presents security awareness workshop audio introduction customized with your organizations name !!...
TRANSCRIPT
Presents
Security Awareness WorkshopAudio introduction customized with your organization’s name !!
Protect IT
We interrupt this demonstration version of the Protect IT: Security Awareness Workshop to let you know that the full
version of the workshop is available from:
Security Awareness, Inc3837 Northdale Blvd., Suite 320
Tampa, FL 336241-888-807-0888
Outside North America: 1-813-681-0095Email: [email protected]
On the web at: www.securityawareness.com
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Workshop Objectives
• What is security awareness?
• Your responsibilities
• Security issues you may face
• What should you do?
The Protect IT workshop is designed to educate [your-name] staff on the following:
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
What is Security Awareness?
Security awareness is the advantage of knowing what types of security issues and incidents employees may face in the day-to-day routine of their corporate function.
It is knowing what to do if you feel someone is attempting to:
• wrongfully take [your-name] property or information
• obtain personal information about staff, clients or vendors
• utilize [your-name] resources for illegal or unethical purposes
There are many other security issues of which you need to be aware. We will discuss them in detail.
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Responsibility:
As an employee or contractor of [org-name], it is your responsibility to help in the protection and proper use of our information and technology assets.
What is Expected of You?
We are counting on you!
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
What does this mean to you?
During your typical day, you may be exposed to situations where you may become aware of an attempt to breach an area of security.
• quickly• appropriately
• knowledgeably
You need to be prepared to act:
Remember, the resources you are protecting are there to help make your job easier.
What is Expected of You?
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
What Are “Information and Technology Assets”?
This term loosely describes the wide range of informationsources that our organization uses and the equipment thatwe use to access, process, and store this information.
Examples include:
Computers
Fax machines
Printers
Telephones
Networks
Software
Paper filesE-mail
… and more
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Why Is This So Important?
By helping to safeguard these valuable business resources you could be saving money, time, jobs, our public image and customer confidence.
Nothing can impress on you the importance of this better than real-life examples. The next pages will explain someincidents that could have been easily avoided if the staffat these companies had received some security awarenesseducation and training.
Let’s take a look . . .
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Real Life Example #1
An oil company was facing a lawsuit filed by four female employees offended by e-mail jokes that the employees felt were degrading to women. The newspapers noted at the time, "There was no indication that the women were referenced in any way in the e-mail messages”. The critical fact was that the women's e-mail addresses, for whatever reasons, had been included in the distribution list. Rather than try the case, the company paid the women $2.2 million plus legal fees and court costs.
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
A report from Computer Economics says that virus attacks cost organizations around the world $17.1 billion in 2001. The report concludes that over the last three years, a major programming shift has occurred with viruses becoming far more malicious, being specifically designed for destruction and damage.
Imagine what this has cost each of us, directly or in-directly, through increased prices and lost jobs.
Real Life Example #2
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
The Business Software Alliance has reported that a major U.S. university recently paid $100,000 to settle claims that it had pirated Corel, Microsoft, Adobe and other companies’ software on school computers.
The BSA said it has collected over $47 million in corporate piracy claims over the past seven years.
Real Life Example #3
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Recently, the former President of the United States, Bill Clinton, signed into law a bill which authorizes and acknowledges electronic signatures on legal documents.
As an example, the President also signed the bill electronically utilizing a ‘smart card’ and his password.
People world-wide watched as he entered the name of his dog “Buddy” as his password.
Real Life Example #4
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
So How Do We Start?
What you can do: • Become aware - Know how to identify a potential issue - Use sound judgement
• Learn and practice good security habits - incorporate secure practices into your everyday routine - encourage others to do so as well
• Report anything unusual - notify the appropriate contacts if you become aware of a security incident
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Security Topics We Will Address
• Password construction• Password management• PC security• Backups• Building access• Social engineering• Data confidentiality
• E-mail usage• Internet usage• Viruses• Software piracy and copyrights• Telephone fraud• Personal security
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Passwords
Passwords are an integral part of overall security.
They are one of the vulnerabilities most frequently targeted by someone trying to break into a system.
If your password is compromised, your account allows the intruder access to do anything you are able to do on the system.
There are many ways that you can help protect your password and therefore, our organization’s information.
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Bad examples:
Names:• Yours• Family• Pets
Personal Information:• Hobbies• Favorite teams• Birthdays
Dictionary Words:If used by themselves simple words make a bad password
Numbers:Numbers alone arenot a good password
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Why are those bad examples?
Many of the items mentioned as bad examples would be easy for someone to guess if they knew you or were able to obtain information about you.
A hacker or cracker may utilize a password cracking program. These programs will check every word in a dictionary, lists of common names, and all combinations of numbers against your password within seconds.
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Guidelines for a better password:
Do not use names
Do not use personal information
Do not use dictionary words
Use at least eight (8) characters
Use both letters and numbers
Use special characters if possible (@#&$)
Use UPPER and lower case
Combine misspelled words
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Methods for creating strong passwords you can remember.
The Vanity Plate
Think of a password like a ‘vanity’ license plate utilizing letters and numbers to make up a phrase.
Too late again = 2L8again
Music is for me = MusikS4me
Day after today = dayFter2day
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Compound Words
Compound words that we use every day are easy to remember. Spice them up with numbers and special characters. Also, misspell one or both of the words and you'll get a great password
Deadbolt = Ded&bowlt8
Blackboard = blaK4#borD
Seashore = Seee@SHorr
Methods for creating strong passwords you can remember.
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Phrases
Use the first letter of each word in a phrase or sentence.
Jack and Jill went up the hill to fetch a pail of water
J&Jwuth2fapoW
Methods for creating strong passwords you can remember.
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Phrases
Use the first letter of each word in a phrase or sentence.
I spent too much at the fair last night
Is2matfln
Methods for creating strong passwords you can remember.
Password Construction
Copyright 2001-2003 - Security Awareness, Inc (This notice and logo does not appear in the licensed version)
Phrases
Use the first letter of each word in a phrase or sentence.
Gee, what I would give for a really good password
GwIwg4argpw
Methods for creating strong passwords you can remember.
Password Construction
Full Workshop Contents
The full version of the workshop covers the topics of:
The information contained within this workshop has been considered invaluable to the organizations that utilize it. Users are made aware
that they share the responsibility to protect your Information Technology resources. They also learn that they are protecting
valuable tools and information that make their jobs easier.
• Identity theft• E-mail usage• Internet usage• Viruses• Software piracy and copyrights• Telephone fraud• Personal security
• Password construction• Password management• PC security• Backups• Building access• Social engineering• Data confidentiality• Privacy
A twenty question quiz is included. Have your staff take the quiz before the presentation starts and then again at the end of the presentation.
You can measure effectiveness almost immediately!
Quiz included !!
Full Workshop Contents
The Protect IT: Security Awareness Workshop includes:
- The full presentation on CD-ROM
- A printed copy of the presentation handouts
- Printed speaker notes (complete with transition markers)
- A guide to help with a successful presentation
- Customization instructions
- A customized audio introduction
- Course updates provided free during valid license period
Prepared for [your-name]
by
Copyright 2001-2003 - Security Awareness, Inc.Licensed to [your-name] for internal use only
This copyright notice may not be removed from this presentation for any reason.
Thank you for attending today’sProtect IT security awareness workshop.
We hope that this information is helpful to you in your role here at [your-name].
Security Awareness, Inc3837 Northdale Blvd., Suite 320
Tampa, FL 336241-888-807-0888
Outside North America: 1-813-681-0095Email: [email protected]
On the web at: www.securityawareness.com