be informal.

IT security measures.

Page 8

Digital security.IT security measures.

Page 9

Digital security.

Antivirus software should be installed, active, and up-to-date on every machine.

Make sure your antivirus software is able to do its job effectively. If it is not installed, it can’t stop an virus. If it is not active, it can’t stop a virus. If it is not up-to-date, it won’t recognize the virus.

IT security measures.

Page 10

Digital security.

Spyware is malicious code that collects information about the system and may change some settings.

Antispyware can prevent that code from running. It can also asses a system and help an administrator or a user determine if spyware is present and what level of threat it represents.

IT security measures.

Page 11

Digital security.

Software firewalls should be installed and active on every machine.

Firewalls are the traffic cops of network traffic. They control the flow of data into and out of a PC and can prevent malicious actions from occurring.

IT security measures.

Page 12

Digital security.

– User authentication.» What you know.» What you have.» What you are.» Combine the factors for increased security.

– Strong passwords.» Strongest: random string of letters, numbers, and

symbols.» Weakest: words, consecutive numbers, anything

that’s easily guessed.

IT security measures.

Page 13

Digital security.IT security measures.

Password suggestions.

1) Think of a phrase that can be remembered.» IT security is essential.

2) Remove the spaces.» Itsecurityisessential.

3) Replace some letters with numbers and symbols.» 1Ts3curity1s3s$enti@l.

4) Replace some capital and lower case letters.» 1tS3curity1s3S$enti@l.

Page 14

“How secure is your system? It all begins with you!”

– Brian Ferrill

Page 15

What was covered.IT security measures.

Only assign the minimum necessary rights and permissions needed to get the job done. This helps to contain the problem when a breach occurs.

Topic.

Principle of least privilege.

Summary

Help people to understand what they don’t know. People will only adhere to the security measures that they know and understand. Education can be formal or informal.

User education.

Antivirus, antispyware, firewalls, user authentication, and strong passwords all make for a more secure digital environment.Digital security.

Page 16

THANK YOU!

This workforce solution was 100 percent funded by a $3 million grant awarded by the U.S. Department of Labor's Employment and Training Administration. The solution was created by the grantee and does not necessarily reflect the official position of the U.S. Department of Labor. The Department of Labor makes no guarantees, warranties, or assurances of any kind, express or implied, with respect to such information, including any information on linked sites and including, but not limited to, accuracy of the information or its completeness, timeliness, usefulness, adequacy, continued availability or ownership. Funded by the Department of Labor, Employment and Training Administration, Grant #TC-23745-12-60-A-53.

PACE-IT is an equal opportunity employer/program and auxiliary aids and services are available upon request to individuals with disabilities. For those that are hearing impaired, a video phone is available at the Services for Students with Disabilities (SSD) office in Mountlake Terrace Hall 159. Check www.edcc.edu/ssd for office hours. Call 425.354.3113 on a video phone for more information about the PACE-IT program. For any additional special accommodations needed, call the SSD office at 425.640.1814. Edmonds Community College does not discriminate on the basis of race; color; religion; national origin; sex; disability; sexual orientation; age; citizenship, marital, or veteran status; or genetic information in its programs and activities.