Security: More Than a Thumb and a Blanket
IT Security is one of those things difficult subjects to discuss, like
Or
Or
Or
IT Security Goal: Make it difficult enough to deter hacking so its not worth their time
Live Threat Map Norse (www.norse-corp.com) has a Live Threat map that computes over 1,500 risk factors for millions of IP addresses every day. http://map.ipviking.com
Difficulties of IT Security There are no turnkey solutions. Every situation has to be looked at independently. User Friendly. Balance of complexity and ease of use.
Difficulties of IT Security In other words How far do you want to go with it?
Security is as strong as it s weakest link End users Password strength Security of access points into your network Hardware & software up to date
End users Email scams. Don t automatically open email attachments. Phishing.
End users Phishing From address Link redirection Grammar
End users Phishing From address To address Email log-in portal.
End users Pwned: adj. "dominated, humiliatingly defeated, taken over" https://haveibeenpwned.com/
Passwords
Passwords Everyone hates passwords almost as much as they do being hacked. In order for a password to be useful it has to be complex and difficult to guess.
Passwords Use Strong Passwords: Longer passwords are better. Nonsensical combination of letters. FHriTPloL (hard to remember)
Passwords Use Strong Passwords: First letter of each word of a phrase TOTWHTFIFI ( The only thing we have to fear is fear itself - FDR) Alpha-numeric with combination of upper and lower case. T0TWH2f1f!
Passwords Bad passwords: password PASSWORD Passw0rd Pa$$w0rd
Passwords More bad passwords: qwerty 12345 Dictionary rover
Passwords Dictionary Attack Uses list of words and common passwords Brute Force Attack Tries every possible combination of letters/numbers a - ZZZZZZZZ
Passwords https://howsecureismypassword.net/ password P@$$w0rd T0TWH2f1f!
Passwords
Password Management Who is going to manage your passwords and how are they going to do that? LastPass 1Password RoboForm
Network Access Points How can somebody get onto your network? Physical Access Wireless Access
Network Access Points Physical Access Who has the key? What can they do once they are inside the cabinet?
Network Access Points Physical Access NG-2014 Electronic Cabinet Lock (Nest Guard) Grant/restrict access to designated personnel. Keypad and PROXCARD Reader. Central office software for remote programming.
Network Access Points Physical Access NG-2014 (Nest Guard)
Network Access Points Physical Access Disable unused switch ports?
Network Access Points Physical Access
Network Access Points Physical Access Enable Port Security?
Network Access Points Physical Access
Network Access Points Wireless Access The introduction of wireless to previously only physically accessible networks created additional security concerns.
Network Access Points Wireless Access Change default password!!! Set up wireless security!!!
Network Access Points Wireless Access Standard Meaning Security Level WPA2 Wireless Protected Access v2 Best WPA Personal (aka WPA-PSK) WPA Enterprise WEP Open Network Wireless Protected Access (For home and small office) Wireless Protected Access (For enterprise networks and requires authentication server) Wired Equivalent Privacy (Outdated) Good Good Poor No security
Network Access Points Wireless Access SSIDs: Change default SSID Wireless users cannot easily detect router type. Hide SSID Not really a security feature may help keep unauthorized users off your network.
Network Access Points Wireless Access Xirrus WiFi Inspector http://www.xirrus.com/products/network-management-and- Software/Network-Management/Wi-Fi-Inspector
Security Updates - Hardware Firmware Updates Vendors randomly release updated firmware/software when adding features or vulnerabilities are detected.
Software Updates/Patch Windows Antivirus Web Browser Vendor Software Security Updates - Software
Zero-Day Vulnerability Refers to a hole in a software that is unknown to the vendor and can be exploited by a hacker.
Alter timings Put intersection into flash. Alter Dynamic Messaging Signs. How Bad Could It Get?
Your Online Privacy Court record searches by state Social Phishing https://www.echosec.net/ 12520 Westport Parkway, La Vista, NE People Search www.peekyou.com www.peoplefinders.com www.411.com IP Address location http://www.infosniper.net/
Summary IT Security is a balance of complexity and usability. The level of Security desired is always proportional to cost of implementation and ongoing maintenance as well as how much inconvenience can be tolerated by those affected.
Questions? http://map.ipviking.com https://haveibeenpwned.com/ https://howsecureismypassword.net/ http://www.xirrus.com/products/network-management-and-software https://www.echosec.net/ www.peekyou.com http://www.infosniper.net/