Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Generalized Security Awareness Training

No description

Jason Pufahl

on 18 August 2015

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Generalized Security Awareness Training

Thank You For
Your Time!

Applying Information Security Fundamentals Will Help Protect Yourself and Your Institution!
Know Where Your Data Is
Protect Your Data
Create & Protect Strong passPHRASES
Keep Your Computer (including mobile devices) Maintained
Trust Your Instincts!
Some Final Words…
Back Up & Protect Your Important Data!

Mobile Computers
Laptops & Tablets
USB Flash Drives

Apply Data Protection Strategies to Mobile Computers too.
Data Backups
Install it Once
Update it Daily
Scan Weekly
Antivirus Software
All patches, all the time!
Microsoft Windows
Macintosh OS X
Adobe Acrobat Reader
Adobe Flash Player
Microsoft Word, Excel, PowerPoint
Computer Security (Continued)
Downloaded from the internet
Sent in an email
Brought in from a USB flash drive
Computer Security
Common Scams
Viruses, Spyware, Trojan horse files
PDF Files
Ask the Questions?
Were you expecting it?
Is it from someone you know?
Is the email something you would expect from them?
Does it seem too good to be true?
Are you being asked for your password?
Email Security
Browser Security
Browser Security
Email Security
Browser Security
URL – The Only Thing You Can Trust
Computer Security
Security Checkpoints

Scenario 1: Brute Force
It can be your Hotmail account, Facebook, or any other easy target

Scenario 2: Hacking / Cracking
Stealing data as it’s being entered, steal encrypted password files, or read emails or other documents with sensitive data

Scenario 3: Eavesdropping
Listening in on passwords being sent or emails

Scenario 4: They Just Ask!
How Bad Guys Do Bad Things
Q: Why are Passwords Such a Big Deal?
A: It Is All About the Money!

Passwords, IT systems and data constitute BIG BUSINESS
Online fraud cost $48 Billion 2009
Organized Crime Results in Targeted Attacks
SSN / CNN / Bank Accounts
Intellectual Property
Research Data
Why Bad Guys Do Bad Things
Password Management
Data Classification:
Confidential is federally regulated
Social Security Numbers
Credit Card Numbers
Financial Data
Health Related Data
Student Data
Donor Information
Demographic Data
Never email or send unencrypted files and never post it online (to the web).
Data Protection Strategies
Data Protection Strategies
Password Management Techniques
Security Checkpoints
Data Backups
Key Components to Effective
Information Security

Personal Identity Costs
Social Security Number - $5
Credit Card Number - $2-$90
Physical Credit Card - $180
Bank Account - $80-300
Total Identity - $3500
Identity Reclamation - $631 and ~33 hours

Cited: Panda Security
Data Breach Costs Hit Home
Examples of Data Breaches
Data Breach Costs
Personal Identity Theft
Intellectual Property
Data Loss
Information Security Impacts Everyone
Passphrases are Easier to Remember 
Satisfy Complexity Rules Easily
Passphrases are Next to Impossible to Crack
Passwords vs. Passphrase
To protect the University’s systems, services and data against unauthorized use, disclosure, modification, damage and loss.
UConn's Information Security Office Focus:
You Would Be!
What if you forgot to lock your front door, or close your windows to your home and you were burglarized.

Who would be responsible for your loss ?
You Would Be!
If you gave your house keys to someone and they stole everything in your house, who would be responsible?
Fundamentals In
Information Security

Presented by Jason Pufahl
Chief Information
Security Officer, UConn

Data Breach Costs Hit Home
University Department Costs:

Two years credit monitoring - $36/record
Administrative overhead - $2/record
Flat fee - $500
Assuming 20% opt-in & 10,000 lost records = Cost of $76,500.
Phishing Not Fishing....
Giving Someone Your Password is the Same Thing as Giving Them Your House/Car Keys
How UConn Handles Security
Vulnerability Assessment
Information Security Policies
Incident Response
UConn's Tool for PII Remediation
Full transcript