290 likes | 403 Views
Computer Security & Forensics. Exotic Delivery :: Jeremiah, Corey, & Alan. Exotic Delivery No matter how rare you think it is, We can make your dream pet a reality!.
E N D
Computer Security &Forensics Exotic Delivery :: Jeremiah, Corey, & Alan
Exotic DeliveryNo matter how rare you think it is, We can make your dream pet a reality! • We import exotic animals from their native land to their new homes in the US. We make it possible for these animals to make it safely anywhere in the world to their new homes. • Top 5 Exotic Animals: • Tiger • Nile Crocodile • Tarantulas • Authentic Oregon Beavers • and Penguins
Presentation Outline • ADD CONCEPT MAP
Maximum Crab Legs • Maximum Crab Legs has recently encountered attacks from hackers sending shipments to the wrong address, sending the wrong quantities, etc. Our competitors have caught wind of these attacks on us and we have also been receiving accusations from these competitors that these attacks are nothing more than an attempt by Maximum Crab Legs to frame said competitors and diminish their reputations as legit organizations. The questions that the CEO of Maximum Crab Legs wishes to pose are:
Problem Statement • What does Computer Security and Forensics mean to our company? • What measures should our company take to ensure computer security? • How can forensics help us disprove the claims by our competitors and help us catch the hackers?
Computer Security • A branch of technology known as information security. The objective of computer security varies and can include protection of information from theft or corruption, or the preservation of availability, as defined in the security policy of the company. • Computer security imposes requirements on computers that are different from most system requirements because they often take the form of constraints on what computers are not supposed to do.
Computer Forensics • A branch of forensic science pertaining to legal evidence found in computers and digital storage mediums. • Computer forensics adheres to standards of evidence admissible in a court of law. Computer forensics experts investigate data storage devices, (such as hard drives, USB Drives, CD-ROMs, floppy disks, tape drives, etc.), identifying, preserving, and then analyzing sources of documentary or other digital evidence.
How Do They Apply? • Security to protect your company, the employees, and your customers. • Security will also help save your data and prevent loss/theft from hackers and unwanted attacks. • Forensics (eDiscovery) will help in the event of an attack, DNS, data loss, etc. and your companies needs during any court proceedings. • Forensics requires a knowledgeable IT specialist and understanding of Federal IT guidelines.
Why Is Security A Problem? • Software: Phishing, virus & trojan, spyware, password loggers, IM misuse, storage. • Hardware: theft (laptops, mobile devices), wireless network security, DNS. • People: insider abuse, employee behavior, policies, financial fraud. • And more.
Steps For Security – 10 tips • 1. Set up your defenses. • 2. Stay abreast of the threat. • 3. Encrypt everything. • 4. Get help from your employees. • 5. Don’t store credit card numbers.
Tips Continued • 6. Buy a shredder – and use it. • 7. Mind your mobile devices. • 8. Run your updates. • 9. Research your Internet service provider. • 10. Know what to do when it happens.
Informed Employees Are Key • Email.Don’t open attachments, or click on hyperlinks unless you are sure of the content. This is similar for web links embedded in email messages, and is independent of whether full-client applications or web-based browsers are used. Consider when to use email, or revise company policy to standardize its use.
Informed 2 • Web Browsing.Stay away from unknown websites. Websites are now the most common source of PC infection. (Even the official NFL SuperBowl website got infected most recently). Spear phishing is particularly harmful in that it targets truly authentic looking, legitimate websites, using well written grammar and customer data, to lure the user viewing the website into infection.
Informed 3 • Passwords.Maintain established complexity and change frequencies suitable for your environment. Like keys to locks, passwords are the primary mechanisms for controlling access to networked computers.
Informed 4 • Remote Access.Consider the method and management of outside access to company infrastructure. Who is permitted, how, and using what devices may be a part of the design.
Informed 5 • Data Management.Similar to remote access, consider the data involved. Allow only authenticated access to critical information, and actively manage where and how information is used if on portable devices or outside systems. Is internal business data stored permanently on portable devices? Are portable devices/laptops protected?
Forensics and eDiscovery • 95% of all business communications now are created and stored electronically. • The e-discovery market, which in 2006 was worth close to $1.5 billion, will grow to almost $4.9 billion by 2011. • Index Engines, Kazeon and Clearwell Systems are separately announcing appliances that customers can use to discovery electronically stored information -- e-mails, Word documents, PDF files and spreadsheets – for litigation faster than they could by a manual process.
eDiscovery Preparedness • Being able to discover information from e-mails and other electronic documents is quickly becoming a requirement for many businesses involved in litigation. • Discrimination lawsuit, an IRS Audit, or a matter of interstate commerce. • Amendments to the Federal Rules of Civil Procedure, which apply to any company in any dispute in federal courts, require them to be able to produce and recover all electronically stored information residing on user laptops, desktops, servers and networked storage.
How To Protect Your CompanyAnd Your Customers • Simply = Internet Security Software
Internet Security Software • Helps prevent or stop threats from: • Viruses • Spyware, Malware, Phishing • Rootkit • Spam • Malicious attacks (hackers, DNS)
Internet Security Options • AVG Internet Security - $79.99 • Zone Alarm Internet Security - $69.95 • Kaspersky Internet Security - $79.95 • Norton Internet Security - $79.99 • Free downloads online
Software Recommendation • AVG Internet Security- 79.99 • Top rated software by CNET-product reviews of the latest tech. Our editors review thousands of products each year. Through testing and hands-on use, editors determine the products' quality, features, and value. The best receive our Editors' Choice award--another way CNET helps you choose the best tech. • AVG received a 5/6 stars from CNET • User friendly • Cost effective • Updates automatically daily • Easy to remove
Extended Recommendations • There are other things you as a small company can do to protect yourself in the Future. • Training Classes • Sign up for current newsletters and magazines • Seminars • Staying aware of the topic in related news
Training Possibilities • CSI (computer security institute)- GoCSI.com • Offer seminars, training and alerts. • SANS (SysAdmin, Audit, Network, Security) registration@sans.org • Is one of the most trusted training service providers. Offer seminars and training for individuals and businesses.
The Grand Finale • The TRUTH about Computer Security • Have a personal IT specialist – either friend or employee • Read literature and articles from professionals – stay up to date • OSUware 2008 – free for students
Sources • Wikipedia • CSI 2007 Survey • Microsoft Small Business Support • CNET & AVG • PC World & Wired Magazine – IT blogs