PRO T EC T I NG YO UR BUSI NESS D AT A T Y T O K EEP Y O UR B - - PowerPoint PPT Presentation

PRO T EC T I NG YO UR BUSI NESS

DAT

A T RANSFER AND O T HER SEC URIT Y T IPS T O KEEP YO UR BUSINESS UP AND

RUNNING

WHO I S T I M BURNET T ?

WHO I S T I M BURNET T ?

• I AM A G EEK – I HAVE BEEN PRO G RAMMING FO R O VER 35 YEARS
• UNIVERSIT

Y O F FLO RIDA G RADUAT E – ELEC T RIC AL ENG INEERING SPEC IALIZING IN DIG IT AL

DESIG N. G O G AT

O RS!!

• C O NSULT

ANT T O T HE UF FO O T BALL PRO G RAM FO R O VER 30 YEARS.

• C ERT

IFIED I NFO RMAT IO N SYST EMS SEC URIT Y PRO FESSIO NAL (C ISSP) IN 2008.

• EXPERIENC E WIT

H I NSURANC E BRO KERS, I DENT IT Y T HEFT PRO T EC T IO N SERVIC ES, BANKS –

L

O C AL AND I NT ERNAT IO NAL, C REDIT UNIO NS, ELEC T RIC UT ILIT IES, AND ENERG Y T RADING

C O MPANIES.

T HE ST AT E O F C YBER SEC URI T Y

1. T

HERE ARE C O NT

INUO US AT

T AC K AT T EMPT S

2. 43 PERC ENT O F C YBER AT

T AC KS T ARG ET SMALL BUSINESS.

EI G HT ALARMI NG C YBER SEC URI T Y FAC T S

3. T

HE AVERAG E C O ST O F A DAT A BREAC H IN

2020 WILL EXC EED $150 MILLIO N 4. SINC E 2013 T

HERE ARE 3,809,448 REC O RDS ST O LEN FRO M BREAC HES EVERY DAY

5. O VER 75% O F HEALT

H C ARE INDUST RY HAS BEEN INFEC T ED

EI G HT ALARMI NG C YBER SEC URI T Y FAC T S

6. BY 2020 T

HERE WILL BE RO UG HLY 200 BILLIO N C O NNEC T ED DEVIC ES.

7. O NL

Y 38 PERC ENT O F G L O BAL O RG ANIZAT IO NS C L AIM T HEY ARE PREPARED.

8. T

O T AL C O ST FO R C YBER C RIME C O MMIT T ED G LO BALLY HAS ADDED UP T O 100 BILLIO N DO LLARS.

EI G HT ALARMI NG C YBER SEC URI T Y FAC T S

THE “CIA”

• WHAT YO U NEED T

O BE C O NC ERNED WIT H FALLS INT O T HREE C AT EG O RIES:

• C O NFIDENT

IAL IT Y

• I

NT EG RIT Y

• A VAILABIL

IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

1. BAC KUP YO UR DAT

A.

• EQ UIPMENT T

HEFT O R FAILURE

• RANSO MWARE
• A C C IDENT

AL DELET IO N O R O VERWRIT E

• I

DEALLY: T HREE C O PIES IN T WO LO C AT IO NS.

• C IA: I

NT EG RIT Y, A VAILABIL IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

2. SO FT

WARE UPDAT ES

• MO ST MALWARE T

ARG ET S INSEC URE SYST EMS

• C HEC K FO R AND APPLY UPDAT

ES.

• REPLAC E O L

D SO FT WARE

• YO U SHO UL

D NO T BE RUNNING WINDO WS XP O R

SERVER 2003

• SERVER 2008 IS END O F L

IFE JAN 14, 2020

• C IA: C O NFIDENT

IAL IT Y, I NT EG RIT Y, A VAILABIL IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

3. RUN ANT

I-VIRUS SO FT WARE

• I

N BUSINESS NET WO RKS T HIS SHO ULD BE MO NIT O RED

• C IA: C O NFIDENT

IAL IT Y, A VAILABIL IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

4. USE A WEL

L-DESIG NED NET WO RK

• PRO T

EC T YO UR WIFI

• USE A G O O D FIREWALL

T HAT IS UPDAT ED

• KNO W WHERE YO UR

NET WO RK C ABLES RUN

• C IA: C O NFIDENT

IAL IT Y,

I

NT EG RIT Y, A VAILABIL IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

5. PRO FESSIO NAL MO NIT

O RING

• A NT

I-VIRUS

• UPDAT

ES

• G ENERAL SYST

EM HEALT H

• C IA: C O NFIDENT

IAL IT Y, I NT EG RIT Y,

A VAILABIL

IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

6. EMPLO YEE AWARENESS T

RAINING

• HO W T

O SPO T SUSPIC IO US EMAIL

• HO W T

O IDENT IFY PHISHING AT T EMPT S

• WHAT T

O DO IF T HEY SUSPEC T SO MET HING

• WHAT C AN AND C ANNO T BE SENT T

HRO UG H EMAIL

• HO W T

O USE SEC URE DAT A T RANSFER MET HO DS – MO RE LAT ER

• C IA: C O NFIDENT

IAL IT Y, A VAILABIL IT Y

T HE SEVEN MO ST I MPO RT ANT T HI NG S YO U SHO ULD BE DO I NG

7. PASSWO RDS AND AC C ESS MANAG EMENT

• USE MULT

I-FAC T O R A UT HENT IC AT IO N

• T

REAT PASSWO RDS LIKE UNDERWEAR:

• DO NO T SHARE WIT

H YO UR C O -WO RKERS.

• DO NO T LEAVE T

HEM O N YO UR DESK.

• C HANG E T

HEM O FT

EN

• C IA: C O NFIDENT

IAL IT Y, I NT EG RIT Y

SEC URE DAT A T RANSFER

• USE SEC URE EMAIL
• C LIENT-BASED IS NO LO NG ER REC O MMENDED
• DO ES NO T C O VER ALL DEVIC ES, SUC H AS SMART

PHO NES

• DO ES NO T PRO T

EC T AG AINST USER FO RG ET T ING T O HIT T HE “ENC RYPT” BUT T O N

• USE A G AT

EWAY O R SERVER-BASED SO LUT IO NS

• PRO T

EC T S EMAIL SENT FRO M ALL DEVIC ES

• C AN USE RULE-BASED ENC RYPT

IO N FO R AUT O MAT IC PRO T EC T IO N

SEC URE DAT A T RANSFER

• USE SEC URE FILE T

RANSFER T O O LS SUC H AS SHARESYNC

• O VERC O MES T

HE SIZE LIMIT AT IO NS IN EMAIL (~5 T O 10 G B LIMIT IN MANY SYST EMS)

• SENDS A SEC URE LINK T

HAT C AN BE PASSWO RD PRO T EC T ED AND C AN EXPIRE

SEC URE DAT A T RANSFER

• DO NO T

USE FT P (FILE T

RANSFER PRO T O C O L)

• I

S NO T ENC RYPT

• ED. DAT

A AND PASSWO RDS C AN BE EASILY EXPO SED

• USE SFT

P (SEC URE FI

LE T RANSFER PRO T O C O L)

• I

S SEC URE BY IT SELF, BUT SO ME C O MPANIES ALSO USE PG P (PRET T Y

G O O D PRIVAC Y) T

O ENC RYPT T HE FILES BEFO RE SENDING AS A EXT RA LAYER O F SEC URIT Y

Doe, John 123-45-6789 J9j(H*9hp9b [kdjiHu6ydQ

SEC URE DAT A T RANSFER

• DO NO T

USE HT T P WEBSIT

ES (HT T P:/ / YO URSIT E.C O M)

• I

S NO T ENC RYPT ED AND DAT A C AN BE EASILY EXPO SED

• USE HT

T PS WEBSIT

ES (HT T PS:/ / YO URSIT E.C O M)

• SEC URED BY DIG IT

AL C ERT IFIC AT ES

• DO NO T USE SIT

ES T HAT HAVE A C ERT IFIC AT E ERRO R

Q UEST I O NS?

T HANK YO U!

C O NT

AC T

T

IM BURNET T

DMZ SO LUT

IO NS T BURNET T@ BIZNET ASSURE.C O M

904-240-4924