350 likes | 367 Views
Data Protection & Network Security. Data Protection Protective Marking Secure Printing Passwords Email & the Internet Viruses Encryption. Data Protection. Data protection applies to printed documents as well as electronic data Schedule 7 of the DPA:
E N D
Data Protection &Network Security • Data Protection • Protective Marking • Secure Printing • Passwords • Email & the Internet • Viruses • Encryption
Data Protection • Data protection applies to printed documents as well as electronic data • Schedule 7 of the DPA: • Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of personal data and against accidental loss or destruction of, or damage to, personal data.
Security Breach Examples • Imagine a potential security breach: • Leaving unencrypted data on a USB key • Leaving printed documents on public transport • Losing your phone • Losing your laptop • Disclosing your password
Protective Marking • All documents should be marked, in the header, with one of the following labels • The equivalent government IL is give for each label Header AVI
Document Handling • Data or documents marked PROTECT or higher must: • Be secured in a locked cabinet or area • Be protected by a strong password • Have access restricted to appropriate personnel only • Be encrypted before transfer • Not be left in plain view • Be destroyed securely
Printing Risks • Risk from low to high: • A printer connected to the machine • A network printer in the same room • A network printer in another room • The main risk of printing a document is that it can potentially be seen by unauthorised persons before it can be secured
Secured Print Capability • It is possible to apply a password to a print job sent to these network printers: • Canon iR C3080/3480/3580 UFR IIOffice area main block • Canon iR2270/iR2870 UFR IIStaff quiet room • Canon iR-ADV C5045/5051 UFR IIReprographicsN.B. Student access allowed
Secured Printing Secure AVI
Copier – Step 1 • Enter Departmental ID as usual
Copier – Step 2 • Go to the Print Job tab and select job
Copier – Step 3 • Enter your chosen password and OK
Secured Print Password • Suggestions for suitable passwords: • Significant date in number forme.g. Tuesday 26th April 2011 could be used in the form 2604 or 260411 or 26042011 • Birth year of partner or children, not your own • Disposable passwords can be short (four figures) but don't use 'obvious' numberse.g. 1234, 5678, 7777 ...
Network Password • Passwords should be at least eight characters long and contain at least one of each of the following characters: • Upper case letter • Lower case letter • Number • Symbol (!£$%^&*()_+@~#<>? etc.) • Best password length > 13 characters • Best to change at least every ninety days
Permutations • Based on an 8 character password
Avoid Using • Dictionary words in any language • Words spelled backwards, common misspellings, and abbreviations • Sequences or repeated characters • 12345678, 222222, abcdefg, or adjacent letters on your keyboard (qwerty) • Personal information • Your name, birthday, driver's license, passport number, or similar information
Memorising • Writing a password down is OK but: • Keep it safe and secure • Do not store it near or on the computer • Use a formula / mnemonic • Where passwords must be changed regularly, add a date to your formulae.g. @mssc#JMU#0711?
Top 20 Passwords • From rockyou.com server breach:
Length & Complexity • From rockyou.com server breach:
Email • Never provide personal details in an email or in response to an email request • Check the sender – does the address look right? • Avoid links in emails • Does the email 'ring true'? • Look out for URLs ending in .tk .cc .info
Internet • Beware of pop-ups • Beware of obfuscated links • Inappropriate web sites • Virus scams
Pop-up Blocker • Under Tools menu in IE8 • Make sure it is turned on • Close pop-ups with ALT+F4
Obfuscated Links • Harmful addresses hidden behind innocuous looking links • Google image search • Link text can be anything Obfuscation
Sophos Anti-virus • The school's anti-virus program is called:Sophos Endpoint Security and Control • It can be identified by the small blue shield logo in the lower right of the screen:
Sophos Error • If the Sophos shield appears with a white cross on red disc, this means it has experienced an error: • OK to ignore this for a short while only • Report it to IT support if persistent
AVG Anti-virus • A very small minority of laptops may be using AVG anti-virus • This can be identified by the following logo in the bottom right corner of the screen:
Encryption • All new PCs in admin areas and laptops have their hard drives encrypted • Protect the encryption password with extreme diligence – treat as RESTRICTED • Only effective when the machine is off • AxCrypt to encrypt files before transmission via email
Advice and Support • Please visit:support.manorschool.northants.sch.uk • Additional information: www.getsafeonline.org www.ico.gov.uk