Security Squad Keeping your Equipment and Information Safe Security Squad Video Series, Part 2 Presenter, Title University of ________________ 7/1/2016 Security Squad Video Series The Security Plan Plan Overview 7/1/2016 Security Squad Video Series Security Plan Topics • • • • • • • • Inventory – Tallying What you Have Passwords – Creating Strong Passwords Backups – Making Secured Copies Viruses – Protecting Your Office from Malware Wireless – Limiting Your Exposure Firewalls – Stopping Hackers at the Door E-commerce – Buying and Selling Safely Online Employee Policies – Protecting the Company and Employees 7/1/2016 Security Squad Video Series Wireless Limiting Your Exposure 7/1/2016 Security Squad Video Series Key Points – Wireless Wireless Network security protocols • Public vs. private networks • Encryption levels – WPA2 – MAC identification • Web interface agreement • Broadcast network? 7/1/2016 Security Squad Video Series Key Points – Wireless Wireless Devices • Bluetooth settings – Recognize connections – Encryption software • Wireless printers 7/1/2016 Security Squad Video Series Firewalls Stopping Hackers at the Door 7/1/2016 Security Squad Video Series Key Points - Firewalls Hardware Firewalls • Install on the cable or DSL • Uses a web-based interface • Inexpensive can be combined with routers • Network server behind firewall 7/1/2016 Security Squad Video Series Key Points - Firewalls Software Firewalls • Install on every computer • Turn on pre-installed firewalls • Commercial software • Use only one software firewall • Applications require firewall permissions 7/1/2016 Security Squad Video Series Firewalls What is your current firewall protection? • Do you have hardware/software protections? • Is the firewall activated? • Who’s in charge of backing up files? 7/1/2016 Security Squad Video Series E-commerce Buying and Selling Safely Online 7/1/2016 Security Squad Video Series Key Points – E-Commerce Secured Socket Layering (SSL) Identifiers • Locked padlock will appear in the browser status, or • Green safety bar will appear in the browser address bar, and • URL address will begin with https:// instead of the usual http:// 7/1/2016 Security Squad Video Series Key Points – E-Commerce Website Authenticity • 3rd Party verification – Security protocols – Company – Domain name • $$$ to $$$$ • Purchase services 7/1/2016 Security Squad Video Series Good Practices - E-Commerce • Include company contact information • Privacy Policy • Internal policy for record keeping and disposal • No credit card information in email, mail • Limit employee exposure • Work with ISP and merchant account rep. for best credit card security. 7/1/2016 Security Squad Video Series Good Practices - E-Commerce Cookies – • Advantages – Plugs in information, saves time – Personalizes website • Disadvantages – Auto-fills sensitive information • Store or not-to-store • Do not have browser store passwords 7/1/2016 Security Squad Video Series E-Commerce What are your website e-commerce protocols? • Do you have encryption protections? • Is your website trusted by your customers? • Do you have good online purchasing practices? 7/1/2016 Security Squad Video Series Employee Policies Protecting the Company and Employees 7/1/2016 Security Squad Video Series Key Points – Employee Policies • Business Owner Responsibilities – Administrative Rights – Evaluate employee access rights – Encrypt sensitive files – Complete Inventory list 7/1/2016 Security Squad Video Series Key Points – Employee Policies • Employee Technology Rules – – – – – 7/1/2016 Approved File portability Work from home policies Smart phone/PDAs Secure the workspace Employee training Security Squad Video Series Key Points – Employee Policies • Email/Internet Use – Monitoring email – Acceptable Internet Use policies – Illegal activity and consequences 7/1/2016 Security Squad Video Series Key Points – Employee Policies • Handling Sensitive Data – Secure sensitive documents – Cross-cut shredder – Credit Card procedures 7/1/2016 Security Squad Video Series Employee Policies Review your employee technology use policies • Are they applicable and current? • Are they attorney reviewed? • Do they reflect new security policies and practices? 7/1/2016 Security Squad Video Series Security Squad – Part 2 Contact: 7/1/2016 _________________________ _________________________ _________________________ Security Squad Video Series