Computer Security BasicsWhat Every Computer User Should Know : Computer Security BasicsWhat Every Computer User Should Know by Naveed Ahmed
naveedahmedm@hotmail.com
Slide 2 : SECURITY TIPS
1. Use protection software "anti-virus software" and keep it up to date.
2. Don't open unknown, unscanned or unexpected email attachements.
3. Use hard-to-guess passwords.
4. Protect your computer from Internet intruders -- use "firewalls".
5. Don't share access to your computers with strangers. Learn about file sharing risks.
Slide 3 : SECURITY TIPS
Disconnect from the Internet when not in use.
7. Back up your computer data.
8. Regularly download security protection update "patches".
Check your security on a regular basis. Understand the risks and use measures to minimize your exposure.
Share security tips with family members , co-workers and friends.
Anti-virus Software : Anti-virus Software Relies on early warnings of new viruses, so that antidotes can be developed and distributed quickly
1,000’s of new viruses being generated every month
Essential virus database be kept up to date
2. Don't open unknown, unscanned or unexpected email attachments. : 2. Don't open unknown, unscanned or unexpected email attachments. A simple rule of thumb is that if you don't know the person who is sending you an email, be very careful about opening the email and any file attached to it. Should you receive a suspicious email, the best thing to do is to delete the entire message, including any attachment. Even if you do know the person sending you the email, you should exercise caution if the message is strange and unexpected, particularly if it contains unusual hyperlinks. Current email viruses are “spoofed” to appear to come from a trusted, known or authoritative source. Contact the person sending the to verify that they really did send it. Or when in doubt, delete!
Slide 6 : What to do with an e-mail message and its attachment
Do not open any attachment before verifying it's safe.
Contact the sender, via e-mail or phone, and ask them if they sent you the attachment.
Be especially watchful for attachments with these file extensions: .ZIP, .EXE, .COM, .BAT, .PIF and. SCR.
Delete any message and attachment if they’re at all suspicious
Deleting a message in most e-mail programs is easy, but some e-mail programs may not automatically delete the attachment as well. Not sure if your program deletes the attachment? Find out.
Slide 7 : Get anti-virus software and keep it up to date
Install anti-virus software on both your office computer and home computers
Keeping your anti-virus software up-to-date means: getting updates as often as possible.
3. Use hard-to-guess passwords : 3. Use hard-to-guess passwords Passwords will only keep outsiders out if they are difficult to guess! Don't share your password, and if possible don't use the same password in more than one place. If someone should happen to guess one of your passwords, you don't want them to be able to use it in other places. The golden rules of passwords are: (1) A password should have a minimum of 8 characters, be as meaningless as possible, and use uppercase letters, lowercase letters and numbers, e.g., xk28LP97. (2) Change passwords regularly, at least every 120 days. (3) Do not give out your password to anyone!
Passwords : Passwords Simplest and most common way to ensure that only those that have permission can enter your computer or certain parts of your computer network
Virtually ineffective if people do not protect their passwords.
The golden rules, or policies for passwords are:
Make passwords as meaningless as possible
Change passwords regularly
Never divulge passwords to anyone
Password Construction : Password Construction On systems that support them, passwords should contain at least eight characters
One of each of the following characters: - Uppercase letters ( A-Z )
- Lowercase letters ( a-z )
- Numbers ( 0-9 )
- Punctuation marks ( !@#$%^&*()_+=- )
How, you may ask, am I ever going to remember such a complicated password? : How, you may ask, am I ever going to remember such a complicated password? Pick a sentence that reminds you of the password. For example:
if my car makes it through 2 semesters, I'll be lucky (imcmit2s,Ibl)
only Bill Gates could afford this $70.00 textbook (oBGcat$7t)
Slide 12 : The Vanity Plate
I feel great = If33lg8!
Wildcats are #1 = W1ldcatzR#1
Dolphins Fan = d0lf1n’sfan
Slide 13 : Compound Words
Used every day are easy to remember. Spice them up with numbers and special characters. Also, misspell one or both of the words and you'll get a great password. Friendship = Fr13nd+sh1p
Lifelong = L!f3l0ngTeddybear = T3ddy^BaRe
Slide 14 : Be careful about typing your password into a strange program, web site, or server.
Why do they need it?
Are they authorized to ask for it?
A web site on the other side of the country should definitely not be asking for your U of A password over the network whenever possible.
Do not use the same password on an unofficial, entertainment, off-campus, OR uncritical service that you use for more critical services.
Slide 15 : 4. Protect your computer from Internet intruders -- use a “personal firewall". Equip your computer with a firewall! Firewalls create a protective wall between your computer and the outside world. They come in two forms, software firewalls that run on your personal computer and hardware firewalls that protect a number of computers at the same time. They work by filtering out unauthorized or potentially dangerous types of data from the Internet, while still allowing other (good) data to reach your computer. Firewalls also ensure that unauthorized persons can't gain access to your computer while you're connected to the Internet. Don't let intruders in!
Do Firewalls Prevent Viruses and Trojans? : Do Firewalls Prevent Viruses and Trojans? NO!! A firewall can only prevent a virus or Trojan from accessing the internet while on your machine
95% of all viruses and trojans are received via e-mail, through file sharing (like Kazaa or Gnucleus) or through direct download of a malicious program
Firewalls can't prevent this -- only a good anti-virus software program can
Slide 17 : Once installed on your PC, many viruses and Trojans "call home" using the internet to the hacker that designed it
This lets the hacker activate the Trojan and he/she can now use your PC for his/her own purposes
A firewall can block the call home and can alert you if there is suspicious behavior taking place on your system
5. Don't share access to your computers with strangers. Learn about file sharing risks. : 5. Don't share access to your computers with strangers. Learn about file sharing risks. Your computer operating system may allow other computers on a network, including the Internet, to access the hard-drive of your computer in order to "share files". This ability to share files can be used to infect your computer with a virus or look at the files on your computer if you don't pay close attention. So, unless you really need this ability, make sure you turn off file-sharing. Check your operating system and your other program help files to learn how to disable file sharing. Don't share access to your computer with strangers!
6. Disconnect from the Internet when not in use. : 6. Disconnect from the Internet when not in use. Remember that the Digital Highway is a two-way road. You send and receive information on it. Disconnecting your computer from the Internet when you're not online lessens the chance that someone will be able to access your computer. And if you haven't kept your anti-virus software up-to-date, or don't have a firewall in place, someone could infect your computer or use it to harm someone else on the Internet. Be safe and disconnect!
7. Back up your computer data. : 7. Back up your computer data. Experienced computer users know that there are two types of people: those who have already lost data and those who are going to experience the pain of losing data in the future. Back up small amounts of data on floppy disks and larger amounts on CDs. If you have access to a network, save copies of your data on another computer in the network as most shared drives are backed up. Most people make weekly backups of all their important data. And make sure you have your original software start-up disks handy and available in the event your computer system files get damaged. Be prepared!
8. Regularly download security protection update "patches“. : 8. Regularly download security protection update "patches“. Most major software companies today have to release updates and patches to their software every so often. Sometimes bugs are discovered in a program that may allow a malicious person to attack your computer. When these bugs are discovered, the software companies, or vendors, create patches that they post on their web sites. You need to be sure you download and install the patches! Check your software vendors' web sites on a regular basis for new security patches or use the new automated patching features that some companies offer. Stay informed!
Security Necessities : Security Necessities First, understand the threats
Second, put proper safeguards in place
Extensive choice of technologies
OS and Application Patches
Anti-virus software packages
Firewalls for providing protection
Implement proper computer security without compromising the need for quick and easy access to information
Slide 23 :
Spam : Spam Unsolicited e-mail or the action of broadcasting unsolicited advertising messages via e-mail
Takes up time and storage space on their computer
Report it to ISP. Check your ISP help areas to find out how to report spam
Protect Yourself : Protect Yourself Never give out your password, billing information or other personal information to strangers online
Be mindful of who you're talking with before you give out personal information
Don't click on hyperlinks or download attachments from people/web sites you don't know
Be skeptical of any company that doesn't clearly state its name, physical address and telephone number
Great Home Computer Security Webpage
www.cert.org/homeusers/HomeComputerSecurity/
Summary : Summary Common sense, some simple rules and a few pieces of technology can help protect your computer systems from unauthorized use
Important to remember that by protecting your own computer system, you're also doing your part to protect computers throughout the university
Slide 27 :