SlideShare une entreprise Scribd logo

How to Secure Your Organisation Data

Phannarith Ou, G-CISO
Phannarith Ou, G-CISO
Formation
1  sur  31
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 1"
!  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
3"
ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
•  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
. - : @ . ! 11"
Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
13"
Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
•  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
•  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
18"
•  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
How"to"secure"your"password" . - : @ . ! 22"
23"
. - : @ . ! 24"
. - : @ . ! 25"
. - : @ . ! 26"
. - : @ . ! 27"
28"
User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"
Mr.$OU$Phannarith$ Head$of$CamCERT$ Permanent$Member$of$$Cybercrime$ Law$Working$Group$$ National$ICT$Development$Authority$ OfHice$of$The$Council$of$Ministers$ Email:$phannarith[at]camcert.gov.kh$ $ 31"

Recommandé

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hackinghackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots
HoneypotsHoneypots
HoneypotsBilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 

Recommandé

A perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageA perspective for counter strategy against cybercrime and cyber espionage
A perspective for counter strategy against cybercrime and cyber espionageGohsuke Takama
 
Learn Hacking
Learn HackingLearn Hacking
Learn Hackinghackingtraining
 
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsGood Guys vs Bad Guys: Using Big Data to Counteract Advanced Threats
Good Guys vs Bad Guys: Using Big Data to Counteract Advanced ThreatsZivaro Inc
 
HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.HoneyPot for Network Security - building and testing against exploits.
HoneyPot for Network Security - building and testing against exploits.Shantanu Kumar Das
 
Data Privacy for Activists
Data Privacy for ActivistsData Privacy for Activists
Data Privacy for ActivistsGreg Stromire
 
Honeypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinHoneypots, Deception, and Frankenstein
Honeypots, Deception, and FrankensteinPhillip Maddux
 
Honeypots
HoneypotsHoneypots
HoneypotsBilal ZIANE
 
Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016Cyber Security 4.0 conference 30 November 2016
Cyber Security 4.0 conference 30 November 2016InfinIT - Innovationsnetværket for it
 
Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Ulrich Janßen
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crimearitraranjan
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assuranceVaughan Olufemi ACIB, AICEN, ANIM
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hackedPhannarith Ou, G-CISO
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRajendra Dangwal
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeTushar Malhotra
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPTAnshuman Tripathi
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 
Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical HackingPushkar Pashupat
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureCodemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesYair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A NetworkPhil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal levelArnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumBob Rudis
 

Contenu connexe

En vedette

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of viewS.E. CTS CERT-GOV-MD
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Ulrich Janßen
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityDipesh Waghela
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 

En vedette (10)

Cyber security from military point of view
Cyber security from military point of viewCyber security from military point of view
Cyber security from military point of view
 
Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)Integrating info ops in operational level planning (no backup slides)
Integrating info ops in operational level planning (no backup slides)
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber security vs information assurance
Cyber security vs information assuranceCyber security vs information assurance
Cyber security vs information assurance
 
How to know you was hacked
How to know you was hackedHow to know you was hacked
How to know you was hacked
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 

Similaire à How to Secure Your Organisation Data

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hackingBeing Uniq Sonu
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?Mary Beth Borgwing, MBA
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defenseChristiaan Beek
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureCodemotion Tel Aviv
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesYair Amit
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Phillip Maddux
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101Atlassian
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Arthur Paixão
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A NetworkPhil Wolff
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal levelArnon Rotem-Gal-Oz
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumBob Rudis
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tpinkflawd
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoTMONICA-Project
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013JimWhite
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...JoAnna Cheshire
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Gohsuke Takama
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxviaForensics
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themVlad Styran
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elementsahmed_vr
 

Similaire à How to Secure Your Organisation Data (20)

Ethi mini - ethical hacking
Ethi mini - ethical hackingEthi mini - ethical hacking
Ethi mini - ethical hacking
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?LemonFish How do you know your Data Loss Prevention system is working ?
LemonFish How do you know your Data Loss Prevention system is working ?
 
Offensive malware usage and defense
Offensive malware usage and defenseOffensive malware usage and defense
Offensive malware usage and defense
 
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, SkycureMobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
Mobile Security Attacks: A Glimpse from the Trenches - Yair Amit, Skycure
 
Mobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the TrenchesMobile Security: A Glimpse from the Trenches
Mobile Security: A Glimpse from the Trenches
 
Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)Deception in Cyber Security (League of Women in Cyber Security)
Deception in Cyber Security (League of Women in Cyber Security)
 
Threat Modeling 101
Threat Modeling 101Threat Modeling 101
Threat Modeling 101
 
Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?Porque Investir em um time de segurança ofensiva?
Porque Investir em um time de segurança ofensiva?
 
Why Personal Clouds Need A Network
Why Personal Clouds Need A NetworkWhy Personal Clouds Need A Network
Why Personal Clouds Need A Network
 
Data security @ the personal level
Data security @ the personal levelData security @ the personal level
Data security @ the personal level
 
CERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity SymposiumCERT Data Science in Cybersecurity Symposium
CERT Data Science in Cybersecurity Symposium
 
La Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren'tLa Quadrature Du Cercle - The APTs That Weren't
La Quadrature Du Cercle - The APTs That Weren't
 
Contextual Cyber Security for IoT
Contextual Cyber Security for IoTContextual Cyber Security for IoT
Contextual Cyber Security for IoT
 
Computer saftey may 2013
Computer saftey may 2013Computer saftey may 2013
Computer saftey may 2013
 
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
The Role of Threat Intelligence and Layered Securiy for Intrusion Prevention ...
 
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
Security, Privacy Data Protection and Perspectives to Counter Cybercrime 0409...
 
Via forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linuxVia forensics thotcon-2013-mobile-security-with-santoku-linux
Via forensics thotcon-2013-mobile-security-with-santoku-linux
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
 
Information Security - The Missing Elements
Information Security - The Missing ElementsInformation Security - The Missing Elements
Information Security - The Missing Elements
 

Plus de Phannarith Ou, G-CISO

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computerPhannarith Ou, G-CISO
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your informationPhannarith Ou, G-CISO
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Phannarith Ou, G-CISO
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006Phannarith Ou, G-CISO
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterprisePhannarith Ou, G-CISO
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU StudentPhannarith Ou, G-CISO
 

Plus de Phannarith Ou, G-CISO (20)

3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer3 Security Tips for better security for personal computer
3 Security Tips for better security for personal computer
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAP
 
Reconnaisance
Reconnaisance Reconnaisance
Reconnaisance
 
Case - How to protect your information
Case - How to protect your informationCase - How to protect your information
Case - How to protect your information
 
Case - How to protect your website
Case - How to protect your websiteCase - How to protect your website
Case - How to protect your website
 
Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)Case Study - Internet Security Policy (Khmer)
Case Study - Internet Security Policy (Khmer)
 
Internet Security Policy - Khmer
Internet Security Policy - Khmer Internet Security Policy - Khmer
Internet Security Policy - Khmer
 
How to Protect Computer From Virus
How to Protect Computer From VirusHow to Protect Computer From Virus
How to Protect Computer From Virus
 
How to Secure Your WiFi
How to Secure Your WiFiHow to Secure Your WiFi
How to Secure Your WiFi
 
Facebook Security in 3 Ways
Facebook Security in 3 Ways Facebook Security in 3 Ways
Facebook Security in 3 Ways
 
Understanding Keylogger
Understanding KeyloggerUnderstanding Keylogger
Understanding Keylogger
 
Exchange Server 2003
Exchange Server 2003Exchange Server 2003
Exchange Server 2003
 
Network Security with ISA Server 2006
Network Security with ISA Server 2006Network Security with ISA Server 2006
Network Security with ISA Server 2006
 
Network Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 EnterpriseNetwork Installation and Management in Windows 2008 Enterprise
Network Installation and Management in Windows 2008 Enterprise
 
Secure System Development Proposal
Secure System Development ProposalSecure System Development Proposal
Secure System Development Proposal
 
ូUnderstanding DNS Spoofing
ូUnderstanding DNS SpoofingូUnderstanding DNS Spoofing
ូUnderstanding DNS Spoofing
 
Understanding Malware by BBU Student
Understanding Malware by BBU StudentUnderstanding Malware by BBU Student
Understanding Malware by BBU Student
 
Heartbleed vulnerability
Heartbleed vulnerabilityHeartbleed vulnerability
Heartbleed vulnerability
 
P12 r202t8 05-spam
P12 r202t8 05-spamP12 r202t8 05-spam
P12 r202t8 05-spam
 
P12 r202t8 04-d-dos
P12 r202t8 04-d-dosP12 r202t8 04-d-dos
P12 r202t8 04-d-dos
 

Dernier

Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Mark Reed
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4MiaBumagat1
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSJoshuaGantuangco2
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxruthvilladarez
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Celine George
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfJemuel Francisco
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptshraddhaparab530
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxRosabel UA
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfTechSoup
 

Dernier (20)

Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptxLEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
LEFT_ON_C'N_ PRELIMS_EL_DORADO_2024.pptx
 
Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)Influencing policy (training slides from Fast Track Impact)
Influencing policy (training slides from Fast Track Impact)
 
ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4ANG SEKTOR NG agrikultura.pptx QUARTER 4
ANG SEKTOR NG agrikultura.pptx QUARTER 4
 
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTSGRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
GRADE 4 - SUMMATIVE TEST QUARTER 4 ALL SUBJECTS
 
TEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docxTEACHER REFLECTION FORM (NEW SET........).docx
TEACHER REFLECTION FORM (NEW SET........).docx
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 3 STEPS Using Odoo 17
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdfGrade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
Grade 9 Quarter 4 Dll Grade 9 Quarter 4 DLL.pdf
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptxFINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
FINALS_OF_LEFT_ON_C'N_EL_DORADO_2024.pptx
 
Integumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.pptIntegumentary System SMP B. Pharm Sem I.ppt
Integumentary System SMP B. Pharm Sem I.ppt
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
Presentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptxPresentation Activity 2. Unit 3 transv.pptx
Presentation Activity 2. Unit 3 transv.pptx
 
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdfInclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
Inclusivity Essentials_ Creating Accessible Websites for Nonprofits .pdf
 

How to Secure Your Organisation Data

  • 2. !  Basic"Understanding"of"Information"Security" !  Malware"Fundamental" !  Protect"Your"Password" !  Social"Engineering"and"Phishing"" !  Suggestion"and"Recommendation" !  Question"and"Answers" . - : @ . ! 2"
  • 3. 3"
  • 4. ConIidentiality"–"of"the"information" Confiden'ality- Information"on"the"company"or"organization" should"never"be"accessible"to"users"without" permission" " Integrity"–"of"application"and"information" Accuracy"and"completeness"of"information" are"preserved" " Availability- Integrity- Availability"–"of"the"system" Information"is"accessible"by"authorized"users" when"required" . - : @ . ! 4"
  • 5. Why"Information"Security"is"important?"" Protecting"computer"system"or"its"user"from"threats"that" may"occur"" Threats"and"Damage"will"differ"depending"on"computer" system’s"characteristic"" Protecting"the"system"and"its"users"from"threat"and" minimize"damage" . - : @ . ! 5"
  • 6. Relationship$between$threat,$vulnerability$and$loss$ Threat" Loss" Vulnera bility" Attacker$+$No$Security$Patch$=$Data$Destruction$ . - : @ . ! 6"
  • 7. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ A"Weakness"in"the" organization,"computer" system"or"network"that"can" be"exploited"by"threat" . - : @ . ! 7"
  • 8. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$ If"vulnerability"exist,"threats" can"attack"your"information" assets" . - : @ . ! 8"
  • 9. Information$ Threats$ Assets$ Something"that"can"potentially" Information"stored"in"any" cause"damage"to"information"" Countermeasure$ manner"which"recognized"as" assets" ‘valuable’"to"the"organization"" Vulnerability$is$Hixed$ Information"assets"can"be" kept"secure,"even"if"threats" exist." . - : @ . ! 9"
  • 10. •  Do"you"use"license"operating"system"(OS)?" •  Have"you"even"been"update"your"OS?"" •  Have"you"even"been"update"your"daily"use" software?" •  Do"you"update"your"antiavirus"regularly?" . - : @ . ! 10"
  • 11. . - : @ . ! 11"
  • 12. Physical&& The"most" difIicult" part"to" handle" Secure& Hardware& Human&& Your& && So6ware& Data& Policy&&& Standard& . - : @ . ! 12"
  • 13. 13"
  • 14. Malware"or"Malicious" Threats" software" Virus" Worm" Trojans" . - : @ . ! 14"
  • 15. •  Infect"object"on"the"disk"" •  Travel"autonomously"from"PC"to"PC" •  Trigger"by"individual"action"such"as"Open" email"attachment" •  Spread"automatically" •  Install"itself"into"the"PC"and"looking"other" PCs"to"infect" •  Email"worm"need"individual"action"to"spread" •  Network"worm"spread"without"the"need"for" human"interaction" . - : @ . ! 15"
  • 16. •  Install"silently"in"the"PC"by"Email" attachment,"visit"infected"website,"…etc." •  PC"work"normally"without"any"consent" from"the"users" •  They"don’t"selfareplicate,"but"relies"on" connectivity"provided"by"the"Internet" •  There"are"many"kinds"of"Trojans:" •  Backdoor"Trojans" •  Keyalogger"Trojans" •  Banking"Trojans" . - : @ . ! 16"
  • 17. Can-done-anything:-Sending-Spam,- Before" Collec'ng-confiden'al-data,-stealing- password,-etc.-and-espcially-connect-PC- with-PC-to-create-an-infected-network- (BOTNET).-- Virus" Worm" Trojans" Now"–"Hybrid"Malware" Virus& Worm& Trojans& . - : @ . ! 17"
  • 18. 18"
  • 19. •  How"often"do"you"change"your"password?" •  Do"you"use"your"name,"telephone,"date"of"birth," as"your"password?" •  Do"you"use"the"same"password"for"every" services?" •  Do"you"share"your"password"with"anybody?" . - : @ . ! 19"
  • 20. Easily"Guessed"Password" •  No"Password"is"set" •  Password"same"as"the"account"name" Dictionary"Attack" •  Prepared"words"that"the"user"is"likely"to"use"as" passwords"in"a"dictionary"Iile"and"attempt"to"Iind" matching"password" Brute"Force"Attack" •  This"is"simple"method"to"try"all"possible"combinations"as" passwords" •  It"take"huge"amount"of"time,"although,"theoretically,"it" can"break"any"password"without"fail" . - : @ . ! 20"
  • 21. Which"password"below"is"your"password?" Top$25$Popular$Password$in$2011$ 1."password" "2."123456 "3."12345678 "4."qwerty" 5."abc123 "6."monkey "7."1234567 "8."letmein" 9."trustno1 "10."dragon "11."baseball "12."111111" 13."Iloveyou "14."master "15."sunshine "16."ashley" 17."bailey "18."passw0rd"19."shadow "20."123123" 21."654321 "22."superman"23."qazwsx "24."michael" 25."football" . - : @ . ! 21"
  • 23. 23"
  • 24. . - : @ . ! 24"
  • 25. . - : @ . ! 25"
  • 26. . - : @ . ! 26"
  • 27. . - : @ . ! 27"
  • 28. 28"
  • 29. User"antiavirus"and"update"it"regularly"" Install"a"Personal"Firewall" Install"latest"security"update" Don’t"open"an"email"you"do"not"trust" Keep"learning!" . - : @ . ! 29"
  • 30. You"organization"data"security"is"depending"on" the"weakness"link" Don’t"make"yourself"as"the"weakness"link" . - : @ . ! 30"