welcome
play

Welcome Clients of Mariner Wealth Advisors Cybersecurity Education - PowerPoint PPT Presentation

Feb 23, 2023 •344 likes •551 views

Welcome Clients of Mariner Wealth Advisors Cybersecurity Education Series Email Security Practices & File Encryption Content provided by Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will begin at 10:00 Page 1 Series Goals

  1. Welcome Clients of Mariner Wealth Advisors Cybersecurity Education Series Email Security Practices & File Encryption Content provided by Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will begin at 10:00 Page 1

  2. Series Goals Series Goals • Inform and educate - how to protect your electronic valuables • Improve knowledge about electronic security • Provide practical information about what to change and how to do so Topic Summaries • Securing Personal Data - Overview previous webinar – recording available • Email Security Practices & File Encryption today’s webinar • Password Management & Public Wi-Fi Security Wed, Jan 30, 10:00 am Note: You need to register separately for each webinar. If unsure if you’ve registered, email itservices@pbsinet.com Page 2

  3. Agenda Email Security Practices & File Encryption Fundamentals of email security How to spot “dangerous” emails File Encryption - “at rest” and During Transmission Demonstration of Office 365 email security Page 3

  4. PBSI Technology Solutions IT Security Specialists Who is PBSI? Technology Services provider for hundreds of clients large and small Experienced – 75% of staff have 10+ years experience w/PBSI Proactive IT security for businesses and individuals Not affiliated with Mariner Wealth Advisors Page 4

  5. Why do we need protection? The Internet Today is a Dangerous Place  Increasingly, PCs are being infected with malware that steals passwords and copies data  New key logging & phishing attacks change constantly – Bad guys are motivated and relentless  Victims are NOT notified – Keystroke-logging malware may be active on millions of PCs Email Addresses and Passwords Are For Sale • 3.1 Billion emails are available for sale on the Darkweb • 1.2 Billion of them include exposed, cracked passwords • LinkedIn, Yahoo, Gmail, DocuSign, Adobe, Dropbox, Tumblr, MySpace and 30 others • Recent hacks: Marriott, Dell – breaches continue unabated – MUST prepare in advance • List of biggest breaches can be found at: https:// haveibeenpwned.com Secure Dark Web Exposed Password Check. Page 5

  6. Fundamentals of Email Security How to evaluate “dangerous” emails Safety principle # 1 - Unsolicited vs. Solicited • Unsolicited means unrequested and unexpected – even from a known source • Even if you know the sender, is anything unusual about THIS email? • Caution: Brief emails from “known” persons – Why? Malware frequently delivered from familiar name, short “to” list & single link Safety Principle # 2 - Antenna up ! • Does anything seem amiss? STOP – Do you need to click this now? • Evaluate email address (hover), time of day, recipient list, brief content, out-of-character - why would this person send this content? • Any misspellings? Grammar mistakes? Unusual phrasing? Unusual colors? Formatting ? Font variations ? Page 6

  7. Fundamentals of Email Security How to evaluate “dangerous” emails Safety Principle # 3 - Don’t get your news from email • Beware current events/product releases (Tax time, disasters, holiday messages, celebrity news, Apple/Tesla product releases) • Beware Social media – Popular sites are rife with phishing scams – Don’t believe your friends are foolproof • Does anything seem “too good to be true?” Does the content make you curious? (Ask yourself, who wants to make you curious?) Safety Principle # 4 – Careful with Unsubscribe • DON’T: Use “Unsubscribe” unless you are CERTAIN the source is credible. Instead, choose “Junk”, then “Block Sender” • Scammers use “unsubscribe” to 1) confirm your email address is real, and/or 2) initiate an attack • Antenna up! Scammers are very intentional in creating elaborate ruses – think twice and be very cautious Page 7

  8. Other Email Caution Steps Don’t act without careful consideration Other email caution steps • Hover over links, check spellings, unexpected content, added extensions (amex.us.com) (ups.pickup.com) • Never respond if asked to click link for “confirmation” or “reset”, even if they know last 4 of CC#, last 4 of SS# • If you think a request may be legit – instead of clicking link, go to vendor site and login (no copy/paste) • Always think twice – if uncertain, forward the email to a trusted IT person/company - scanURL.net Beware common hacker spoofs • Get ready! Tax season is coming - Login to confirm your IRS account now; Reset your IRS Pin#; Problem with your W-2 • Apple (gmail, Microsoft) account needs renewal/reset; Resume attached - Word attachments = Ransomware • Text alerts – You receive text “Google has detected unusual activity” – reset your password – Don’t! • If you have ANY concern you’ve made a mistake – change your password Page 8

  9. Incoming Fax - Example of Ransomware Page 9

  10. Security “Warning” or “Alert” Emails Security alert – login limit reached Spectre/Meltdown email Page 10

  11. Shipping Confirmation Emails Page 11

  12. Fake News Emails Current event – Actual “fake” news This never happened! Page 12

  13. Banking Emails “Good” email (Tells me to login, no link) “Bad” email (Link to website) Page 13

  14. Emails from “Trusted” Sources Current event donation request Taking advantage of “likely” account Page 14

  15. Emails requesting a click eSignature request Free credit info – or “fix” your credit Page 15

  16. File Encryption - “at rest” and During Transmission What is file encryption and why is it important? • Encryption is a term describing data that can’t be read without a private “key” (password) • Encrypted data is garbled so that if opened it can’t be easily read or interpreted • Encryption security varies based on technology used AND based on length of “key” (the password) • Long or complex passwords are encouraged. Length is the enemy of hacker decryption software Encrypting sensitive files “at rest” • Why? From whom are you protecting info? Future hackers – If hacked, what could they learn & how would you know? • Which files should be encrypted? Any/all that contain Personally Identifiable Information (PII) or Protected Health Info (PHI) • Protected information includes SS#s, CC#s, DOBs, Account#s, DL#s, PP#s, medical information How to encrypt sensitive files during transmission (Email) – 3 Choices • Encrypt the email – Requires purchase of an email encryption tool • Encrypt attachment(s) - and provide the password to the recipient – using different medium (text or voice) • Use a secure file sharing portal – like Mariner’s ShareFile Page 18

  17. Demonstration Email protection tools in Office 365 Protection – Office 365 Advanced Threat Protection (ATP) • Sandbox safe detonation of links and attachments • Significant protection for inevitable mistakes • $ 2 per month per user Encryption - Azure Information Protection for Office 365 (AIP) • Includes Office 365 Message Encryption - ability to encrypt emails • Provides “Do not forward” option • Recipient sees option for 1-time passcode, or “Login with “your-carrier”. Settings are remembered for future emails • $ 2 per month per user How to Encrypt a file “at rest” • Using Microsoft Office to encrypt a file Page 19

  18. Summary of Today’s Webinar - Email Security & Encryption Email Security • Email safety principle # 1 - Unsolicited vs. Solicited – Be VERY cautious with all unsolicited email. • Email safety principle # 2 - Antenna up! Is there anything unusual about THIS email? (time of day, recipient list, out-of-context) • Email safety principle # 3 - Don’t get your news from email – Go to a news source directly – not through a link • Email safety principle # 4 - Careful with Unsubscribe - Unsubscribe ONLY with known, credible email sources. Use Block sender Email caution steps • Do NOT click on links without running through all the “caution” steps • Hover over link, checking spellings, unexpected content, added extensions (amex.us.com) (ups.pickup.com) • Never respond if asked to click link for “confirmation” or “reset”, even if they know last 4 of CC#, last 4 of SS# • If you think a request may be legit – instead of clicking link, go to vendor site and login (no copy/paste) • Always think twice – if uncertain, forward the email to a trusted IT person/company Encryption • Encrypt protected information at rest • Never send protected info via email unless encrypted • Consider PBSI Risk Intelligence scan to identify “at risk” data • Consider Office 365 Advanced Threat Protection (ATP) and Azure Information Protection (AIP) Page 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Tackling - Bullying Our Staff First Did everything goes as planned? Yes Did you come across any

Tackling - Bullying Our Staff First Did everything goes as planned? Yes Did you come across any

London Social Partnership Forum Tackling - Bullying Our Staff First Did everything goes as planned? Yes Did you come across any barriers? Have you set specific Staff Side Posts that have high vacancy targets? factor such as nursing

560 views • 7 slides
POIR 613: Computational Social Science Pablo Barber a School of International Relations

POIR 613: Computational Social Science Pablo Barber a School of International Relations

POIR 613: Computational Social Science Pablo Barber a School of International Relations University of Southern California pablobarbera.com Course website: pablobarbera.com/POIR613/ Today 1. Reminder: project idea due in 10 days

285 views • 12 slides
Conducting Administrative Investigations Martine Palmiter Laura Pereira-Zaldivar HRSA Office

Conducting Administrative Investigations Martine Palmiter Laura Pereira-Zaldivar HRSA Office

Conducting Administrative Investigations Martine Palmiter Laura Pereira-Zaldivar HRSA Office of Human Resources Labor and Employee Relations OVERVIEW AND WORKSHOP OBJECTIVES The basics on conducting an administrative investigation for

425 views • 18 slides
What Is (And Isnt) HCI Research? CS 347 Michael Bernstein Announcements Readings: the magic

What Is (And Isnt) HCI Research? CS 347 Michael Bernstein Announcements Readings: the magic

What Is (And Isnt) HCI Research? CS 347 Michael Bernstein Announcements Readings: the magic of Stanfords library proxy Project brainstorm 1 due next Friday Watch your email for discussant assignments being sent out 2 Why are we here?

629 views • 51 slides
Capital Quality Validation Webinar Sept. 17, 2020 Agenda Validation Overview

Capital Quality Validation Webinar Sept. 17, 2020 Agenda Validation Overview

Capital Quality Validation Webinar Sept. 17, 2020 Agenda Validation Overview Validation Timeline Authorized Representative Validation Process How to Log In to QuickBase How to Reset Your Password How to

451 views • 43 slides
Sage Guidance for ESG Recipients: Using Sage to Submit ESG CAPER Data October 16, 2017 Logistics

Sage Guidance for ESG Recipients: Using Sage to Submit ESG CAPER Data October 16, 2017 Logistics

Sage Guidance for ESG Recipients: Using Sage to Submit ESG CAPER Data October 16, 2017 Logistics for Presentation Due to the high number of registrants, the phone lines are muted Please submit questions via the Q&A box

532 views • 16 slides
Optimizing Email Signups How Fidelity Investments boosted email signups Scott MacMillan

Optimizing Email Signups How Fidelity Investments boosted email signups Scott MacMillan

Optimizing Email Signups How Fidelity Investments boosted email signups Scott MacMillan Director Digital Testing & Optimization Fidelity Investments Session Speaker Scott D MacMillan Director Digital Testing & Optimization Fidelity

381 views • 17 slides
Using Zoom at DU https://udenver.zoom.us/ Zoom: 1, 2, 3, 4, 5 1. Sign into Zoom with DU email

Using Zoom at DU https://udenver.zoom.us/ Zoom: 1, 2, 3, 4, 5 1. Sign into Zoom with DU email

Using Zoom at DU https://udenver.zoom.us/ Zoom: 1, 2, 3, 4, 5 1. Sign into Zoom with DU email (first.lastname@du.edu) 2. Download Zoom App 3. Test Microphone and Speakers in Zoom 4. Share your Screen 5. Record and Distribute Video Link 1. Sign

434 views • 11 slides
PLEASE CHECK-IN Strategic Online/Offline Campaigns Sent to Customers and/or Prospects What Do I

PLEASE CHECK-IN Strategic Online/Offline Campaigns Sent to Customers and/or Prospects What Do I

PLEASE CHECK-IN Strategic Online/Offline Campaigns Sent to Customers and/or Prospects What Do I mean by Online/Offline? Online: Using email marketing software, we send campaigns to your existing email list. Online: Using email

1.13k views • 85 slides
Marketing TIM Programs April 22, 2020 1 | AEM CORPORATION | STRICTLY PRIVATE &

Marketing TIM Programs April 22, 2020 1 | AEM CORPORATION | STRICTLY PRIVATE &

Marketing TIM Programs April 22, 2020 1 | AEM CORPORATION | STRICTLY PRIVATE & CONFIDENTIAL Todays Presentation Context Our Work TIM Program Goals How You Can Help Immediate Needs Challenges and Opportunities Strategy

471 views • 25 slides
Email is Still Your Ace in the Hole SCORE Becky Livingston Becky Livingston Owner Penheel

Email is Still Your Ace in the Hole SCORE Becky Livingston Becky Livingston Owner Penheel

8/29/17 Email is Still Your Ace in the Hole SCORE Becky Livingston Becky Livingston Owner Penheel Marketing 25+ years of marketing and technology experience 16+ years in the financial services industry Social Media & Digital

379 views • 12 slides
Middleware integration in the Sympa mailing list software Olivier Salan - CRU 1. Sympa, its

Middleware integration in the Sympa mailing list software Olivier Salan - CRU 1. Sympa, its

15 novembre 2007 Middleware integration in the Sympa mailing list software Olivier Salan - CRU 1. Sympa, its middleware connectors 2. Sympa web authentication 3. CAS authentication 4. Shibboleth authentication 5. Sympa and dokuwiki 15

574 views • 24 slides
Web User Profiling using Data Redundancy http://aminer.org/profiling Xiaotao Gu, Hong Yang, Jie

Web User Profiling using Data Redundancy http://aminer.org/profiling Xiaotao Gu, Hong Yang, Jie

Web User Profiling using Data Redundancy http://aminer.org/profiling Xiaotao Gu, Hong Yang, Jie Tang, Jing Zhang Tsinghua University 1 Web User Profiling using Data Redundancy Introduction Traditional Way Basic Idea

717 views • 34 slides
company cleaned and optimized its database to increase online revenue 8% Session Title LA LAZ

company cleaned and optimized its database to increase online revenue 8% Session Title LA LAZ

Getting off the Blacklist: How a publishing company cleaned and optimized its database to increase online revenue 8% Session Title LA LAZ TYREKIDIS IS Digital Marketing and Audience Director Metropolis International Group Laz Tyrekidis

574 views • 19 slides
Su ffi x arrays Ben Langmead You are free to use these slides. If you do, please sign the

Su ffi x arrays Ben Langmead You are free to use these slides. If you do, please sign the

Su ffi x arrays Ben Langmead You are free to use these slides. If you do, please sign the guestbook (www.langmead-lab.org/teaching-materials), or email me (ben.langmead@gmail.com) and tell me brie fl y how youre using them. For original

826 views • 44 slides
Lecture 9: Transformers, ELMO Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center

Lecture 9: Transformers, ELMO Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center

CS546: Machine Learning in NLP (Spring 2020) http://courses.engr.illinois.edu/cs546/ Lecture 9: Transformers, ELMO Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Office hours: Monday, 11am12:30pm Project proposals Prepare a

506 views • 23 slides
Course Information CS 6355: Structured Prediction Building up structured output prediction

Course Information CS 6355: Structured Prediction Building up structured output prediction

Course Information CS 6355: Structured Prediction Building up structured output prediction Refresher of binary classification Inference: Predicting structures, and introduction to multiclass complexity of inference and

213 views • 9 slides
QueryCompletion/Expansion COMP90042 LECTURE 4, THE UNIVERSITY OF MELBOURNE by Matthias Petri

QueryCompletion/Expansion COMP90042 LECTURE 4, THE UNIVERSITY OF MELBOURNE by Matthias Petri

QueryCompletion/Expansion COMP90042 LECTURE 4, THE UNIVERSITY OF MELBOURNE by Matthias Petri Wed 13/3/2019 What is a query? 1/26 Whatisaquery? What is a query? What is a query? 2/26 1. Obviously the stufg I type into the search box! 2.

645 views • 27 slides
DATABASE SYSTEM IMPLEMENTATION GT 4420/6422 // SPRING 2019 // @JOY_ARULRAJ LECTURE #4: SYSTEM

DATABASE SYSTEM IMPLEMENTATION GT 4420/6422 // SPRING 2019 // @JOY_ARULRAJ LECTURE #4: SYSTEM

DATABASE SYSTEM IMPLEMENTATION GT 4420/6422 // SPRING 2019 // @JOY_ARULRAJ LECTURE #4: SYSTEM CATALOGS & DATABASE COMPRESSION 2 OFFICE HOURS Prashanth Dintyala Office Hours: Mon, 1:30-2:30 PM Location: Near KACB 3324 Email:

2.27k views • 86 slides
RDF & SPARQL 320302 Databases & WebApplications (P. Baumann) The Semantic Web Stack

RDF & SPARQL 320302 Databases & WebApplications (P. Baumann) The Semantic Web Stack

RDF & SPARQL 320302 Databases & WebApplications (P. Baumann) The Semantic Web Stack research / vapourware solid implementations RDF + RDFS WSDL + UDDI URI Unicode SOAP HTTP / SMTP / TCP 320302 Databases & WebServices (P.

640 views • 26 slides
CSE202: Design and Analysis of Algorithms Ragesh Jaiswal, CSE, UCSD Ragesh Jaiswal, CSE, UCSD

CSE202: Design and Analysis of Algorithms Ragesh Jaiswal, CSE, UCSD Ragesh Jaiswal, CSE, UCSD

CSE202: Design and Analysis of Algorithms Ragesh Jaiswal, CSE, UCSD Ragesh Jaiswal, CSE, UCSD CSE202: Design and Analysis of Algorithms Greedy Algorithms: One more example Ragesh Jaiswal, CSE, UCSD CSE202: Design and Analysis of Algorithms

811 views • 42 slides
Is DANE the Future of Secure Mail? Evaluation of DNS-based Authentication of Named Entities in

Is DANE the Future of Secure Mail? Evaluation of DNS-based Authentication of Named Entities in

Chair for Network Architectures and Services Technische Universit at M unchen Is DANE the Future of Secure Mail? Evaluation of DNS-based Authentication of Named Entities in the Context of Electronic Mail Security Stefan Fochler April 7,

987 views • 57 slides
Optimizing Cost and Performance in Online Service Provider Networks Ming Zhang Microsoft

Optimizing Cost and Performance in Online Service Provider Networks Ming Zhang Microsoft

Optimizing Cost and Performance in Online Service Provider Networks Ming Zhang Microsoft Research Joint work with Zheng Zhang (Purdue), Albert Greenberg (MSR), Y. Charlie Hu (Purdue), Ratul Mahajan (MSR), and Blaine Christian (Microsoft) 1

455 views • 17 slides
Background Review Read Appendix Hao Zheng Department of Computer Science and Engineering

Background Review Read Appendix Hao Zheng Department of Computer Science and Engineering

Background Review Read Appendix Hao Zheng Department of Computer Science and Engineering University of South Florida Tampa, FL 33620 Email: zheng@cse.usf.edu Phone: (813)974-4757 Fax: (813)974-5456 Hao Zheng ( Department of Computer Science

849 views • 36 slides

More recommend