SlideShare une entreprise Scribd logo

Internet safety and you

Télécharger en tant que PPTX, PDF
A
Art Ocain

Courtney Pachucki, IT Specialist at MePush, wrote this amazing Internet hygiene presentation for users on the Web to stay safe and avoid being hacked, phished, or infected with malware. This is a basic set of guidelines to help you identify your risks on the web.

Technologie
1  sur  28
Internet Safety and You
What is MePush?
Fast Facts  The average cost of a malware attack on a company is 2.4 million dollars.  Microsoft Office formats make up the most prevalent group of malicious file extensions at 38% of the total.  21% of all files are not protected at all.  Ransomware attacks are growing more than 350% annually.
Small Businesses as a Target  43% of cyber attacks target small businesses  Small businesses are easy prey for international hacking  Small businesses are very vulnerable to generalized phishing and malware  Small businesses are easy accidental targets for script kiddies
Small Businesses as a Target  Small business owners pay ransoms  Small businesses have valuable data  Small businesses are easy for hackers to get in and stay in undetected  Lack of budget for adequate security  Lack of staff and training
Malware  Malware is any form of programming or code that can be used to expose a vulnerability or open a door to your internal network.  Types of malware:  Trojan: Malware that pretends to be other software  Spyware: Used to spy on network operations or users  Rootkit: Installed to gain hidden unauthorized control  Backdoor: Opening in the network for further exploitation
Phishing  Phishing is the practice of sending emails claiming to be from reputable companies in order to get individuals to reveal personal information.
Email Links  Do not click suspicious email links.  If you are unsure about a link, do not click on the link.  Use https://safeweb.Norton.com by copying the link’s URL and pastig it into the URL checker at Norton.  Any link can be disguised to redirect you to somewhere else  To circumvent this, just Google it.
Email Attachments  The same best practices followed with the clicking links should also be applied to email attachments.  There are resources you can use if you believe you have a file that might be malicious. You can upload the suspected file to the website https://www.virustotal.com/#/home/upload  This site will analyze the file and brief you with results if it is malicious.
Protected View  Do not use the “Enable Editing” setting if not necessary.  This can potentially allow malware to run background processes on your computer.  This can lead to ransomware and backdoors on the machine for identity theft.
Social Engineering  Social engineering is the manipulation of people into performing actions or divulging confidential information  Types of social engineering include:  Phishing  Tailgaiting  Quid pro quo
Antivirus  Antivirus tools are used to remove infections from computers using previously known hash values. Hash values are the “DNA” of the virus.  Antivirus monitoring are systems that are implemented to monitor normal user use and network behavior to alert a system administrator of a potential threat. Alerts could be too many failed login attempts to DNS spoofing and other network changes.
Web Content and Media Filtering  These tools are used to limit the risk of malware exposed to host machines and servers. Without proper web filtering, users may access sites that could put potential rootkits and backdoors on user machines, therefore allowing unauthorized access to the machine from a remote hacker.  Sites that should be blocked include sites that allow file transferring, for example torrents and The Onion Router traffic. Furthermore, blocking not suitable for work sites is needed to prevent users from accessing crude or time-wasting sites that are not suitable for company operations.
Virtual Private Network (VPN)  VPNs allow safe remote access to your company’s internal network to access documents and work remotely.  They work off individual access and encrypt traffic coming into your network to prevent attackers from stalking and watching the network traffic.  With a VPN, a user is able to remotely connect from a public network into a private network safely and securely.
Data  Data is information. It is the documents, spreadsheets, and images stored on the computer.  Data is also more than just files. Data is the configuration files, services, and programs that make your computer run. Without these files, your computer may not be able to run.
Backups  A full backup is the simplest but most data intensive and timely type of backup. This type of backup will completely record your entire computer or server to external media.  An incremental backup results in a copy of only the new data that has been created since the last backup of any type. It can be run as often as desired and is not usually time intensive or data intensive if managed properly.  A differential backup copies all of the data that has been created since the previous backup. However, each time the differential backup is run it will continue to copy all data changed since the previous file backup.
Single Point of Failure  A single point of failure is putting all your eggs in one basket. This means securing all your backups in one place such as only on a single external backup media.
Patching  Patches are fixes to a piece of software that either fix bugs, fix security vulnerabilities, or add features.  More than 70% of cyber attacks exploit patchable vulnerabilities.  Have a policy to patch your machines regularly.  Test patches on one machine before deploying to all of them.
Wireless Security  There are various forms of encryption used for wireless.  The most common is unhidden WPA2 with a pre-shared-key.  As a business, you want a strong password, pre-shared-key, for your WiFi because it has become increasingly easier to decrypt these WiFi passwords.
Compliance  Compliance means meeting all of the controls required by the governing agency  Payment Card Industry (PCI) depends on your business type  HIPAA compliance is universal and applies to any organization that store ePHI.  These regulations help protect your business from threats.  In theory if you are fully compliant, an attacker will have a difficult time compromising your data.
Dangers of Non-Compliance  General  Lawsuits for data loss  PCI  Fines from credit card companies  Increase in transaction fees  HIPAA  Fines from HIPAA regulatory bodies  Legal Fees
CyberSecurity Insurance  General Liability insurance WILL NOT cover:  Identity theft or fraud resulting from either a malicious or inadvertent security breach  Lawsuits or fines resulting from data leaked through a breach  Theft or destruction of such valuable digital assets as intellectual property or customer lists  Interruption of your business or loss of business due to a hacker or malware
CyberSecurity Insurance  Insurance companies offer cyber policies and data breach policies for covering your business in the event of an attack. They may cover:  Forensic investigation of the breach  Legal advice to determine your notification and regulatory obligations  Offering credit monitoring to customers as a result  Settlements, damages, and judgments related to the breach  Regulatory fines and penalties (including Payment Card Industry fines)
Mange Your Risks  IT Management (managing users, passwords, firewalls, PCs, servers, networks, change management, logging and monitoring)  Regular training and awareness for all users  Regular lifecycle and replacing old equipment and software
What is QuickWatch?  QuickWatch protects your email, servers, network, website, and workstations.  QuickWatch allows us to remotely access your machines to deal with certain issues that you may have.  QuickWatch automatically backs up your data.  QuickWatch has automatic cloud-driven patch management.
Top Tips  Never believe that you are not a target to hackers.  Keep your software and operating system up-to-date  Beware of suspicious emails and phone calls  Practice good password management  Never leave devices unlocked and unattended  Back up your data  Use two-factor authentication  Use secure internet connections  Install an enterprise anti-virus and keep it up-to-date  Protect sensitive data
Sources  https://www.quickwatch.support/  https://blog.varonis.com/cybersecurity-statistics/  https://blog.varonis.com/cybersecurity-statistics/  https://security.berkeley.edu/resources/best-practices-how-to-articles/top- 10-secure-computing-tips  https://ist.mit.edu/security/tips  https://www.zdnet.com/article/simple-security-step-by-step-guide/

Recommandé

NSA and PT
NSA and PTNSA and PT
NSA and PTRahmat Suhatman
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breachesxband
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsJosh Moulin, MSISA,CISSP
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Introduction to information security field
Introduction to information security fieldIntroduction to information security field
Introduction to information security fieldAhmed Musaad
 

Recommandé

NSA and PT
NSA and PTNSA and PT
NSA and PTRahmat Suhatman
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Preventing Data Breaches
Preventing Data BreachesPreventing Data Breaches
Preventing Data Breachesxband
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacyeiramespi07
 
Information Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsInformation Security Basics for Businesses and Individuals
Information Security Basics for Businesses and IndividualsJosh Moulin, MSISA,CISSP
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Cisa ransomware guide
Cisa ransomware guideCisa ransomware guide
Cisa ransomware guideanpapathanasiou
 
Introduction to information security field
Introduction to information security fieldIntroduction to information security field
Introduction to information security fieldAhmed Musaad
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?The TNS Group
 
Data security
Data security Data security
Data security Laura Breese
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)GuardEra Access Solutions, Inc.
 
Information security[277]
Information security[277]Information security[277]
Information security[277]Timothy Warren
 
Topic11
Topic11Topic11
Topic11Anne Starr
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.Ni
 
Network srcurity
Network srcurityNetwork srcurity
Network srcuritysheikhparvez4
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber securitySweta Kumari Barnwal
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network securityIGZ Software house
 
Security Incidents
Security IncidentsSecurity Incidents
Security Incidentsbelsis
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Database Threats - Information System Security
Database Threats - Information System SecurityDatabase Threats - Information System Security
Database Threats - Information System Securitysandra sukarieh
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 
Information security
Information securityInformation security
Information securityVijayananda Mohire
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptxmuskaangoel15
 

Contenu connexe

Tendances

Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?The TNS Group
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Information security[277]
Information security[277]Information security[277]
Information security[277]Timothy Warren
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.Ni
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedBule Hora University
 
Security Incidents
Security IncidentsSecurity Incidents
Security Incidentsbelsis
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions ErnestStaats
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data securitySaranSwathi1
 
Database Threats - Information System Security
Database Threats - Information System SecurityDatabase Threats - Information System Security
Database Threats - Information System Securitysandra sukarieh
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attackMark Silver
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityAtlantic Training, LLC.
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data ProtectionUthsoNandy
 

Tendances (20)

Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?
 
Data security
Data security Data security
Data security
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and Attacks
 
Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)Guard Era Security Overview Preso (Draft)
Guard Era Security Overview Preso (Draft)
 
Information security[277]
Information security[277]Information security[277]
Information security[277]
 
Topic11
Topic11Topic11
Topic11
 
INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.INFORMATION SECURITY: THREATS AND SOLUTIONS.
INFORMATION SECURITY: THREATS AND SOLUTIONS.
 
Network srcurity
Network srcurityNetwork srcurity
Network srcurity
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Chapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganisedChapter1 intro network_security_sunorganised
Chapter1 intro network_security_sunorganised
 
Introduction Network security
Introduction Network securityIntroduction Network security
Introduction Network security
 
Security Incidents
Security IncidentsSecurity Incidents
Security Incidents
 
Cybersecurity…real world solutions
Cybersecurity…real world solutions Cybersecurity…real world solutions
Cybersecurity…real world solutions
 
Aspects of data security
Aspects of data securityAspects of data security
Aspects of data security
 
Database Threats - Information System Security
Database Threats - Information System SecurityDatabase Threats - Information System Security
Database Threats - Information System Security
 
Anatomy of a cyber attack
Anatomy of a cyber attackAnatomy of a cyber attack
Anatomy of a cyber attack
 
Information Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier UniversityInformation Security Awareness Training by Wilfrid Laurier University
Information Security Awareness Training by Wilfrid Laurier University
 
Network Security of Data Protection
Network Security of Data ProtectionNetwork Security of Data Protection
Network Security of Data Protection
 
Information security
Information securityInformation security
Information security
 

Similaire à Internet safety and you

Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsMuhammadRobeel3
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptxmuskaangoel15
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.angelaag98
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxedgar6wallace88877
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxfathwaitewalter
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?TechSoup
 
Data protection and security
Data protection and securityData protection and security
Data protection and securitynazar60
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfanandanand521251
 
Computing safety
Computing safetyComputing safety
Computing safetyBrulius
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...Erin Moore
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless NetworkingGulshanAra14
 
Cyber Security School Workshop
Cyber Security School WorkshopCyber Security School Workshop
Cyber Security School WorkshopRahul Nayan
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Securityxsy
 

Similaire à Internet safety and you (20)

Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Computer Secutity.
Computer Secutity.Computer Secutity.
Computer Secutity.
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 
Security and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docxSecurity and Ethical Challenges Contributors Kim Wanders.docx
Security and Ethical Challenges Contributors Kim Wanders.docx
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?Cyberattacks on the Rise: Is Your Nonprofit Prepared?
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
 
Data protection and security
Data protection and securityData protection and security
Data protection and security
 
Chapter 10.0
Chapter 10.0Chapter 10.0
Chapter 10.0
 
In computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdfIn computer security, a vulnerability is a weakness which allows an .pdf
In computer security, a vulnerability is a weakness which allows an .pdf
 
Computing safety
Computing safetyComputing safety
Computing safety
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
security By ZAK
security By ZAKsecurity By ZAK
security By ZAK
 
A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...A Brief Note On Companies And The Largest Ever Consumer...
A Brief Note On Companies And The Largest Ever Consumer...
 
Computer security
Computer securityComputer security
Computer security
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Lecture 2.pptx
Lecture 2.pptxLecture 2.pptx
Lecture 2.pptx
 
Wireless Networking
Wireless NetworkingWireless Networking
Wireless Networking
 
Cyber Security School Workshop
Cyber Security School WorkshopCyber Security School Workshop
Cyber Security School Workshop
 
Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
 

Plus de Art Ocain

Applying the MITRE CREF.pptx
Applying the MITRE CREF.pptxApplying the MITRE CREF.pptx
Applying the MITRE CREF.pptxArt Ocain
 
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxAccidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxArt Ocain
 
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Art Ocain
 
vCIO vCISO - Information Technology and Security Strategy.pptx
vCIO vCISO - Information Technology and Security Strategy.pptxvCIO vCISO - Information Technology and Security Strategy.pptx
vCIO vCISO - Information Technology and Security Strategy.pptxArt Ocain
 
Cybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxCybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxArt Ocain
 
MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5Art Ocain
 
MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4Art Ocain
 
MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3Art Ocain
 
MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2Art Ocain
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 
MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1Art Ocain
 
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffControl Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffArt Ocain
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
 

Plus de Art Ocain (13)

Applying the MITRE CREF.pptx
Applying the MITRE CREF.pptxApplying the MITRE CREF.pptx
Applying the MITRE CREF.pptx
 
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxAccidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
 
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
 
vCIO vCISO - Information Technology and Security Strategy.pptx
vCIO vCISO - Information Technology and Security Strategy.pptxvCIO vCISO - Information Technology and Security Strategy.pptx
vCIO vCISO - Information Technology and Security Strategy.pptx
 
Cybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxCybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptx
 
MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5
 
MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4
 
MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3
 
MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware Event
 
MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1
 
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffControl Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small Business
 

Dernier

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 

Dernier (20)

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Internet safety and you

  • 3. Fast Facts  The average cost of a malware attack on a company is 2.4 million dollars.  Microsoft Office formats make up the most prevalent group of malicious file extensions at 38% of the total.  21% of all files are not protected at all.  Ransomware attacks are growing more than 350% annually.
  • 4. Small Businesses as a Target  43% of cyber attacks target small businesses  Small businesses are easy prey for international hacking  Small businesses are very vulnerable to generalized phishing and malware  Small businesses are easy accidental targets for script kiddies
  • 5. Small Businesses as a Target  Small business owners pay ransoms  Small businesses have valuable data  Small businesses are easy for hackers to get in and stay in undetected  Lack of budget for adequate security  Lack of staff and training
  • 6. Malware  Malware is any form of programming or code that can be used to expose a vulnerability or open a door to your internal network.  Types of malware:  Trojan: Malware that pretends to be other software  Spyware: Used to spy on network operations or users  Rootkit: Installed to gain hidden unauthorized control  Backdoor: Opening in the network for further exploitation
  • 7. Phishing  Phishing is the practice of sending emails claiming to be from reputable companies in order to get individuals to reveal personal information.
  • 8. Email Links  Do not click suspicious email links.  If you are unsure about a link, do not click on the link.  Use https://safeweb.Norton.com by copying the link’s URL and pastig it into the URL checker at Norton.  Any link can be disguised to redirect you to somewhere else  To circumvent this, just Google it.
  • 9. Email Attachments  The same best practices followed with the clicking links should also be applied to email attachments.  There are resources you can use if you believe you have a file that might be malicious. You can upload the suspected file to the website https://www.virustotal.com/#/home/upload  This site will analyze the file and brief you with results if it is malicious.
  • 10. Protected View  Do not use the “Enable Editing” setting if not necessary.  This can potentially allow malware to run background processes on your computer.  This can lead to ransomware and backdoors on the machine for identity theft.
  • 11.
  • 12. Social Engineering  Social engineering is the manipulation of people into performing actions or divulging confidential information  Types of social engineering include:  Phishing  Tailgaiting  Quid pro quo
  • 13. Antivirus  Antivirus tools are used to remove infections from computers using previously known hash values. Hash values are the “DNA” of the virus.  Antivirus monitoring are systems that are implemented to monitor normal user use and network behavior to alert a system administrator of a potential threat. Alerts could be too many failed login attempts to DNS spoofing and other network changes.
  • 14. Web Content and Media Filtering  These tools are used to limit the risk of malware exposed to host machines and servers. Without proper web filtering, users may access sites that could put potential rootkits and backdoors on user machines, therefore allowing unauthorized access to the machine from a remote hacker.  Sites that should be blocked include sites that allow file transferring, for example torrents and The Onion Router traffic. Furthermore, blocking not suitable for work sites is needed to prevent users from accessing crude or time-wasting sites that are not suitable for company operations.
  • 15. Virtual Private Network (VPN)  VPNs allow safe remote access to your company’s internal network to access documents and work remotely.  They work off individual access and encrypt traffic coming into your network to prevent attackers from stalking and watching the network traffic.  With a VPN, a user is able to remotely connect from a public network into a private network safely and securely.
  • 16. Data  Data is information. It is the documents, spreadsheets, and images stored on the computer.  Data is also more than just files. Data is the configuration files, services, and programs that make your computer run. Without these files, your computer may not be able to run.
  • 17. Backups  A full backup is the simplest but most data intensive and timely type of backup. This type of backup will completely record your entire computer or server to external media.  An incremental backup results in a copy of only the new data that has been created since the last backup of any type. It can be run as often as desired and is not usually time intensive or data intensive if managed properly.  A differential backup copies all of the data that has been created since the previous backup. However, each time the differential backup is run it will continue to copy all data changed since the previous file backup.
  • 18. Single Point of Failure  A single point of failure is putting all your eggs in one basket. This means securing all your backups in one place such as only on a single external backup media.
  • 19. Patching  Patches are fixes to a piece of software that either fix bugs, fix security vulnerabilities, or add features.  More than 70% of cyber attacks exploit patchable vulnerabilities.  Have a policy to patch your machines regularly.  Test patches on one machine before deploying to all of them.
  • 20. Wireless Security  There are various forms of encryption used for wireless.  The most common is unhidden WPA2 with a pre-shared-key.  As a business, you want a strong password, pre-shared-key, for your WiFi because it has become increasingly easier to decrypt these WiFi passwords.
  • 21. Compliance  Compliance means meeting all of the controls required by the governing agency  Payment Card Industry (PCI) depends on your business type  HIPAA compliance is universal and applies to any organization that store ePHI.  These regulations help protect your business from threats.  In theory if you are fully compliant, an attacker will have a difficult time compromising your data.
  • 22. Dangers of Non-Compliance  General  Lawsuits for data loss  PCI  Fines from credit card companies  Increase in transaction fees  HIPAA  Fines from HIPAA regulatory bodies  Legal Fees
  • 23. CyberSecurity Insurance  General Liability insurance WILL NOT cover:  Identity theft or fraud resulting from either a malicious or inadvertent security breach  Lawsuits or fines resulting from data leaked through a breach  Theft or destruction of such valuable digital assets as intellectual property or customer lists  Interruption of your business or loss of business due to a hacker or malware
  • 24. CyberSecurity Insurance  Insurance companies offer cyber policies and data breach policies for covering your business in the event of an attack. They may cover:  Forensic investigation of the breach  Legal advice to determine your notification and regulatory obligations  Offering credit monitoring to customers as a result  Settlements, damages, and judgments related to the breach  Regulatory fines and penalties (including Payment Card Industry fines)
  • 25. Mange Your Risks  IT Management (managing users, passwords, firewalls, PCs, servers, networks, change management, logging and monitoring)  Regular training and awareness for all users  Regular lifecycle and replacing old equipment and software
  • 26. What is QuickWatch?  QuickWatch protects your email, servers, network, website, and workstations.  QuickWatch allows us to remotely access your machines to deal with certain issues that you may have.  QuickWatch automatically backs up your data.  QuickWatch has automatic cloud-driven patch management.
  • 27. Top Tips  Never believe that you are not a target to hackers.  Keep your software and operating system up-to-date  Beware of suspicious emails and phone calls  Practice good password management  Never leave devices unlocked and unattended  Back up your data  Use two-factor authentication  Use secure internet connections  Install an enterprise anti-virus and keep it up-to-date  Protect sensitive data
  • 28. Sources  https://www.quickwatch.support/  https://blog.varonis.com/cybersecurity-statistics/  https://blog.varonis.com/cybersecurity-statistics/  https://security.berkeley.edu/resources/best-practices-how-to-articles/top- 10-secure-computing-tips  https://ist.mit.edu/security/tips  https://www.zdnet.com/article/simple-security-step-by-step-guide/