Download - Security 101 - Presentation
-
8/2/2019 Security 101 - Presentation
1/85
SECURITY 101:
1
Information Security Basics
Sponsored by UW Division of Informational TechnologyOffice of Campus Information Securityand Professional Technical Education
--------------------------------Instructors: Cliff Cunningham & Braden Bruington
-
8/2/2019 Security 101 - Presentation
2/85
GREETINGS & INTRODUCTIONS
Cliff Cunningham - DoIT
Braden Bruington - DoIT
Rick Keir - OCIS(Office of Campus Information Security)
2
-
8/2/2019 Security 101 - Presentation
3/85
DID YOU KNOW?
Approx 1,200 IT professionals in UW schools
2/3 of them are notaffiliated with DoIT
Non-DoIT
DoIT
3
-
8/2/2019 Security 101 - Presentation
4/85
POLICIES & GUIDELINES
Campus IT PoliciesAppropriate Use Policies
Electronic Devices
Payment Card IndustryData Security Standard a.k.a. PCIDSS
List of specificsuggestions
Used by OCIS
4
-
8/2/2019 Security 101 - Presentation
5/85
All staff
Security
workshop
Securitybrownbags
On-line material
100-levelAll staff
Security 101:Information
Security Basics
200-levelSystem Admin
(others?)
Security 201:
Windows(SEP 21)
Security 202:OS X
(AUG 11)
Security 203:Linux
(FALL 2009?)
300-levelSelected staff
IIS Security
DevelopingSecure Code
Apache Security
Oracle Security
Firewall Security
Other?
SECURITY TRAINING IN THE BEGINNING
5
-
8/2/2019 Security 101 - Presentation
6/85
All staff
Security
workshop
Securitybrownbags
On-line material
100-levelAll staff
Security 101:Information
Security Basics
200-levelSystem Admin
(others?)
Security 201:
Windows(SEP 21)
Security 202:OS X
(AUG 11)
Security 203:Linux
(FALL 2009?)
300-levelSelected staff
IIS Security
DevelopingSecure Code
Apache Security
Oracle Security
Firewall Security
Other?
SECURITY TRAINING WINTER 08
6
You arehere!
-
8/2/2019 Security 101 - Presentation
7/85
All staff
Security
workshop
Securitybrownbags
On-line material
100-levelAll staff
Security 101:Information
Security Basics
200-levelSystem Admin
(others?)
Security 201:
Windows(SEP 21)
Security 202:OS X
(AUG 11)
Security 203:Linux
(FALL 2009?)
300-levelSelected staff
IIS Security
DevelopingSecure Code
Apache Security
Oracle Security
Firewall Security
Other?
SECURITY TRAINING SPR/SUM 09
7
-
8/2/2019 Security 101 - Presentation
8/85
All staff
Security
workshop
Securitybrownbags
On-line material
100-levelAll staff
Security 101:Information
Security Basics
200-levelSystem Admin
(others?)
Security 201:
Windows(SEP 21)
Security 202:OS X
(AUG 11)
Security 203:Linux
(FALL 2009?)
300-levelSelected staff
IIS Security
DevelopingSecure Code
Apache Security
Oracle Security
Firewall Security
Other?
SECURITY TRAINING SUM/FALL 09
8
Other?
-
8/2/2019 Security 101 - Presentation
9/85
GOALS FOR THESE COURSES
To continue the campus-wide conversation
Advertise OCIS training resources
Increase networking (social) within ITcommunity on UW campuses
Share war stories
lessons learned, scars received.
9
-
8/2/2019 Security 101 - Presentation
10/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
10
-
8/2/2019 Security 101 - Presentation
11/85
WHO ARE YOU?
Titles?
Roles?
Operating systems?
What kinds of data?Financial information
Health information
GradesCredit cards
Other sensitive types of information
11
-
8/2/2019 Security 101 - Presentation
12/85
HAND-OUTS
Packet of handouts
Sign-up sheet
12
-
8/2/2019 Security 101 - Presentation
13/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
13
-
8/2/2019 Security 101 - Presentation
14/85
DATA BREACH, JUNE 4
June 4, 2009 Maine Office of Information Technology(Augusta, ME)
Through a printing error, 597 people receivingunemployment benefits last week got direct-depositinformation including Social Security numbersbelonging to another person.
"We received a print job and were running it, andthere was an equipment malfunction." Recipients
received one page with their own information andanother page with information belonging to a differentperson.
Number effected: 597
14
-
8/2/2019 Security 101 - Presentation
15/85
DATA BREACH, JUNE 5
June 5, 2009 Virginia Commonwealth University(Richmond, VA)
A desktop computer was stolen from a secured area. The computer may have contained student names, Social
Security numbers and test scores dating from October2005 to the present. VCU discontinued use of SocialSecurity numbers as ID numbers in January 2007.
An additional 22,500 students are being notified that theirnames and test scores may have also been on the
computer. No Social Security numbers were recordedwith those names, but computer-generated student IDnumbers may have been.
Number effected: 17,214
15
-
8/2/2019 Security 101 - Presentation
16/85
DATA BREACH, JUNE 6
Ohio State University Dining Services (Columbus,OH)
Student employees SSNs accidentally leaked in ane-mail.
OSU employee received an e-mail with anattachment that included students' names and socialsecurity numbers. He unwittingly forwarded withattachment to his student employees.
After realizing the mistake, the hiring coordinatorcalled the Office of Information Technology, whichstopped the e-mails before all of them were sent.
Number effected: 35016
-
8/2/2019 Security 101 - Presentation
17/85
DISCUSS
What keeps you awake at
night?(Please restrict your answers to IT security-related
topics.)
17
-
8/2/2019 Security 101 - Presentation
18/85
ANALYSIS OF DATA LOSS INCIDENTS
18
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm
2006PrivateSector
PublicSector
HigherEducn
MedicalCenters
Outside Hackers 15% 13% 52% 3%
Insider Malfeasance 10% 5% 2% 20%
Human Error orSoftware Misconfig
20% 44% 21% 20%
Theft 55% 38% 37% 57%
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm* -
8/2/2019 Security 101 - Presentation
19/85
ANALYSIS OF DATA LOSS INCIDENTS
2006PrivateSector
PublicSector
HigherEducn
MedicalCenters
Outside Hackers 15% 13% 52% 3%
Insider Malfeasance 10% 5% 2% 20%
Human Error orSoftware Misconfig
20% 44% 21% 20%
Theft 55% 38% 37% 57%
19
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm* -
8/2/2019 Security 101 - Presentation
20/85
WHO CARES?
Why should we be concerned about thehandling of sensitive data?
20
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm* -
8/2/2019 Security 101 - Presentation
21/85
EFFECTS OF DATA LOSS
On the individual
Personal credit info can be destroyed
Embarrassment
Patents & intellectual property rights
On the university
Reputation
Grants
Patents & intellectual property rights
21
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm* -
8/2/2019 Security 101 - Presentation
22/85
FALLOUT FROM DATA LOSS AT OU
If there is any financial damage I will hold
OU at fault and seek legal counsel to recoverany and all loss, with punitive damages.
22
Quotes taken from article OU has been getting an earful about huge data theft
by Jim Phillips, Athens NEWS Sr Writer, 2006-06-12
http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.privacyrights.org/ar/DataBreaches2006-Analysis.htm*http://www.mail-archive.com/[email protected]/msg05835.htmlhttp://www.mail-archive.com/[email protected]/msg05835.html -
8/2/2019 Security 101 - Presentation
23/85
THAT IS WHY
IT professionals are scattered on campus.
Data security presents a huge financial,ethical and reputational exposure.
We need to unify our efforts.
E pluribus unum:
Out of many, one.
23
-
8/2/2019 Security 101 - Presentation
24/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
24
-
8/2/2019 Security 101 - Presentation
25/85
CLASSES OF INFORMATION
25
Personal
information
Health & medical
information
Financial
information
Academicinformation
-
8/2/2019 Security 101 - Presentation
26/85
PERSONAL INFORMATION
Social SecurityNumbers
Drivers License
Number Name & Address
Biometric data
Finger prints DNA Maps
Voice patterns
26
-
8/2/2019 Security 101 - Presentation
27/85
HEALTH & MEDICAL INFORMATION
Physical diagnoses
Mental health
Psychological
diagnoses Treatment
Prescriptions
27
-
8/2/2019 Security 101 - Presentation
28/85
FINANCIAL INFORMATION
Account numbers
Account pass codes
Credit card numbers
(NOTE: All financial informationtends to be sensitive.)
28
-
8/2/2019 Security 101 - Presentation
29/85
ACADEMIC INFORMATION
Students
Grades
Transcripts
Communicationsw/faculty
Faculty/Staff
Intellectual property
Research data
29
-
8/2/2019 Security 101 - Presentation
30/85
WISCONSIN STATE LAW
Wisconsins Data Breach Notification LawStatute 895.507 (2006)
Formerly, Act 138
Any unauthorized access to personal info must notify individual(s) within 45 days
Data includesSSN
Drivers license or state IDAccount number, code, password, PIN
DNA or biometric info
30
-
8/2/2019 Security 101 - Presentation
31/85
RESTRICTED VS. SENSITIVE
Restricted: explicitly protected underWisconsin State Law. Must notify if lost.
Sensitive: still needs to be guarded with
great care, but notification not required.
All restricted data is sensitive.
Not all sensitive data is restricted.
31
-
8/2/2019 Security 101 - Presentation
32/85
FEDERAL LAW
FERPA academic
Family Education Rightsand Privacy Act
HIPAA health & medical
Health Insurance Portability andAccountability Act
32
-
8/2/2019 Security 101 - Presentation
33/85
CLIFFS PERSONAL ANECDOTE
From just this past June (2009).
33
-
8/2/2019 Security 101 - Presentation
34/85
FERPA: TWO TYPES OF INFO
Public Information Considered public *
Examples includes
Name, address, phone
Email address Dates of attendance
Degrees awarded
Enrollment status
Major field of study
* Students can request this informationbe suppressed
Private Information Tightly restricted
Examples includes
SSN
Student ID number Race, ethnicity,
nationality
Gender
Transcripts & grades
34
Information provided by Office of Registrar
UW-Madison Student Privacy Rights and Responsibilities
(partial list) (partial list)
-
8/2/2019 Security 101 - Presentation
35/85
FERPA AND ITS TENTACLES
Lesser-known items within FERPAs reach
Educational records
Personal notes between faculty and students
Communications with parents/guardians How to post grades
Letters of recommendations
35
-
8/2/2019 Security 101 - Presentation
36/85
WWW.REGISTRAR.WISC.EDU
For more info, Office of the Registrar
Brochures
FAQs
On-line tutorials
On-site training
One-on-one consultation
36
-
8/2/2019 Security 101 - Presentation
37/85
NOW FOR SOMETHING ENTIRELY DIFFERENT
A data security case study
37
-
8/2/2019 Security 101 - Presentation
38/85
THE FACTS
On an unnamed Big 10 university campus
DoIT Store website collecting data from hits
This data was being analyzed by the webhosting service
Web hosting service posted its findings
38
Any warningsigns?
-
8/2/2019 Security 101 - Presentation
39/85
THE REST OF THE STORY
The data being captured included
campus IDs and NetIDs
Old Campus IDs used to contain SSNs
Web hosting service didnt know about SSNs
Captured data posted on semi-public site
39
-
8/2/2019 Security 101 - Presentation
40/85
THE ANALYSIS
All were capable, professional entities
They didnt know
They didnt anticipate
Therefore
40
-
8/2/2019 Security 101 - Presentation
41/85
THE MORAL OF THE STORY
Dont overestimate
other folks knowledge or motivation.
Dont underestimate
the value that you can add.
41
-
8/2/2019 Security 101 - Presentation
42/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
42
-
8/2/2019 Security 101 - Presentation
43/85
43
-
8/2/2019 Security 101 - Presentation
44/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
44
-
8/2/2019 Security 101 - Presentation
45/85
BEFORE RUNNING A SCAN!!
45
GET INFORMED PERMISSION!!!
These scans will
produce unusual net-
traffic !
-
8/2/2019 Security 101 - Presentation
46/85
FINDING SENSITIVE INFORMATION?
PII = Personally identifiable information
Numerous applications, called PII finders
They scan drives
They locate recognizable patterns
They produce reports
You dont always know what is on your
machine
46
-
8/2/2019 Security 101 - Presentation
47/85
HOW?
Question: How might sensitive data find
its way onto a piece ofhardware?
47
-
8/2/2019 Security 101 - Presentation
48/85
PII FINDER
Identity Finder
Being considered by UW DoIT Security group
More costly, but more robust
Free edition is now available, so its worth a try
Lets see how it works.
48
-
8/2/2019 Security 101 - Presentation
49/85
ARE YOU AT RISK?
OCIS provides access to afew scanning tools
These tools test the security
of network & workstation This will tell you whether you
are at risk.
49
-
8/2/2019 Security 101 - Presentation
50/85
BEFORE RUNNING A SCAN!!
50
GET INFORMED PERMISSION!!!
These scans will
produce unusual net-
traffic !
-
8/2/2019 Security 101 - Presentation
51/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
51
-
8/2/2019 Security 101 - Presentation
52/85
INCIDENT VS. BREACH
Define incident
Undetermined whether data has been lost
Any number of scenarios
Losing a laptop
Firewall down
Criticalpatches are out-of-date
Hacked, or infected with malware
52
-
8/2/2019 Security 101 - Presentation
53/85
INCIDENT VS. BREACH
Define breach
We knowdata has been acquired byunauthorized person
53
-
8/2/2019 Security 101 - Presentation
54/85
INCIDENT VS. BREACH
54
-
8/2/2019 Security 101 - Presentation
55/85
WELL-HANDLED INCIDENTS
Well-handled incidents will reduce
1. your exposure,
2. the universitys exposure.
55
-
8/2/2019 Security 101 - Presentation
56/85
DISCUSSION QUESTION
Do you have an incident handling process?
56
-
8/2/2019 Security 101 - Presentation
57/85
57
Incident
ResponseFlowchart
- Department
- Investigators
- CIO
- Admin Leader
Team
- UniversityCommns
-
8/2/2019 Security 101 - Presentation
58/85
58
Incident
ResponseFlowchart
- Department
- Investigators
- CIO
- Admin Leader
Team
- UniversityCommns
-
8/2/2019 Security 101 - Presentation
59/85
59
The part you need to know
-
8/2/2019 Security 101 - Presentation
60/85
1 WHAT HAPPENED?
Incident
Any exposure
Any risk
Not a breach, yet
60
-
8/2/2019 Security 101 - Presentation
61/85
2 WAS DATA AT RISK?
Was sensitiveinformation at risk?
Does the devicecontain sensitiveinformation?
Was that informationaccessible by non-authorized user?
Physically accessible
Cyber-accessible
(judgment?)
61
-
8/2/2019 Security 101 - Presentation
62/85
3 IF NO RESOLVE THE INCIDENT
Close the issue
No need to report it
62
-
8/2/2019 Security 101 - Presentation
63/85
4 IF YES REPORT THE INCIDENT
You need toescalate theissue
But, how do youreport an incident?
63
-
8/2/2019 Security 101 - Presentation
64/85
HOW TO REPORT AN INCIDENT?
It depends. Non-urgent: [email protected]
Need a faster response?
Open a DoIT HelpDesk ticket They can escalate it if necessary
After hours?
Contact Network
Operations Center (NOC) Phone: 263-4188
64
mailto:[email protected]:[email protected] -
8/2/2019 Security 101 - Presentation
65/85
WHAT DO I DO?
Preserve as much data as possible. Do not tamper with the information
This can hinder further investigation.
Remove device from the network This cuts off any remote access to the machine
Do notpower-off the machine
Some forensic information may be stored in cache
65
-
8/2/2019 Security 101 - Presentation
66/85
SCENARIOS
1. A laptop in your department has beeninfected with a virus.
2. You have a single workstation that
interfaces with a special piece of scientificequipment. It runs an unsupported OS.You are concerned that it may have been
compromised.3. You get a call saying your departments web
server is unexpectedly serving pop-up ads.
66
-
8/2/2019 Security 101 - Presentation
67/85
AGENDA
1. General discussion
2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
67
-
8/2/2019 Security 101 - Presentation
68/85
68
-
8/2/2019 Security 101 - Presentation
69/85
AGENDA
1. General discussion2. Defining sensitive data
---------- BREAK ----------
3. How do I find sensitive data?
4. Handling a data security incident
---------- BREAK ----------
5. Closing remarks & next steps
69
-
8/2/2019 Security 101 - Presentation
70/85
GOALS FOR THESE COURSES (REMINDER)
To continue the campus-wide conversation
Advertise OCIS training resources
Increase networking (social) within ITcommunity on UW campuses
Share war stories
lessons learned, scars received.
70
-
8/2/2019 Security 101 - Presentation
71/85
THE TROUBLE WITH SENSITIVE DATA
Difficult to get rid of.
It replicates
Hardcopy
Cached Email forward
Backed up
Get rid of it! (if possible)
71
Considerations
Do you really need the data? Rethink business practices.
Frequently re-assess securitystandards. Things change
Yesterday: SSNs
Tomorrow: Mobile phone numbers?
Office of Campus InformationSecurity OCIS is your friend
-
8/2/2019 Security 101 - Presentation
72/85
OCIS IS YOUR FRIEND
Training andLockdown
72
Extensiveresources
Security riskassessment
Individual &Departmental
www.cio.wisc.edu/security
IT SecurityPrinciples
http://www.cio.wisc.edu/securityhttp://www.cio.wisc.edu/security -
8/2/2019 Security 101 - Presentation
73/85
IT SECURITY PRINCIPLE #1
Principle #1: Security is everyones responsibility.
It takes a
village...
Managers
IT support
Office staff
Faculty
End users
Students
Campus police
You! 73
-
8/2/2019 Security 101 - Presentation
74/85
IT SECURITY PRINCIPLE #2
Principle #2: Security is part of the development lifecycle.
Plan for it!
Not an after-thought!
Designed into the project plan
i.e. Allocate the necessary resources
Logging & auditing capabilities Layering security defenses
74
-
8/2/2019 Security 101 - Presentation
75/85
IT SECURITY PRINCIPLE #3
Principle #3: Security is asset management.
Lock it up!
Classification of data
Establishing privileges
Separating or
redistributing job
responsibilities and duties
75
-
8/2/2019 Security 101 - Presentation
76/85
IT SECURITY PRINCIPLE #4
Principle #4: Security is a common understanding.
Think it through!
Due diligence
Risks & Threats Costs (OCIS assessment)
Incident handling
76
-
8/2/2019 Security 101 - Presentation
77/85
WHEN I GET BACK TO THE OFFICE 1
Find the dataAsk your manager
Do we generate, use, receive, store sensitive
data? If so, what measures, practices are in place
77
-
8/2/2019 Security 101 - Presentation
78/85
WHEN I GET BACK TO THE OFFICE 2
Scanning for sensitive data Identify Finder
GET PERMISSION FIRST!
Suggest that you scour ALL servers
78
-
8/2/2019 Security 101 - Presentation
79/85
79
70% of data breaches involve
data the owners didnt evenknow was there.
-
8/2/2019 Security 101 - Presentation
80/85
WHEN I GET BACK TO THE OFFICE 3
Prepare to respond to an incident Inquire about current response procedure
Make sure it is well-known, published
Remember our flow chart
80
-
8/2/2019 Security 101 - Presentation
81/85
WHEN I GET BACK TO THE OFFICE 4
Keep the conversation aliveShare info with coworkers
Bookmark OCIS website
Future IT security coursesPut appointment in calendar to check progress
81
-
8/2/2019 Security 101 - Presentation
82/85
RESOURCES
Organizationswww.doit.wisc.edu/about/advisory.asp
TechPartners forum
Sign-up
CTIG Campus Technical Issues Group
Watch for presentations, attend andjoin?
MTAG Madison Technology Advisory GroupKnow they exist appointed roles
82
http://www.doit.wisc.edu/about/advisory.asphttp://www.doit.wisc.edu/about/advisory.asp -
8/2/2019 Security 101 - Presentation
83/85
RESOURCES & NEXT STEPS
Refer to your handout When I Get Back to My Office, I Will
83
-
8/2/2019 Security 101 - Presentation
84/85
AGENDA - RECAP
1. General discussion
2. Defining sensitive data
3. How do I find sensitive data?
4. Handling a data security incident
5. Resources & Next steps
84
-
8/2/2019 Security 101 - Presentation
85/85
THE END
Thank you!Please fill out the course evaluation
and leave it by the door on your way out.