keeping 'em safe: ways to protect your clients online
Post on 24-Jan-2015
Embed Size (px)
DESCRIPTIONA presentation for the 2011 Virginia Annual Statewide Legal Aid Conference. You need to protect yourself and your clients' data online. We'll look at using social network sites, downloading viruses, leaving metadata in documents, having bad password practices, putting information in the cloud.
- 1. Keeping em Safe:8 More Waysto Help YourClients
2. More than 8 in 10 US small businesses believe their firms are safe from cyber threats yetalmost 80% have no formal security policies inplace.You can be attacked and not even know it. Even worse, your system could be used to attack other people, and you may not know it. 3. What Is Cyber Crime?SpamFraudObscene or offensive contentHarassmentChild pornographyDrug traffickingCyber terrorismCyber warfare 4. Who Is BehindCyber Crime?Script kiddiesHacktivistsIndividual miscreantsNational & transnational organized criminalenterprisesNation states 5. Why Should You Care?Your clients trust you with very sensitive data.If they become victims, your clients have less ofan ability to bounce back.Systems that are used to commit crimes oftensupport the same organized networks that arebehind human trafficking, identity theft, childpornography, and other issues you battle againstdaily. 6. Biggest Threat? You 7. What? No Way!Acting maliciouslyForgetting to log offLosing laptops, USB keys, or smartphonesStoring client data in questionable placesDownloading viruses and malwareUsing social network sites carelesslyLeaving metadata in documentsHaving bad password practicesGetting tricked 8. Acting maliciously 9. What You Can DoPut policies in place and enforce themTrust your gut 10. Forgetting to log off 11. What You Can DoLog off when you leave your computerShut down your computer at the end of thedaySet up your computer to automatically lockwhen the screensaver comes on 12. Losing laptops,USB keys, orsmartphones 13. What You Can DoPay special attention and be carefulStore only the client data you absolutely needEncrypt your dataSet up phones so you can erase them remotelyUse strong passwordsBack up the data before you leave 14. Storing client data inquestionable places 15. What You Can DoRead privacy policiesDevelop a set of approved sites that clientinformation can be stored on and train staff tonot store data on any other sitesDont include identifiable client information inemails 16. Downloadingviruses andmalware 17. What You Can DoPatch software and systems religiouslyRead before you clickAsk if the email or attachment seems funnyAvoid downloading screensavers, fonts, & pornUse your anti-virus softwareIgnore any website that pops up a virus warning 18. Using socialnetworksitescarelessly 19. What You Can DoBe careful what you clickDont friend people you dont knowUse strong passwordsAvoid playing games and installing applicationsBe very careful about what you post 20. Leavingmetadata in documents 21. What You Can DoClean metadata from documents before sendingelectronic copiesUse the Document Inspector tool in OfficeDownload and use Metadata Removal tool forWordPerfect 22. Having badpasswordpractices 23. What You Can DoUse strong passwordsChange passwords quarterlyDont use a password for more than one siteDont share passwordsEstablish password guidelines for theorganization and follow themTry a password manager 24. Getting tricked 25. What You Can DoBe skepticalDont give anyone your passwordsDont click a link to your bank website 26. What If?Tell your supervisor immediatelyBe prepared to help figure out what happenedNotify the proper authorities 27. Who Are the Proper Authorities?Computer Intrusion Local FBI Office US Secret Service Internet Crime Complaint CenterPassword trafficking Local FBI Office US Secret Service Internet Crime Complaint CenterCounterfeiting of currency US Secret Service 28. Who Are theProper Authorities?Child pornography or Local FBI Officeexploitation US Customs and Enforcement (if imported) Internet Crime Complaint CenterInternet fraud & SPAM Local FBI OfficeUS Secret Service (Financial Crimes Division)Federal Trade CommissionSecurities & Exchange Commission (if securities/investment-related)Internet Crime Complaint CenterInternet harassmentLocal FBI Office 29. ResourcesCybercrime Reportinghttp://www.cybercrime.gov/reporting.htmStay Safe Onlinehttp://www.staysafeonline.org/US CERThttp://www.us-cert.gov/nav/nt01/ 30. ResourcesUS CERThttp://www.us-cert.gov/cas/tips/OnGuard Onlinehttp://www.onguardonline.gov/topics/computer-security.aspx 31. Picture AttributionsIn orderhttp://www.flickr.com/photos/jesseshapins/3788641411/http://commons.wikimedia.org/wiki/File:Harry_Potter_Lightning.gifhttp://commons.wikimedia.org/wiki/File:Computer_n_screen.svghttp://www.flickr.com/photos/dunechaser/385847284/sizes/l/http://www.flickr.com/photos/sravi_in/3623242288/sizes/z/http://www.flickr.com/photos/stukjefotogebeuren/2081170312/http://www.flickr.com/photos/librarianbyday/3983719036/http://www.flickr.com/photos/booleansplit/4650422195/http://www.flickr.com/photos/the-icing-on-the-cake/2424326595/http://www.flickr.com/photos/sshb/3619977273/http://www.flickr.com/photos/esm723/4377802647/http://www.flickr.com/photos/stevendepolo/4027405671/ 32. Contact InformationKate BladowFounder & Strategistpresentations@poweredpursuits.com