1. MAKING SECURE CHOICES
Charles Garrett
ISSA:MSC

2. OBJECTIVES
• Show how much information can be found on the internet
• Provide best practices when it comes to information sharing.
• Learn how to develop strong passwords
• Learn how to use mobile devices securely.
2

3. PROFESSIONAL WEBSITE
3

4. PROFESSIONAL WEBSITE
4

5. PERSONAL INFORMATION
• Full Name
• Date of Birth or Age
• Phone number
• Location
• Financial Information
• Schedule (What you do and where you go.) (Ex. Checking in on social media)
5

6. WEB PAGES/IDENTIFIERS
• Profiles
• Newsgroup Postings
• Social Networking profiles
• Personal or Business Websites
• Newspapers
• Ebay
• General Web Presence
• Screen Names or Email Addresses
6

7. INFORMATION GIVEN UP
• Screen names and email addresses shouldn’t tell anything about you.
• Poor Ex.
1. John12343
2. GADAWGSLUVA
3. Lucy_Waycross12343
7

8. BETTER SCREEN NAMES
• B!@ck&Ye1L0W
• Keychains101
• PepperSpray
8

9. ACTIVITY: INFORMATION GATHERING
• HINTS:
1. Use whole name (can include initials)
2. Use quotes
3. Search with name forward/backward
4. Use quotes spaces with phone numbers and addresses
9

10. PASSWORD DEVELOPMENT
• Bad examples:
• Password
• Qwerty
• 123456
• Any word in the dictionary
• Good Examples. Hint Passphrase
• b!@ck&yE1L0w
• q@w4dgf*542
10

11. PASSWORD DEVELOPMENT
• Basic Concepts
• Length of Password (8 char min. 10+ < Preferable)
• Complexity of Password (As random as possible)
• Use lowercase, uppercase, numbers, and symbols in a random sequence.
11

12. PASSWORD TIPS
• Create a unique password for each account.
• Never share or write down your password.
• Use a passphrase so it is easy to remember.
• Change passwords if your email or system has a virus.
12

13. WORKING REMOTELY
• Working remotely provides many professionals with the freedom to complete
work related tasks from almost any location.
• The challenge is that many are unaware of the security vulnerabilities and
regular maintenance required to protect their devices.
13

14. BEST PRACTICES: SOFTWARE
• Ensure virus protection is installed, enabled, and up to date.
• Ensure Windows Firewall is turned ON.
• Ensure all software applications like Java and Flash are up to date.
• NEVER install software that is not necessary for work related tasks.
• NEVER allow non-BBBS employees to use installed software.
14

15. BEST PRACTICES: PASSWORDS
• Protect passwords that are used to access BBBS information.
• Ensure your machine have STRONG passwords.
• Ensure that passwords are changed a MINIMUM of 6 months.
• Ensure all mobile devices have a timeout function that lock the screen.
• NEVER use the “Remember this password” function in an internet browser.
• Use software like LastPass to properly secure passwords.
15

16. BEST PRACTICES: INFORMATION MANAGEMENT
• Invest in a backup solution and back it up once every two weeks. (flash drive, external
HD, etc.)
• Protect devices by enabling a lock and wipe function on mobile devices such as tablets
and smartphones.
• ALWAYS ensure that all BBBS information is encrypted.
• Remove unnecessary information when it is no longer needed on the machine.
• Ensure that when you work remotely that you do not leave your computer unattended for
any period of time.
16

17. SOURCES
• GBI Cyber Security Awareness
17