SlideShare a Scribd company logo

Module5 desktop-laptop-security-b

Download as PPT, PDF
B
BbAOC

- Laptop theft is common, with a laptop stolen every 53 seconds. Keeping valuable personal or business information on a laptop increases the consequences if it is stolen. - Practical ways to protect laptops from theft include keeping your eyes on your laptop at all times, using passwords and encryption, installing tracking software, making backups, and using locks, insurance, and remote data deletion options. - In addition to general desktop security practices, laptop security requires physical security like using locking cables when the laptop is left unattended, as well as data security practices like using whole-disk encryption and privacy screens.

1 of 29
Downloaded 10 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Module 5 Desktop/Laptop Security Module 5
Module Objectives This module will familiarize you with the following: Encryption of Data Security Issues Loss of Laptop Remote connections (VPN) Issues Module 5
Laptop Theft Laptop theft is rampant. You have a 1 in 10 chance your shiny new laptop will be stolen. And the real shocker: according to the FBI 97% are never recovered. And, the U.S. Department of Justice stated in a recent report that the FBI lost 160 laptops in a 44 month period ending in September of 2005. If FBI agents have trouble keeping track of their laptops, imagine what the ordinary person is facing. The statistics are pretty grim. A laptop is stolen every 53 seconds. Ouch! With stats like those you have to do everything in your power to avoid becoming a victim of laptop theft. If you keep valuable personal or business information on your laptop the consequences can be even more gruesome and devastating. For laptop hardware can be easily replaced, but your valuable information may be lost forever.
Laptop Theft 10 Practical Ways to Protect Your Laptop Against Theft, Loss or Misplacement. 1. Keep Your Eyes On Your Laptop - Be aware of your laptop at all times especially when traveling. You wouldn't leave a Thousand Dollar Bill lying around unattended would you? So watch your laptop closely. 2. Don't Use An Obvious Laptop Bag - Carry your laptop in regular luggage that doesn't look like it has a laptop. Don't advertise your laptop to any would-be thieves. 3. Use Visual Locks And Restraints - Use visual locks and restraints to secure your laptop and to act as a deterrent. It won't fool hardened thieves but most will opt for a less secure laptop. For example, you can use a product like STOP, this system works by attaching a specially-made security plate to your laptop. This plate is barcoded and registered. It also carries a warning label letting would-be cyber thieves know that the ownership of your laptop is permanently monitored. 4. Use Passwords And Encryption - Use passwords and encryption to protect any sensitive information on your laptop. Again, unless you use very sophisticated encryption it won't fool the experienced hacker or hard-core digital thief but it will slow down and hinder the common criminal. Set a BIOS Password for your laptop. You have to take advantage of any security option that's on your laptop's OS or operating system. For those using Mac OS X you can encrypt your entire hard drive and set-up a master password in order to view it. Windows XP & Vista lets you encrypt files and folders. Just right click your data, select properties, open general tab and then advanced to check "Encrypt contents to secure data box". 5. Use Encryption - Vital files can be encrypted and it can even turn your USB thumb drive or iPod into a key for unlocking your hard drive. 6. Use Anti-Theft Software - Use anti-theft software that can track and locate your laptop or computer through the IP address once the stolen laptop is used to access the Internet. Use systems like "LoJack For Laptops". 7. Use Invisible Ultraviolet Markings - Use invisible ultraviolet markings so that any recovered stolen laptops will be clearly marked as yours to the police. Keeping track of your laptop's serial number is also a good idea and have this number stored in a different place other than on your laptop. 8. Try Remote Data Deletion - If you place important information on your laptop have a remotely controlled self-destruct solution in place. Then your highly sensitive information can be deleted remotely after your laptop is stolen. 9. Laptop Insurance - Create company policies for management of your company's laptops. Have set procedures in place for tracking and reporting of any laptops stolen or misplaced. Buying laptop insurance is another option you should consider especially if you are a student or do a lot of business traveling with your laptop in tow. Be prepared for the inevitable. 10. Backup Backup Backup - Regularly backup any vital information you have on your laptop. Most information will be useless to potential thieves but may be extremely important to you personally or for the running of your business.
Laptop Security Same as desktop security PLUS : Physical Security Use cable or docking-station lock if left overnight in office Use padded case or bag while travelling Never leave visible, unsecured, and unattended (e.g. on a parked car seat, table at restaurant) Data Security Use whole-disk encryption Use privacy screen/filter if routinely working in public Disable wireless antenna when not in use Use VPN to connect to organizational network
Encryption
EFS
 
Decryption
Decrypting
Encryption Goals of cryptography Authentication Encryption Cryptographic Systems Conventional (Symmetric) Non-Conventional (Asymmetric)
Encryption Characteristics Data Modifications Transposition Substitution Keys Used Symmetric (same-key) Asymmetric (complimentary keys) Process Block cipher Stream cipher
Conventional Encryption Hello Hello KEY KEY $*(*&^YGCI&^*&Y
Conventional Problem How do I get the secret key to all parties securely?
Asymmetric Encryption
Asymmetric Risks Key Authenticity Verisign, Thawte, Other CAs Key Loss Brute Force Attack Man-in-the Middle Attack Social Engineering Verisign / Microsoft
Encryption Challenges Key Validity User Awareness Combination Techniques Encryption Methods
Encryption Trends Hard Disk Encryption Digital Signatures Steganography Other Encryptable Devices
Hard Disk Encryption Type of encryption File Encryption (EFS) Problems with multiple vulnerabilities Whole Drive Encryption Entire Drive Encryption Vendors WinMagic / PointSec / Guardian Samsung Momentus Technology Locks entire drive Makes troubleshooting difficult Demo
Hard Disk Encryption
 
Public-Key Cryptography - Encryption
Public-Key Cryptography - Authentication
Encryption Implementations IPSec VPN SSL SSH RADIUS E-mail - S/MIME or PGP Kerberos
VPN VPN’s are Attractive Targets Carry Sensitive Information Remote Access to Secure Networks Invisible to Detection Systems Increased Security in other areas
E-mail Most heavily used network based application Architecture independent Security has become a concern, two schemes have come to the forefront: PGP (Pretty Good Privacy) S/MIME (Secure/Multipurpose Internet Mail Exchange)
 
Combining Public Key & Symmetric Key Encryption Plaintext Plaintext Hi Bob Alice Hi Bob Alice X2c67afGkz78 Session Key xaF4m 78dKm Alice Bob Ciphertext Hi Bob Alice Session Key Encrypt 1. Message B's private key Decrypt 3. Session Key Decrypt 4. Message B's public key Encrypt 2. Session Key
Digital Signature with a Message Digest Plaintext Plaintext Alice Bob Hi Bob Alice Hi Bob Alice Hi Bob Alice Encrypted MD (“signature”) Unencrypted message =? A's public key Decrypt 1764890238 3. Decrypt Alice’s Message Digest 1764890238 MD 4. Compute the MD MD 1764890238 Digest 1. Message Digest A’s private key 2. Encrypt the MD

More Related Content

PPTX
Computing remotely in a secure manner
Kevin Bryant
 
PPTX
Secure Your Mobile Apps
primomh
 
PDF
Datashur Presentation pin flash drive - Kingfin
Kingfin Enterprises Limited
 
PDF
STH-TopFiveSecuritySteps-TipsSheet
Morgan Prince
 
PPT
Adult Internet Safety
reidcollins42
 
PDF
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
EC-Council
 
PPTX
Protection
roxanne62
 
PPTX
Cyber pledge infoMagnum
ARUN REDDY M
 
Computing remotely in a secure manner
Kevin Bryant
 
Secure Your Mobile Apps
primomh
 
Datashur Presentation pin flash drive - Kingfin
Kingfin Enterprises Limited
 
STH-TopFiveSecuritySteps-TipsSheet
Morgan Prince
 
Adult Internet Safety
reidcollins42
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
EC-Council
 
Protection
roxanne62
 
Cyber pledge infoMagnum
ARUN REDDY M
 

What's hot (19)

PPTX
Pure retail training non animation
katelyn-fogarty
 
PPTX
Pure retail training presentation
katelyn-fogarty
 
PPTX
Pure retail training presentation v2
kaspersky-lab
 
PDF
IoT security
Abhishek Dwivedi
 
PDF
Introduction to Personal Privacy and Security
Robert Hurlbut
 
PDF
Mobile Penetration Testing: Episode 1 - The Forensic Menace
NowSecure
 
PPTX
Senior Technology Education
Summerpair77
 
PPTX
online and offline computer security
Abhishek Pansuriya
 
PPTX
Computing on the Move - Mobile Security
AVG Technologies AU
 
PPT
Heartbleed
Hemant Mittal
 
PDF
Securing blockchain assets
Simon Wilson
 
PPT
10 Things to help you be less dump at computers
Eric Fickes
 
PPTX
How to keep your laptop & mobile safe
kanika sharma
 
PDF
Swisscom: Smart Homes & Security Risks
Lea-María Louzada
 
PPTX
VenkaSure Total Security+
Venkasys Technologies Pvt. Ltd.
 
PDF
Eranda me
guestfecf7
 
PDF
Thailand Threat Telemetry 2016 by Fortinet Thailand
Aruj Thirawat
 
PDF
Understanding Keylogger
Phannarith Ou, G-CISO
 
PPTX
Intel McAfee DeepSAFE Technology
Can Your Security
 
Pure retail training non animation
katelyn-fogarty
 
Pure retail training presentation
katelyn-fogarty
 
Pure retail training presentation v2
kaspersky-lab
 
IoT security
Abhishek Dwivedi
 
Introduction to Personal Privacy and Security
Robert Hurlbut
 
Mobile Penetration Testing: Episode 1 - The Forensic Menace
NowSecure
 
Senior Technology Education
Summerpair77
 
online and offline computer security
Abhishek Pansuriya
 
Computing on the Move - Mobile Security
AVG Technologies AU
 
Heartbleed
Hemant Mittal
 
Securing blockchain assets
Simon Wilson
 
10 Things to help you be less dump at computers
Eric Fickes
 
How to keep your laptop & mobile safe
kanika sharma
 
Swisscom: Smart Homes & Security Risks
Lea-María Louzada
 
VenkaSure Total Security+
Venkasys Technologies Pvt. Ltd.
 
Eranda me
guestfecf7
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Aruj Thirawat
 
Understanding Keylogger
Phannarith Ou, G-CISO
 
Intel McAfee DeepSAFE Technology
Can Your Security
 
Ad

Similar to Module5 desktop-laptop-security-b (20)

PPTX
Laptop physical security
Kensington ClickSafe™
 
PPT
Laptop
aditya chaudhari
 
PPTX
Security Awareness 101
HaroldCo
 
PDF
Laptop theft statistics
Kensington ClickSafe™
 
PPTX
Article
sanloco143
 
PDF
Laptop Computers Protecting Confidential Clt Info
Oregon Law Practice Management
 
PPTX
Security Awareness 9 10 09 V4 Protect Equip
Megan Bell
 
PPTX
Basic_computerHygiene
EricK Gasana
 
PDF
Covid 19 guide how to secure your data while working away from office
Brijesh Joshi
 
PDF
Covid 19 guide how to secure your data while working away from office
ESDS Software Solution Pvt. Ltd
 
PPTX
Laptop Security
BARRY HAMMOND
 
PDF
Security Tips To Keep Your Laptop Safe
Noida
 
PPT
Computer Security
Cristian Mihai
 
PDF
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
 
PPTX
Day 3
sefreed
 
PDF
Building a culture of security
Courion Corporation
 
PPTX
Intro to web 2.0 Security
JP Bourget
 
PDF
Small Business Guide to Information Security
Leo Welder
 
PPTX
Security Awareness 9-10-09 v5 Protect Equipment
Catherine MacAllister
 
PPT
Security in 10 slides
Andre Debilloez
 
Laptop physical security
Kensington ClickSafe™
 
Laptop
aditya chaudhari
 
Security Awareness 101
HaroldCo
 
Laptop theft statistics
Kensington ClickSafe™
 
Article
sanloco143
 
Laptop Computers Protecting Confidential Clt Info
Oregon Law Practice Management
 
Security Awareness 9 10 09 V4 Protect Equip
Megan Bell
 
Basic_computerHygiene
EricK Gasana
 
Covid 19 guide how to secure your data while working away from office
Brijesh Joshi
 
Covid 19 guide how to secure your data while working away from office
ESDS Software Solution Pvt. Ltd
 
Laptop Security
BARRY HAMMOND
 
Security Tips To Keep Your Laptop Safe
Noida
 
Computer Security
Cristian Mihai
 
Ce hv6 module 46 securing laptop computers
Vi Tính Hoàng Nam
 
Day 3
sefreed
 
Building a culture of security
Courion Corporation
 
Intro to web 2.0 Security
JP Bourget
 
Small Business Guide to Information Security
Leo Welder
 
Security Awareness 9-10-09 v5 Protect Equipment
Catherine MacAllister
 
Security in 10 slides
Andre Debilloez
 
Ad

More from BbAOC (6)

PPT
Module7 wireless security-b
BbAOC
 
PPT
Module6 secure internet-b
BbAOC
 
PPT
Module0&1 intro-foundations-b
BbAOC
 
PPT
Module4 policies&procedures-b
BbAOC
 
PPT
Module 3 social engineering-b
BbAOC
 
PPT
Module 2 threats-b
BbAOC
 
Module7 wireless security-b
BbAOC
 
Module6 secure internet-b
BbAOC
 
Module0&1 intro-foundations-b
BbAOC
 
Module4 policies&procedures-b
BbAOC
 
Module 3 social engineering-b
BbAOC
 
Module 2 threats-b
BbAOC
 

Module5 desktop-laptop-security-b

  • 1. Module 5 Desktop/Laptop Security Module 5
  • 2. Module Objectives This module will familiarize you with the following: Encryption of Data Security Issues Loss of Laptop Remote connections (VPN) Issues Module 5
  • 3. Laptop Theft Laptop theft is rampant. You have a 1 in 10 chance your shiny new laptop will be stolen. And the real shocker: according to the FBI 97% are never recovered. And, the U.S. Department of Justice stated in a recent report that the FBI lost 160 laptops in a 44 month period ending in September of 2005. If FBI agents have trouble keeping track of their laptops, imagine what the ordinary person is facing. The statistics are pretty grim. A laptop is stolen every 53 seconds. Ouch! With stats like those you have to do everything in your power to avoid becoming a victim of laptop theft. If you keep valuable personal or business information on your laptop the consequences can be even more gruesome and devastating. For laptop hardware can be easily replaced, but your valuable information may be lost forever.
  • 4. Laptop Theft 10 Practical Ways to Protect Your Laptop Against Theft, Loss or Misplacement. 1. Keep Your Eyes On Your Laptop - Be aware of your laptop at all times especially when traveling. You wouldn't leave a Thousand Dollar Bill lying around unattended would you? So watch your laptop closely. 2. Don't Use An Obvious Laptop Bag - Carry your laptop in regular luggage that doesn't look like it has a laptop. Don't advertise your laptop to any would-be thieves. 3. Use Visual Locks And Restraints - Use visual locks and restraints to secure your laptop and to act as a deterrent. It won't fool hardened thieves but most will opt for a less secure laptop. For example, you can use a product like STOP, this system works by attaching a specially-made security plate to your laptop. This plate is barcoded and registered. It also carries a warning label letting would-be cyber thieves know that the ownership of your laptop is permanently monitored. 4. Use Passwords And Encryption - Use passwords and encryption to protect any sensitive information on your laptop. Again, unless you use very sophisticated encryption it won't fool the experienced hacker or hard-core digital thief but it will slow down and hinder the common criminal. Set a BIOS Password for your laptop. You have to take advantage of any security option that's on your laptop's OS or operating system. For those using Mac OS X you can encrypt your entire hard drive and set-up a master password in order to view it. Windows XP & Vista lets you encrypt files and folders. Just right click your data, select properties, open general tab and then advanced to check "Encrypt contents to secure data box". 5. Use Encryption - Vital files can be encrypted and it can even turn your USB thumb drive or iPod into a key for unlocking your hard drive. 6. Use Anti-Theft Software - Use anti-theft software that can track and locate your laptop or computer through the IP address once the stolen laptop is used to access the Internet. Use systems like "LoJack For Laptops". 7. Use Invisible Ultraviolet Markings - Use invisible ultraviolet markings so that any recovered stolen laptops will be clearly marked as yours to the police. Keeping track of your laptop's serial number is also a good idea and have this number stored in a different place other than on your laptop. 8. Try Remote Data Deletion - If you place important information on your laptop have a remotely controlled self-destruct solution in place. Then your highly sensitive information can be deleted remotely after your laptop is stolen. 9. Laptop Insurance - Create company policies for management of your company's laptops. Have set procedures in place for tracking and reporting of any laptops stolen or misplaced. Buying laptop insurance is another option you should consider especially if you are a student or do a lot of business traveling with your laptop in tow. Be prepared for the inevitable. 10. Backup Backup Backup - Regularly backup any vital information you have on your laptop. Most information will be useless to potential thieves but may be extremely important to you personally or for the running of your business.
  • 5. Laptop Security Same as desktop security PLUS : Physical Security Use cable or docking-station lock if left overnight in office Use padded case or bag while travelling Never leave visible, unsecured, and unattended (e.g. on a parked car seat, table at restaurant) Data Security Use whole-disk encryption Use privacy screen/filter if routinely working in public Disable wireless antenna when not in use Use VPN to connect to organizational network
  • 7. EFS
  • 8.  
  • 11. Encryption Goals of cryptography Authentication Encryption Cryptographic Systems Conventional (Symmetric) Non-Conventional (Asymmetric)
  • 12. Encryption Characteristics Data Modifications Transposition Substitution Keys Used Symmetric (same-key) Asymmetric (complimentary keys) Process Block cipher Stream cipher
  • 13. Conventional Encryption Hello Hello KEY KEY $*(*&^YGCI&^*&Y
  • 14. Conventional Problem How do I get the secret key to all parties securely?
  • 16. Asymmetric Risks Key Authenticity Verisign, Thawte, Other CAs Key Loss Brute Force Attack Man-in-the Middle Attack Social Engineering Verisign / Microsoft
  • 17. Encryption Challenges Key Validity User Awareness Combination Techniques Encryption Methods
  • 18. Encryption Trends Hard Disk Encryption Digital Signatures Steganography Other Encryptable Devices
  • 19. Hard Disk Encryption Type of encryption File Encryption (EFS) Problems with multiple vulnerabilities Whole Drive Encryption Entire Drive Encryption Vendors WinMagic / PointSec / Guardian Samsung Momentus Technology Locks entire drive Makes troubleshooting difficult Demo
  • 21.  
  • 23. Public-Key Cryptography - Authentication
  • 24. Encryption Implementations IPSec VPN SSL SSH RADIUS E-mail - S/MIME or PGP Kerberos
  • 25. VPN VPN’s are Attractive Targets Carry Sensitive Information Remote Access to Secure Networks Invisible to Detection Systems Increased Security in other areas
  • 26. E-mail Most heavily used network based application Architecture independent Security has become a concern, two schemes have come to the forefront: PGP (Pretty Good Privacy) S/MIME (Secure/Multipurpose Internet Mail Exchange)
  • 27.  
  • 28. Combining Public Key & Symmetric Key Encryption Plaintext Plaintext Hi Bob Alice Hi Bob Alice X2c67afGkz78 Session Key xaF4m 78dKm Alice Bob Ciphertext Hi Bob Alice Session Key Encrypt 1. Message B's private key Decrypt 3. Session Key Decrypt 4. Message B's public key Encrypt 2. Session Key
  • 29. Digital Signature with a Message Digest Plaintext Plaintext Alice Bob Hi Bob Alice Hi Bob Alice Hi Bob Alice Encrypted MD (“signature”) Unencrypted message =? A's public key Decrypt 1764890238 3. Decrypt Alice’s Message Digest 1764890238 MD 4. Compute the MD MD 1764890238 Digest 1. Message Digest A’s private key 2. Encrypt the MD