Information Technology security & Training

Published on
Embed video
Share video
Ask about this video

Scene 1 (0s)

[Audio] Information Technology security & Training.

Scene 2 (6s)

[Audio] Agenda Importance of IT security Type of Threats Network Security Data Security Email Security IT Asset Security Best Practices.

Scene 3 (18s)

[Audio] CYBERSECURITY AWARENESS Importance of IT security Be an Empowered Protector. At Home and at Work. Cybersecurity training is a proactive and necessary step to protect yourself and our organization from the ever-evolving cyber threat landscape. 10% of Security Safeguards are technical 90% of Security safeguard relay on the computer user "YOU!".

Scene 4 (44s)

[Audio] Threats Overview Malware Phishing Social Engineering.

Scene 5 (51s)

[Audio] Threats Overview Malware. Threats Overview.

Scene 6 (58s)

[Audio] Malware includes numerous threat families, all with different names. Viruses Worms Trojans Ransomware Rootkits Bootkits.

Scene 7 (1m 8s)

[Audio] Is malware on windows only? Malware definitely exists on other operating systems (Oses) outside of Windows. Windows is typically the major target due to high market share. Is malware on mobile phones ? Mobile phone malware is a growing threat due to users doing the majority of their internet browsing on a cell phone. Ransomware, or screen locking malware, is a popular threat on mobile devices..

Scene 8 (1m 37s)

[Audio] How does my computer get infected ? Clicking malicious links in email Plugging in an unknown flash drive Downloading malware masquerading as other software By browsing malicious websites How does my mobile device get infected? Installing 3rd party apps directly from the internet instead of via official stores such as Google Play or Apple's App Store..

Scene 10 (4m 23s)

[Audio] Top Tips to Avoid Malware Install Endpoint Security on all devices. Be careful what you plug in. Be careful what you click. Get awareness training for entire family.

Scene 11 (4m 37s)

[Audio] Threats Overview Phishing. Threats Overview.

Scene 12 (4m 44s)

[Audio] Phishing 80% of report security incidents involve phishing. Intentionally deceiving someone by posing as a legitimate company. Typically, utilizes email by pretending to be a company or service requesting you to do something. Hoping that you click the link and fill out the requested info.

Scene 13 (5m 3s)

[Audio] Phishing Examples. Not paypal.com. Phishing Examples.

Scene 14 (6m 3s)

[Audio] Top Tips to Avoid Phishing Check who the email sender is. Check the email ID correctly before sending or replying Mouse over the link to see where it goes. Do not click the link – manually type it in.

Scene 16 (8m 7s)

[Audio] Threats Overview Social Engineering. Threats Overview.

Scene 17 (8m 13s)

[Audio] Can these answers be found on your Facebook account? What city did you grow up in? What is your dog's name? What high school did you attend? What is your favorite book? What is your dream job? What is your mother's maiden name?.

Scene 18 (8m 30s)

[Audio] Security Questions Typically, users are honest when filling out security questions. Malicious parties can utilize social media to find out the answers to these questions, which allows them to reset your password. Best practice is to not be honest when filling out these questions. Treat security questions as another password field.

Scene 19 (8m 50s)

[Audio] How about this? This is extremely important in the conversation around passwords due to the fact that most passwords can be simply changed or reset by knowing a few answers to questions about yourself. Most of these answers can be commonly found on users' social media accounts. So it is very important to not just practice good password policies but also strong security questions as well..

Scene 20 (9m 18s)

[Audio] Users and Poor Password Hygiene Typically, users practice risky behavior with respect to passwords. Passwords nowadays can be a gateway into identity theft..

Scene 21 (9m 29s)

[Audio] So typically due to the complexity requirements of passwords usually users end up writing their passwords on sticky notes or in documents on their desktop..

Scene 22 (9m 39s)

[Audio] Others freely share their passwords with other users. We see this especially in organizations that require users to clock in at the beginning and end of the day. They do not want to be late again so they call their friend who is already at work and ask them to clock in for them..

Scene 23 (9m 55s)

[Audio] This leads to current password policies that typically have users change their password every 90 days or every 6 months. Users are not increasing your businesses security by changing their password on these scheduled intervals due to them doing the above. They are simply going to the next number and next symbol on the keyboard. In fact now NIST is recommending against having users change passwords every 90 days due to the above..

Scene 24 (10m 23s)

[Audio] So when data breaches occur passwords are sometimes extracted, it would be very easy for me to go to another website and figure out what your password is. For example if the password that was stolen was elephant, and I went to a website that required 8 characters and 1 symbol. There are only 32 symbols on the keyboard, therefore I only need to type in elephant and then try every symbol and see if I gain access into whatever system I am trying to break into..

Scene 25 (10m 50s)

[Audio] Password Managers If you have trouble remembering passwords or creating unique passwords, utilize a password manager. There are several very secure password managers on the market that work across all Oses. They will remember and auto-complete your passwords for you once your "master" password is entered.

Scene 26 (11m 9s)

[Audio] Top tips for password safety Utilize unique passwords across all websites/applications Enable and utilize 2FA on all websites that allow it Choose unique, non-true security questions.

Scene 28 (12m 46s)

[Audio] Internet protection. INTERNET PROTECTION.

Scene 29 (12m 52s)

[Audio] Internet Protection Overview Search Engine Safety Web Content Filter HTTPS Public Wifi Internet of Things.

Scene 30 (13m 2s)

[Audio] HTTPS Is a protocol for secure communication over a computer network which is widely used on the internet HTTPS is typically notated by displaying a green lock in the web address bar:.

Scene 31 (13m 16s)

[Audio] HTTPS No sensitive information should be typed into a page that is not secured by HTTPS. Even though a page is secured with HTTPS, it does not automatically mean the page is safe. Most browsers have begun to let users know more easily when they are on a non-secure page..

Scene 32 (13m 36s)

[Audio] Top Tips for Secure Websites (HTTPS) Before entering sensitive information, check to see if the site is secured by HTTPS. Check to make sure this is a reputable website before entering credit card information; don't just depend on the HTTPS indicator..

Scene 34 (14m 33s)

[Audio] Internet Protection Overview Public Wifi.

Scene 35 (14m 40s)

[Audio] Is a non-secure network that users can connect to for free Typically found in hotels, coffee shops, libraries and many other places.

Scene 36 (14m 51s)

[Audio] Is very insecure, so you should treat every public Wi-Fi connection as compromised (unsafe). This means you should not utilize any sensitive websites when connected (banking, social networking, etc.) If you need to access one of these sites, utilize your cell phone and do not connect it to Wi-Fi, just use the cell service..

Scene 37 (15m 14s)

[Audio] Top Tips for Public Wi-Fi Verify the Wi-Fi name with the business owner prior to connecting. Treat public Wi-Fi connections as compromised (unsafe). Utilize an anti-malware product to help prevent against cyberattacks while connected..

Scene 39 (15m 47s)

[Audio] Internet Protection Overview Internet of Things.

Scene 40 (15m 54s)

[Audio] Top Tips for Internet of Things(IOT) Change default usernames and passwords on all devices including routers. If you do not utilize the web features, disable them. Make sure all IoT devices, including routers, are kept up to date with the newest firmware (software)..

Scene 41 (16m 15s)

[Audio] Email Protection. EMAIL PROTECTION.

Scene 42 (16m 21s)

[Audio] Email Protection Overview Password Reset Spam Protection Attachment Policy.

Scene 43 (16m 30s)

[Audio] Top Tips for Password Reset Utilize strong unique passwords. Utilize strong, not correct, security questions. Monitor attempted password resets on your accounts for fraudulent activity.

Scene 44 (16m 44s)

[Audio] Email Protection Overview Spam Protection.

Scene 45 (16m 50s)

[Audio] Spam Protection Everyone gets spam; even with the best protection, some still slips through the cracks. Some email providers have better spam protection than others. A third party anti-spam product can supplement protection provided by the email provider.

Scene 46 (17m 8s)

[Audio] Never open spam emails, even if you think it is funny to see the content inside. Never respond to spam emails. Be careful using your email address to sign up for contests or enter websites. When posting your email to a public website, always add special breaks in your email address. Example: ben(at)eset dotcom.

Scene 47 (17m 30s)

[Audio] Email Protection Overview Attachment Policy.

Scene 48 (17m 37s)

[Audio] Attachments are one of the most common ways to get viruses or malware. Even though an attachment might look like a document or Excel file, it might contain a virus or malware.

Scene 49 (17m 50s)

[Audio] Rules is in place at our company to prevent receiving certain types of attachment files. We need to know why attachments can be harmful. Never open attachments from unknown senders. If you see something that is questionable, send to your IT department for verification.

Scene 50 (18m 10s)

[Audio] Escalation Contacts IT Help Desk: [email protected] Copying Email: [email protected] Karthi (System Related concerns) Naveenkumar (ERP) 1st Level Escalation Contacts Nagesswaran – 9842204201 2nd Level Escalation Contacts Srinivasa Rao – 77609 72676.