Transcript Slide 1
TECHNOLOGY GUIDE THREE Protecting Your Information Assets TECHNOLOGY GUIDE OUTLINE TG3.1 Introduction TG3.2 Behavioral Actions to Protect Your Information Assets TG3.3 Computer-based Actions to Protect Your Information Assets LEARNING OBJECTIVES • Identify the various behavioral actions you can take to protect your information assets. • Identify the various computer-based actions you can take to protect your information assets. Behavioral Actions • Do not provide personal information to strangers in any format. • Protect your social security number. • Use credit cards with your picture on them. • Use virtual credit cards. • Know your credit card billing cycles. Behavioral Actions (continued) • Limit use of debit cards. • Do not use a personal mailbox at home or at an apartment. • Use a cross-cut (confetti) shredder. • Sign up with a company that provides proactive protection of your personal information. Computer-Based Actions • Never open unrequested attachments to e-mail files, even those from people you know and trust. • Never open attachments or Web links in e-mails from people you do not know. • Never accept files transferred to you during Internet chat or instant messaging sessions. • Never download any files or software over the Internet from a Web site that you do not know. Computer-Based Actions (continued) • Never download files or software that you have not requested. • Test your system. • Run free malware scans on your computer. • Have an anti-malware product on your computer and use it (ideally at least once per week). • Have a firewall on your computer. Computer-Based Actions (continued) • Have an antispyware product on your computer. • Have a rootkit detection product on your computer. • Have a monitoring software on your computer. • Have content filtering software on your computer. • Have antispam software on your computer. Computer-Based Actions (continued) • Have proactive intrusion detection and prevention software on your computer. • Manage patches. • Use a browser other than Internet Explorer. • Travel with a “sterile” laptop or no laptop. • Use two-factor authentication. • Use encryption. Computer-Based Actions (continued) • Use laptop tracing tools or device reset/remote kill tools. • Turn off peer-to-peer (P2P) file sharing. • Look for new and unusual files. • Detect fake Web sites. • Use strong passwords. • Surf the Web anonymously. • E-mail anonymously. Computer-Based Actions (continued) • Adjust privacy settings on your computer. • Erase your Google search history. • Personal disaster preparation: backup, backup, backup! Wireless Security • Hide your Service Set Identifier (SSID). • Use encryption. • Filter out media access control (MAC) addresses. • Limit Internet Protocol (IP) addresses. • Sniff out intruders. • Change the default administrator password on your wireless router to something not easily guessed. Wireless Security (continued) • Use virtual private networking (VPN) technology to connect to your organization’s network. • Use Remote Desktop to connect to a computer that is running at your home. • Configure windows firewall to be “on with no exceptions.” Wireless Security (continued) • Only use Web sites that use Secure Sockets Layer (SSL) for any financial or personal transactions (discussed in Chapter 3). • Use wireless security programs.