1 / 18

Information Security Essentials for Research

Information Security Essentials for Research. Randy Moore, CISSP Director, IT Information Security Services OU HIPAA Security Officer University of Oklahoma Health Sciences Center. Outcome Statement. At the conclusion of this presentation you should be able to:. Identify threats

nuala
Download Presentation

Information Security Essentials for Research

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Information Security Essentials for Research Randy Moore, CISSPDirector, IT Information Security Services OU HIPAA Security Officer University of Oklahoma Health Sciences Center

  2. Outcome Statement At the conclusion of this presentation you should be able to: Identify threats State safe practices Know where to report an incident

  3. Research data • Where is your research data? • Is it safe from common threats?

  4. Common threat #1 • Virus and worm infections (malicious code)

  5. Virus Detection Summary • Last 4 Hours: 36 • Last 24 Hours: 301 • Last 7 Days: 1,902 • Last 30 Days: 14, 466

  6. Threat #2: Software vulnerabilities • 484 Vulnerabilities identified in 1 month

  7. Threat #3: Data loss • Data loss or destruction • Hardware failure • Theft • Accidental deletion • Fire • Tornado • Flood

  8. What if? Disaster strikes you? • Is your data backed up? • To tape? • Have you tested the restore process? • Do you lock your doors and keep your laptop secure? • Do you use tracking software on laptops?

  9. Threat #4: Unauthorized access • Connecting to 700 million on the Internet • There are bad guys on the “Net” • They want access to your computer • 44,000 probes per day

  10. Threat #5: Malicious software from the web • Malicious software downloads from the web • Spyware • Trojan Horse • Key Loggers • 1 in 10 web sites attempt to download software without permission  OUHSC Threat Level

  11. Safe Practices for the Internet • Set higher security settings in your browser • Do not install add-ons to your browser(Google tool bar, Comet Curser, Gator, HotBar, etc.) • Avoid Game Sites and sites that require you to fill out online forms • Install a spyware removal tool • Always remember that your computer is a business tool

  12. Threat #6: Email • 89% of e-mail traffic contains viruses, phishing schemes, or is SPAM • 27,735,000 malicious e-mails blocked from delivery to OUHSC last month

  13. Safe Practices for Email • Do not open unsolicited email or attachments • Do not reply to SPAM • Do not use your OUHSC email address in online forms and questionnaires unless it becomes necessary for University related business. • Place a confidentiality notice in your signature block

  14. Safe practices summary • Antivirus updates (daily) • Security patches (monthly) • Data backups (daily) • Browser security settings (periodically) • Avoid unknown software from the Internet (always) • Firewall protection (annually) • Email caution (always) • Report suspicious activity (always)

  15. Incident Response Incidents are reported to: • Tier 1 or Computer Support Personnel or Supervisor • IT Service Desk • IT Security • Office of Compliance (PHI incidents)

  16. Safe Practices • Follow policies to help protect your data • See http://it.ouhsc.edu/policies/

  17. Contact information • IT Information Security Services • IT-Security@ouhsc.edu • 271-2476 • IT Service Desk • Servicedesk@ouhsc.edu • 271-2203

  18. Questions ?

More Related