File - Virginia Air Force Association

advertisement
Air Force Association (AFA)
AGENDA
1. Definition
2. Security Terms Definitions
3. What can we do?
4. Defense in Depth
5. What do Controls do for us?
6. SANS Security Tips 1-8
7. SANS Security Test
Information Security
The practice of protecting information from
unauthorized access, use, disclosure, disruption,
modification, viewing, inspection, recording or
destruction. Two major aspects of information security
are:
IT or Computer Security: Information Technology also
refers to devices ranging from non-networked
standalone devices as simple as calculators, to
networked smartphones and tablet computers. IT
security specialists are found in all major businesses and
government organizations due to the nature and value of
their data. They have the IT Security responsibility to
keep all of the technology in their organization secure
from malicious cyber attacks that attempt to gain access
to critical information or take control of the systems.
Information Assurance: Ensure that data is not lost
when attacks, malfunctions or natural disasters occur.
Protected data will:
1.
Be Available
2.
Have Integrity
3.
Be Confidential
Security Terms Definitions
Vulnerability
Lack of countermeasure or software, hardware, procedure or
human weakness. They expose organizations to possible
damage. The vulnerability could be unpatched applications or
operating systems, a service running on a server, an unrestricted
wireless access point, an open port on a firewall, lax physical
security or unenforced password management on servers and
workstations.
Threat
Any potential danger associated with exploiting a vulnerability.
The THREAT AGENT takes advantage of a vulnerability. It could
be an intruder accessing the network through a port on the
firewall, a process that violates security policy, a fire, or a
tornado, or a mistake by an employee that exposes personal or
confidential information.
Risk
The probability that a threat agent will exploit a vulnerability like too many open ports on the
firewall or the lack of an intrusion detection system and negatively impact the business.
What can we do?
Controls /Safeguards/Countermeasures
Controls and
countermeasures
reduce the risk of the
threat. These could be
software configurations,
hardware devices or
procedures that prevent
the threat agent from
exploiting a
vulnerability. Or the
countermeasure may
completely eliminate
the threat.
Three types of controls:
Administrative or “soft” controls
Technical controls
Physical controls
Defense in Depth
Combination of Administrative Controls
Technical/Logical Controls and Physical Controls
and coordinated use of them to provide Defense
In Depth for your systems at home or at work.
ADMINISTRATIVE: Security
Documentation, Risk Management,
Personnel Security, Training
TACTICAL/LOGICAL: Firewalls, Intrusion
Detection Systems, Encryption,
Identification, Antimalware, Access
Control and Authentication Mechanisms
PHYSICAL:
Security Guards,
Locked internal
Doors, Locked
Server Room,
Cable Locks on
Computers,
Fences, Security
Lighting and
Security Cameras
Maccabee Security
Systems, NY
What do Controls do for us?
1. DETER: Intended to discourage a
potential attacker
2. PREVENT: Intended to stop an
incident from occurring
3. CORRECT: Fixes components or
systems after an incident has
occurred
4. RECOVER: Intended to return the
systems to normal after an
incident has occurred
5. DETECT: Help identify threat
activities and intruders/intrusions
6. COMPENSATE: Controls that
provide other means of control
(like fences instead of guards)
SANS Security Tips 1
Treat your laptop like you want to keep it
Thinking of taking your laptop on the road? It's a great way to work and stay
in touch when you're out and about, but you need to take some steps to keep
your laptop safe-and in your possession. Here are some things you can do to
keep track of your laptop and protect all the personal information on it:
Treat it like cash.
Get it out of the car...don't ever leave it behind.
Keep it locked...use a security cable.
Keep it off the floor...or at least between your feet.
Keep passwords separate...not near the laptop or case.
Don't leave it "for just a sec"...no matter where you are.
Pay attention in airports...especially at security.
Use bells and whistles...if you've got an alarm, turn it on.
SANS Security Tips 2
Don't get hooked by a Phishing expedition
Don't reply to email or pop-up messages that ask for personal or financial
information, and don't click on links in the message.
Don't cut and paste a link from the message into your Web browser -- phishers
can make links look like they go one place, but actually send you to a different
site.
Use anti-virus and anti-spyware software, as well as a two-way firewall, and
update them all regularly.
Don't send personal or financial information by email.
Be cautious about opening any attachment or downloading any files from emails
you receive regardless of who sent them.
Visit http://onguardonline.gov/phishing.html for more information.
June 17, 2014
SANS Security Tips 3
Don't let spyware control your computer use
Lower your risk by taking the following steps:
Update your operating system and Web browser software, and set your
browser security high enough to detect unauthorized downloads.
Use anti-virus and anti-spyware software, as well as a two-way firewall, and
update them all regularly.
Download free software only from sites you know and trust. Enticing free
software downloads frequently contain other software, including spyware.
Don't click on links in pop-ups.
Don't click on links in spam or pop-ups that claim to offer anti-spyware
software
SANS Security Tips 4
If you suspect malware is on your computer - Stop, Confirm, Scan
Malware, short for "malicious software," includes viruses and spyware
designed to steal personal information, send spam, and commit fraud. If
you suspect malware is on your computer —
Stop shopping, banking, or any online activities that involve user names,
passwords, or other sensitive information.
Confirm that your security software is working and up-to-date. At a
minimum, your computer should have anti-virus and anti-spyware
software, and a two-way firewall.
Once your security software is up-to-date, scan your computer for viruses
and spyware, deleting or quarantining anything the program identifies as a
problem.
If you suspect your computer is still infected, you may want to run a second
anti-virus or anti-spyware program - or call in professional help.
Once your computer is back up and running, think about how malware
could have been downloaded to your machine, and what you could do to
avoid it in the future.
Visit http://onguardonline.gov/malware.html for more information.
June 14, 2014
SANS Security Tips 5
Don't enter your username and password on any computer you don't
control.
Using public computers will always carry the risk of exposing your personal
data. "Public" computers — as in college library computers. A Kentucky
college student has been charged with identity theft and unlawful access to
a computer for allegedly breaking into other students' email accounts at the
University of the Cumberlands, and using the access and information to
blackmail them. He did this by allegedly placing spyware on computers at
the college library to harvest the information he needed to access the email
accounts. Then he threatened to divulge the contents of certain messages
unless the students complied with his demands.
For more information: http://blogs.techrepublic.com.com/10things/?p=322
June 3, 2014
SANS Security Tips 6
Change the combination on opened laptop locks
When people have cables with combination locks for securing their laptops
at their workstation, they always remember to turn the tumblers when they
secure the laptop. But what happens when they unsecure the laptop? Many
people won't turn the tumblers on the opened lock because it is much easier
to lock the laptop later if the combination is already set. About half a dozen
laptops in our office disappeared one day. The laptops were stolen by
someone who came by when the laptops were not there and noted the
combination. They came back later when the laptops were there and used
the combination they had noted earlier.
SANS Security Tips 7
Prevent USB Drives from Spreading Viruses
When you stick a thumb drive infected with a worm like
Conficker/Downadup into a clean system, the normally handy AutoPlay
feature launches the worm and spreads the infection. You can prevent this
by flipping the master switch. Here's how: Click on the "Start" button and
pick "Run."
Enter the text GPEDIT.MSC and press Enter. After a moment, the Group
Policy editor window will open.
In the left panel, double-click on "Computer Configuration."
Double-click on "Administrative Templates."
Double-click on "System."
In the right panel near the bottom of the list, double-click on "Turn off
autoplay."/
The default setting is the "Not configured." Put a bullet in "Enabled."
Make sure "Turn off Autoplay on:" is set to "All drives."
Click on "Apply," and then "OK".
Close the Group Policy editor window.
SANS Security Tips 8
Change your password on a schedule.
Passwords are like bubble gum; they are better when fresh. The longer and more
complex your password is, the harder it is to crack, and the less often you'll need to
change it. If you use an 8-character password, you should change it about every six
months. Remember: Never use a password with less than 8 characters. If you use a 9character password and follow the rules about uppercase and lowercase letters,
numbers, and symbols, it will stay fresh for a whole year. If you can't remember the
last time you changed your password, it's time to change it.
Change from a password to a passphrase
It's better to use longer and more complicated passwords, but they are hard to
remember. Try using a passphrase like "I love getting to work at 8:00!" It's long, easy to
remember, and has a mix of upper case and lower case letters and symbols. Don't use
familiar or famous quotations. Don't use any real names, especially your own, your
family member's, or your pet's. Nonsensical passphrases are the hardest to crack.
Because password cracking time increases exponentially, a criminal with substantial
computing resources can crack short passwords quickly; while a 31-character (the
length of our example) passphrase would take 231,935,475,118,605,000,000,000 years
to crack! Best of all, it's easy to remember.
SANS Security Tips Test
See just how "Security Aware" you really are
Do you believe you're a little more Security Aware? Can you identify the
threats that exist in your environment and the steps you should take to
avoid them? Take the following quizzes and find out.
Phishing http://www.onguardonline.gov/games/phishing-scams.aspx
Spyware http://www.onguardonline.gov/games/beware-spyware.aspx
Identity Theft http://www.onguardonline.gov/games/id-theft-faceoff.aspx
Social Networking http://www.onguardonline.gov/games/friendfinder.aspx
Download