ACS Computer Forum
1 like180 views
This document discusses computer security risks like viruses, malware, spam, and phishing. It provides definitions and examples of these threats. Some key recommendations for protecting yourself include keeping systems updated, using antivirus and firewall software, having backup policies, and educating users on security best practices. While complete isolation is most secure, a balanced approach using both software and hardware solutions can allow for productivity while managing risks. Maintaining security measures is important for ongoing protection.
ACS Computer Forum
- 1. Understanding Computers Viruses, Spam, Backups and more ACS Company IT Committee LOGO
- 2. It’s all about Risk Management
- 3. Objectives § Viruses and Trojans Malware § Spyware § Phishing § Flaming § How do you protect yourself? § Spam § Backups § Recommendations
- 4. Viruses and Trojans § Definition › A program that replicates itself with malicious intent. It usually remains hidden in another program and depends on a person to activate it. › Viruses only damage software and cannot destroy hard drives, monitors, or anything else like that as commonly rumored. › Exploit weaknesses in Operating Systems and programmes
- 5. Viruses and Trojans § Definition › Whoever thought to name a virus, a virus was certainly on the right track. › Think of a human Virus – it serves no purpose, it uses a host to multiply and then leaves the host useless, it is highly contagious, but can be immunized against.
- 6. Viruses § At its peak infection rate in 2004, about 1 in 12 emails on the Internet were MyDoom Viruses § It is estimated that PC Viruses cost businesses approximately $55 Billion in damages in 2003. This amount doubles EACH Year. Thus $220 Billion in 2005 - $220,000,000,000.00 § In the US alone, ID theft cost banks $1 billion a year. Nearly 10,000 victims had home loans - totalling about $300 million - taken out in their name and another 68,000 had new credit cards issued in their name"
- 7. Spyware § Definition › Software that tracks a user's personal information and passes it on to third parties, without the user's authorisation or knowledge › Personal information includes Passwords, sites visited, even Banking and Credit Card Information
- 8. Malware § You can get them from… › E-Mails and attachments (eg Word Document) › Files from insecure sources › “Cover Disks” › Web surfing
- 9. Phishing § The act of “getting” a username and password by means of deception. § “Bank Records” emails Always type web address § Phone calls Freddo Frogs. Never give your password § Password Saving Just Don’t!! § If you feel your password has been compromised – CHANGE IT!
- 10. Phishing § 5.7 Billion - Number of phishing emails sent each month $1,200 - Average loss to each person sucessfully phished 13,228 - Average number of unique phishing attacks per month 3,431 - Average number of phishing web sites each month § Source: www.mailfrontier.com
- 11. Flaming § Sending many or large emails to one address. § Can be both Real or Perceived (dependant on tolerance threshold) § Denial of Service in its worst examples
- 12. Spam § Definition › Spam is a collective term referring to mass email forwarded messages, junk email, email hoaxes, etc. › Spam bogs down the Internet with unwanted junk email making it slower for us to download files or access WebPages.
- 13. Spam § How to protect yourself › Don’t use common e-mail addresses § don’t use e-mail addresses such as › CEO@, manager@ § consider not using › admin@, sales@, info@ › NEVER respond to spam. › Don’t click ‘unsubscribe’ at the bottom of spam › Minimise the number of e-mail addresses on a web site
- 14. How do you protect yourself? § Cast Iron Option › Don’t let machines talk to the Internet or receive e-mails etc. ie Completely stand alone › Pro – Good security › Con – Can’t do anything… Extreme limit to productivity
- 15. How do you protect yourself? § Cotton Wool / Band-Aid Option › This is the soft option – don’t do anything and hope that nothing happens The Cotton wool is used to ‘mop up the mess’ › Pro – easy to administer › Con – Wide open to attack
- 16. How do you protect yourself? § Rubber Option › Put something solid but flexible between your resources and the potential source of risk › Pro – Allows modern work flows › Con – Some administration required
- 17. It’s not has hard as you may think § Software › Run Anti-Virus software › Run Anti-Spyware software › Run Anti-Spam software § These all compare everything to known signatures § If something is detected, it is automatically dealt with › Update, Update, Update (Automatically)
- 18. It’s not has hard as you may think § Hardware › Router § A router that directs traffic dependent on where it comes from and it’s type § It directs the Black Sheep and the White Sheep › Firewall § A device that looks at the information passing between devices, and filters it if required § It filters the Sheep from the Goats
- 19. It’s not has hard as you may think § Peer to Peer / Workgroup › All PCs are equal › One PC may be prime § Domain › Server / Client › Possibly multiple servers § File, § Application § Email § Authentication
- 20. It’s not has hard as you may think § A combination solution of hardware and software is often the best § It depends on: › The size of your network › The value of your information § A bank will spend significantly more money on security than a 30 bed nursing home
- 21. Policies and Procedures § Literally, setting rules and policing them § If rules can not be set for the systems to enforce, set “best practice” guidelines. § Passwords MUST be used. § Physical Security of Equipment § User level security § Acceptable Use Web Browsing / Sites visited Personal Use Auditing and Monitoring – Who can see what. Netiquette
- 22. Backup The safe storage of important information § Paper based or electronic has same importance § Backup to Disk, Tape or CD › Archive and backup those archives § Test the backup regularly › Ensure information can be retrieved
- 23. Backup The safe storage of important information § Store the backup away from the Network › If the computer is destroyed is the backup still safe § Ensure any “restore to” PC can read the backup
- 24. Recommendations § Minimum requirements - essentials › Keep your Systems up to date! § All Software Update/ Patches/ Definitions › Anti-Virus Software § eg, CA, Trend, AVG, McAfee, Norton etc › Anti-Spyware Software › Firewall or Router › Policies and Best Practice Procedures. › Backups § Keep both onsite and offsite § Backup as often as you feel you can afford to replace the data
- 25. Recommendations § Additional Recommendations - desirables… › Anti-Spam § At the ISP (Internet Service Provider) § At your firewall/ Email Server (if you have one) § On your PC eg Outlook Junk E-Mail filter › Professional assistance (internal or outsource) § Internet Service Providers § Computer Suppliers § Trained staff (as long as their skills are up to date) § Purchasing Partners/ Networking Opportunities
- 26. Recommendations Whichever solution(s) you choose to implement Maintain it!
- 27. Other Information You may not be aware § Not-for-profits can purchase most hardware and software for a significantly reduced price § Windows XP is the minimum recommended operating system § ‘It all worth the effort’ J
- 28. Questions to the Panel Thank you for your time