1 / 35

Data Protection & Network Security

Data Protection & Network Security. Data Protection Protective Marking Secure Printing Passwords Email & the Internet Viruses Encryption. Data Protection. Data protection applies to printed documents as well as electronic data Schedule 7 of the DPA:

johndiaz
Download Presentation

Data Protection & Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Data Protection &Network Security • Data Protection • Protective Marking • Secure Printing • Passwords • Email & the Internet • Viruses • Encryption

  2. Data Protection • Data protection applies to printed documents as well as electronic data • Schedule 7 of the DPA: • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.

  3. Security Breach Examples • Imagine a potential security breach: • Leaving unencrypted data on a USB key • Leaving printed documents on public transport • Losing your phone • Losing your laptop • Disclosing your password

  4. Protective Marking • All documents should be marked, in the header, with one of the following labels • The equivalent government IL is give for each label Header AVI

  5. Decision Flowchart

  6. Examples

  7. Document Handling • Data or documents marked PROTECT or higher must: • Be secured in a locked cabinet or area • Be protected by a strong password • Have access restricted to appropriate personnel only • Be encrypted before transfer • Not be left in plain view • Be destroyed securely

  8. Secure Deletion of Files

  9. Printing Risks • Risk from low to high: • A printer connected to the machine • A network printer in the same room • A network printer in another room • The main risk of printing a document is that it can potentially be seen by unauthorised persons before it can be secured

  10. Secured Print Capability • It is possible to apply a password to a print job sent to these network printers: • Canon iR C3080/3480/3580 UFR IIOffice area main block • Canon iR2270/iR2870 UFR IIStaff quiet room • Canon iR-ADV C5045/5051 UFR IIReprographicsN.B. Student access allowed

  11. Identifying Printers

  12. Secured Printing Secure AVI

  13. Copier – Step 1 • Enter Departmental ID as usual

  14. Copier – Step 2 • Go to the Print Job tab and select job

  15. Copier – Step 3 • Enter your chosen password and OK

  16. Secured Print Password • Suggestions for suitable passwords: • Significant date in number forme.g. Tuesday 26th April 2011 could be used in the form 2604 or 260411 or 26042011 • Birth year of partner or children, not your own • Disposable passwords can be short (four figures) but don't use 'obvious' numberse.g. 1234, 5678, 7777 ...

  17. Network Password • Passwords should be at least eight characters long and contain at least one of each of the following characters: • Upper case letter • Lower case letter • Number • Symbol (!£$%^&*()_+@~#<>? etc.) • Best password length > 13 characters • Best to change at least every ninety days

  18. Permutations • Based on an 8 character password

  19. Avoid Using • Dictionary words in any language • Words spelled backwards, common misspellings, and abbreviations • Sequences or repeated characters • 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty) • Personal information • Your name, birthday, driver's license, passport number, or similar information

  20. Memorising • Writing a password down is OK but: • Keep it safe and secure • Do not store it near or on the computer • Use a formula / mnemonic • Where passwords must be changed regularly, add a date to your formulae.g. @mssc#JMU#0711?

  21. Top 20 Passwords • From rockyou.com server breach:

  22. Length & Complexity • From rockyou.com server breach:

  23. Testing Your Password

  24. Email • Never provide personal details in an email or in response to an email request • Check the sender – does the address look right? • Avoid links in emails • Does the email 'ring true'? • Look out for URLs ending in .tk .cc .info

  25. 'Reset' Email Example

  26. UPS Email Example

  27. Internet • Beware of pop-ups • Beware of obfuscated links • Inappropriate web sites • Virus scams

  28. Pop-up Blocker • Under Tools menu in IE8 • Make sure it is turned on • Close pop-ups with ALT+F4

  29. Obfuscated Links • Harmful addresses hidden behind innocuous looking links • Google image search • Link text can be anything Obfuscation

  30. Sophos Anti-virus • The school's anti-virus program is called:Sophos Endpoint Security and Control • It can be identified by the small blue shield logo in the lower right of the screen:

  31. Sophos Detection Result

  32. Sophos Error • If the Sophos shield appears with a white cross on red disc, this means it has experienced an error: • OK to ignore this for a short while only • Report it to IT support if persistent

  33. AVG Anti-virus • A very small minority of laptops may be using AVG anti-virus • This can be identified by the following logo in the bottom right corner of the screen:

  34. Encryption • All new PCs in admin areas and laptops have their hard drives encrypted • Protect the encryption password with extreme diligence – treat as RESTRICTED • Only effective when the machine is off • AxCrypt to encrypt files before transmission via email

  35. Advice and Support • Please visit:support.manorschool.northants.sch.uk • Additional information: www.getsafeonline.org www.ico.gov.uk

More Related