Transcript Slides

Mgt 240 Lecture
Computing at ND:
Network and Security
January 25, 2005
Homework One



Partially graded
On the whole – very nice job!
Common mistakes

Carelessness!



A lot of people missed CD/DVD and PC Card question
Not saving with the Word extension .doc
Grades will be posted Friday afternoon



Course web site – Grades, Lecture Grades
Posted by last 5 digits in student id
Have to scroll horizontally for comments and points off for each
question
Homework Two




Operating system homework
Any questions?
Due Friday at 5pm
Help session Thursday 7-9pm in L050 –
Andy Grau
Homework Three




Posted on course web site and other usual
places
Involves using Excel security features
More complicated than first two
Don’t start on it too late!
Operating System and Software
Reading Outline

Questions?
Today’s Lecture



Document or Work Product Security:
Excel
Computing Environment: Security
ND Computing: Network
Security and Excel
Security Threats to Excel

Unauthorized person/s are able to



See content of workbook
Change content of workbook
Excel macros can contain viruses
Security Best Practices for
Excel

Protect workbook contents




Privacy


Lock cells, ranges
Password protect workbook
Set workbook as read only
Encrypt workbook
Authenticate workbook

Digitally sign workbook
Security Options in Excel

Protection – Under Tools menu




All cells are locked by default but often
worksheets aren’t protected
Protecting your workbook activates cell
locking
Prevents modifications to locked cells
If you want some cells to be unlocked,
you need to specify that before you
protect the worksheet
Security Options in Excel

Workbook security settings - Under Options in
Tools menu

Encrypt entire work book

Need to specify






Encryption algorithm
Password to decrypt and open
Password required to modify shared workbook
Set shared workbook as read only
Digitally sign workbook and/or macros in it to
authenticate author
Remove personal information from file on save (won’t
show up when someone clicks on file properties)
Security Best Practices for
Excel

Protection against viruses and other malicious
access to workbook







Download critical updates for Microsoft Office
Sign up for email-based security updates from Microsoft
Make sure you have anti-virus software and it is up-todate
Set macro security settings to high or medium
Clear the Trust all installed add-ins and templates check
box
Use digital signatures
Maintain a list of trusted macro publishers
Security Options in Excel

Security settings for macro execution




Very High – only macros installed in trusted
locations are allowed to run
High – only signed macros from trusted
sources allowed to run
Medium – You choose whether to run
potentially unsafe macros
Low – You are not protected from unsafe
macros. Use only if you have virus protection
software installed or you are sure that the
documents you open are safe
Security Issues

Have become more important as



Must protect




More work is performed and stored on computers
More computers are networked
Machines
Data
Network
Threats


Internal
External
ND Computing Security

OIT Computing Security web page

Who’s in charge of your computer video
12-Step Guide to Safer
Computing

Step 1

When not using your computer, disconnect it
from the Internet.

Connected, your computer is open to intrusions by
hackers who can access your files, bank account
information and personal details, or may use your
machine as a “zombie” to launch Denial of Service
(DOS) attacks against Internet Service Providers or
Web sites, shutting them down.
12-Step Guide to Safer
Computing

Step 1 (cont.)
 Lock out your Windows 2000/XP workstation
any time you walk away from your machine.


Press CTRL, ALT, DELETE
Click Lock Computer
12-Step Guide to Safer
Computing

Step 2

Use updated anti-virus and personal firewall
software
Firewalls ensure no outside users can access
confidential or private data. They also filter
inbound and outbound traffic and alert you to
attempted intrusions.
 Activate Windows XP firewall by following the
instructions at:
http://www.microsoft.com/security/protect/

12-Step Guide to Safer
Computing

Step 2 (cont.)
 Check for the latest viruses and security
information weekly by visiting the OIT web
site.
 Update your anti-virus software daily or set it
so it will update automatically.
12-Step Guide to Safer
Computing

Step 3

Make sure your operating system and
application software are current.

Download software patches for your Windows or
Macintosh systems at
http://v5.windowsupdate.microsoft.com
and
http://www.apple.com/support/downloads/,
respectively.
12-Step Guide to Safer
Computing

Step 3 (cont.)
 Install critical MS Office software patches
twice a month by visiting:
http://office.microsoft.com/productupdates
 Remove/do not install unnecessary programs
and/or services.
12-Step Guide to Safer
Computing

Step 4

Use strong passwords more than eight characters
long that include both alpha and numeric elements.

Passwords should be completely random.


Do not use words from the dictionary or numbers similar to
your address, phone number or birth date. If you must use a
familiar word or number to remember your password,
rearrange it, invert it or combine it with another word or
number.
If your cat’s name is Fluffy and you live on Pine Street, spell
the words backward and combine them: Fluffy becomes “yffulf”
and Pine, “enip,” making your new password, “yffulfenip.” For
added security, throw your favorite number in: “1yffulfenip3,”
“yffulf13enip” or “yffulfenip13.” Use as many characters as the
program for which the password is needed permits.
12-Step Guide to Safer
Computing

Step 5



Never write your password down or post it on
your monitor – someone may find it! If you
must write it down, never leave it unattended.
Do not share passwords.
Step 6

Change your password regularly (monthly).
12-Step Guide to Safer
Computing

Step 7


Files for sharing need password protection.
You must always understand what you are
downloading

Many files found on peer-to-peer sharing programs
contain Trojans (malicious programs contained
inside seemingly harmless data) or Spyware (a
program that can go undetected on your system
and gather personal information to transmit over
the Internet).
12-Step Guide to Safer
Computing

Step 8


If you discard or trade in your computer,
make sure you reformat your hard drive first,
ridding it of all sensitive information.
Step 9

When ordering products online and using your
credit card, use only secure Web sites of
reputable online merchants. A padlock on
your status bar means the site is secure.
12-Step Guide to Safer
Computing

Step 10


Step 11




Do not e-mail your social security or social insurance number to
anybody.
E-mails announcing you have won a prize or credit card e-applications
are suspicious. If you are truly intrigued, ask to be mailed a hard copy
of the e-mail or form.
Be wary of all email attachments, even from those you know.
Unless you have had prior notification, do not open email attachments
you are not expecting.
Step 12


Back up critical files and programs. That way, extra copies will be
available to you in case of a disaster.
Back up your files often.
Networks
Network Issues


Local area networks
Connecting to the internet
Local Area Networks


Connect a relatively small number of devices in
one geographic area
Usually consist of




Clients
Servers
Hubs
Can be wired or wireless
Local Area Networks

Computers must be equipped to
communicate on the LAN




Network interface card (NIC)
Cable connecting to network
Communications protocol installed (like
TCP/IP)
Must be standards for the way computers
communicate on the LAN

Ethernet is the most common
Local Area Networks
Wireless LAN’s



Mobile users can connect to a local area network
through a wireless (radio) connection
A standard, IEEE 802.11 (WIFI), specifies the
technologies for wireless LANs
The standard includes an encryption method, the Wired
Equivalent Privacy (WEP) algorithm.
Wireless Networks
Wireless Home Networking
Connecting to the Internet

Through your local area network



Connected to internet by internet service provider
Router between lan and outside network
Through direct access such as


Modem
Broadband Modem


Cable
DSL
Connecting LAN’s to the Internet
Broadband Access




Much higher speed possible than through modem
Always on connections
Has been adopted by many home users and businesses
Broadband providers

Phone companies


Cable companies


Digital Subscriber Line
Cable broadband
Satellite companies

Satellite broadband
DSL

Advantages





Many levels of service depending on requirements
Convenient for businesses with telephony contracts
already in place
Connection not shared
Same line can be used for voice and data access
Less expensive
DSL

Disadvantages



Qualifying and provisioning phone line for service
Coordination problems among cooperating service
providers
Access limitations


Beyond 18,000 feet service not available
Slower maximum speeds than cable
Cable Modems

Advantages over DSL





More widely available
Faster connections
Easier installation
More self-installation opportunities
Better support for home networking
Cable Modems

Potential downsides




Cable not laid to many businesses
Congestion on shared line
Low bandwidth reserved for upstream link
Service provider personnel shortages
Cable Modem in the Home
DSL and Cable Equipment

DSL or cable modem


NIC (Ethernet) card
Cable to connect computer to modem
Connecting Computing Devices
Using a Home Network