information security essentials for research
DESCRIPTION
Information Security Essentials for Research. Randy Moore, CISSP Director, IT Information Security Services OU HIPAA Security Officer University of Oklahoma Health Sciences Center. Outcome Statement. At the conclusion of this presentation you should be able to:. Identify threats - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/1.jpg)
Information Security Essentials for
Research
Information Security Essentials for
Research
Randy Moore, CISSPDirector, IT Information Security ServicesOU HIPAA Security OfficerUniversity of Oklahoma Health Sciences Center
Randy Moore, CISSPDirector, IT Information Security ServicesOU HIPAA Security OfficerUniversity of Oklahoma Health Sciences Center
![Page 2: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/2.jpg)
Outcome StatementOutcome Statement
At the conclusion of this presentation you should be able to:At the conclusion of this presentation you should be able to:
1. Identify threats
2. State safe practices
3. Know where to report an incident
1. Identify threats
2. State safe practices
3. Know where to report an incident
![Page 3: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/3.jpg)
Research dataResearch data
• Where is your research data?• Is it safe from common threats?
• Where is your research data?• Is it safe from common threats?
![Page 4: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/4.jpg)
Common threat #1Common threat #1
• Virus and worm infections (malicious code)• Virus and worm infections (malicious code)
![Page 5: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/5.jpg)
Virus Detection SummaryVirus Detection Summary
• Last 4 Hours: 36• Last 24 Hours: 301• Last 7 Days: 1,902• Last 30 Days: 14, 466
• Last 4 Hours: 36• Last 24 Hours: 301• Last 7 Days: 1,902• Last 30 Days: 14, 466
![Page 6: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/6.jpg)
Threat #2: Software vulnerabilitiesThreat #2: Software vulnerabilities
• 484 Vulnerabilities identified in 1 month• 484 Vulnerabilities identified in 1 month
![Page 7: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/7.jpg)
Threat #3: Data lossThreat #3: Data loss
• Data loss or destruction– Hardware failure– Theft– Accidental deletion– Fire– Tornado– Flood
• Data loss or destruction– Hardware failure– Theft– Accidental deletion– Fire– Tornado– Flood
![Page 8: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/8.jpg)
What if? Disaster strikes you?What if? Disaster strikes you?
• Is your data backed up? – To tape?– Have you tested the restore process?– Do you lock your doors and keep your laptop secure?– Do you use tracking software on laptops?
• Is your data backed up? – To tape?– Have you tested the restore process?– Do you lock your doors and keep your laptop secure?– Do you use tracking software on laptops?
![Page 9: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/9.jpg)
Threat #4: Unauthorized accessThreat #4: Unauthorized access
• Connecting to 700 million on the Internet– There are bad guys on the “Net”– They want access to your computer
• 44,000 probes per day
• Connecting to 700 million on the Internet– There are bad guys on the “Net”– They want access to your computer
• 44,000 probes per day
![Page 10: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/10.jpg)
Threat #5: Malicious software from the webThreat #5: Malicious software from the web
• Malicious software downloads from the web– Spyware– Trojan Horse– Key Loggers
• 1 in 10 web sites attempt to download software without permission
• Malicious software downloads from the web– Spyware– Trojan Horse– Key Loggers
• 1 in 10 web sites attempt to download software without permission
OUHSC Threat Level OUHSC Threat Level
![Page 11: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/11.jpg)
Safe Practices for the InternetSafe Practices for the Internet
• Set higher security settings in your browser
• Do not install add-ons to your browser(Google tool bar, Comet Curser, Gator, HotBar, etc.)
• Avoid Game Sites and sites that require you to fill out online forms
• Install a spyware removal tool
• Always remember that your computer is a business tool
• Set higher security settings in your browser
• Do not install add-ons to your browser(Google tool bar, Comet Curser, Gator, HotBar, etc.)
• Avoid Game Sites and sites that require you to fill out online forms
• Install a spyware removal tool
• Always remember that your computer is a business tool
![Page 12: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/12.jpg)
Threat #6: EmailThreat #6: Email
• 89% of e-mail traffic contains viruses, phishing schemes, or is SPAM
• 27,735,000 malicious e-mails blocked from delivery to OUHSC last month
• 89% of e-mail traffic contains viruses, phishing schemes, or is SPAM
• 27,735,000 malicious e-mails blocked from delivery to OUHSC last month
![Page 13: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/13.jpg)
Safe Practices for EmailSafe Practices for Email
• Do not open unsolicited email or attachments
• Do not reply to SPAM
• Do not use your OUHSC email address in online forms and questionnaires unless it becomes necessary for University related business.
• Place a confidentiality notice in your signature block
• Do not open unsolicited email or attachments
• Do not reply to SPAM
• Do not use your OUHSC email address in online forms and questionnaires unless it becomes necessary for University related business.
• Place a confidentiality notice in your signature block
![Page 14: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/14.jpg)
Safe practices summarySafe practices summary
– Antivirus updates (daily)– Security patches (monthly)– Data backups (daily)– Browser security settings (periodically)– Avoid unknown software from the Internet (always)– Firewall protection (annually)– Email caution (always)– Report suspicious activity (always)
– Antivirus updates (daily)– Security patches (monthly)– Data backups (daily)– Browser security settings (periodically)– Avoid unknown software from the Internet (always)– Firewall protection (annually)– Email caution (always)– Report suspicious activity (always)
![Page 15: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/15.jpg)
Incident Response Incident Response
Incidents are reported to:Incidents are reported to:
• Tier 1 or Computer Support Personnel or Supervisor• IT Service Desk• IT Security• Office of Compliance (PHI incidents)
• Tier 1 or Computer Support Personnel or Supervisor• IT Service Desk• IT Security• Office of Compliance (PHI incidents)
![Page 16: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/16.jpg)
Safe PracticesSafe Practices
• Follow policies to help protect your data• See http://it.ouhsc.edu/policies/
• Follow policies to help protect your data• See http://it.ouhsc.edu/policies/
![Page 17: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/17.jpg)
Contact informationContact information
• IT Information Security Services• [email protected]• 271-2476
• IT Service Desk• [email protected]• 271-2203
• IT Information Security Services• [email protected]• 271-2476
• IT Service Desk• [email protected]• 271-2203
![Page 18: Information Security Essentials for Research](https://reader038.vdocuments.site/reader038/viewer/2022103101/56814183550346895dad72ea/html5/thumbnails/18.jpg)
QuestionsQuestions
??