Loading…
Device Safety
374
Transcript
In the early days of IT, we had to worry about someone gaining physical access to hard drives.
NOW - the data is more valuable than the devices that store it.
Device Safety
compiled by S. Wood
Password Safety
Password Safety
- stop daisy-chaining
- use a password safe
- generate LONG passwords
- use 2-factor authentication
Malware
(Malicious software)
- Viruses (malicious code)
- Worms (infect consecutive machines)
- Trojans (disguised as legitimate)
- Ransomware (encrypts until you pay $)
- Spyware (spys on what you're doing)
How do I get Malware?
How do I get Malware?
- browsing the internet
- clicking on ads
- installing programs
- sharing files
How do I combat it?
Use an Anti-virus
- Anti-virus software must be updated DAILY
- Must be running “all the time” (check this periodically)
- Do full system scans “regularly” (eg, once a week)
- Be sure your scanning software is turned on to check other devices (eg, when you plug in an USB or external drive)
Enable automatic updates
They plug the known security holes with fixes
You probably have malware if:
How do I know I have Malware
- Device is running slower than normal
- Popups
- New toolbars/addons in browser
- Search results look different
- You are locked out of accounts
- Error messages when accessing the web
- Your battery is draining
- WHAT permissions are you giving apps? (Just say NO to privilege requests that don't make sense) - eg, does that app really need permission to your camera?
Examples
Firewall
Firewall
(hardware - router
software - set in your OS)
- A router should be secured with a password so that neighbours can't skim off your connection.
- It also helps to prevent hacker attacks.
- An unsecured network, is a public network. All transmissions can be read by anyone.
- AVOID these "FREE" internet access points - they have no encryption - don't use them for sensitive activities (eg, banking)
NEVER use an open WiFi network to do any banking, purchasing online, or anything else that transmits financial information.
Phishing
Phishing
Asking you to update information
- Comes in an email, or text message
- Tries to get you to click on something to update information like passwords
- the URL it takes you to is fake
INSTEAD - if you are unsure, go to the website directly
Examples:
Watch this great video on Encryption from Khanacademy
Encryption
https://www.khanacademy.org/computing/computer-science/internet-intro/internet-works-intro/v/the-internet-encryption-and-public-keys
What?
Encryption
- Changes plain text into cypher-text (code)
- Current encryption is AES (Advanced Encryption Standard) 256 bit
- Some communication apps also use encryption (eg, Whatsapp)
How do you know if a site is encrypted?
- The web address will show https:// (not http:)
- This means data is sent over a SSL (secure socket layer) and is being encrypted as it's being sent
- Jan 1, 2021 - Chrome using https: by default - but that doesn't mean that http is gone. It's still there...for now
Why use a VPN?
(Virtual Private Network)
VPN
- millions of records from assorted targets are stolen each year
- cyberattacks are executed by political operatives (eg Russia's hack during the 2016 US election)
What does it do?
What does a VPN do?
It hides and encrypts your data:
- payment data
- authentication data
- medical records
- any documents stored in a cloud
- etc.
Be safe:
- Did you initiate the action?
- Why is it free?
- Is the source trustworthy?
- Is the site secure?
If you aren't sure - Google it!