technology guide 5: protecting your information assets 1

23
TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

Upload: suzan-caldwell

Post on 23-Dec-2015

227 views

Category:

Documents


3 download

TRANSCRIPT

Page 1: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

TECHNOLOGYGUIDE 5:

Protecting Your Information Assets

1

Page 2: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

2

TG 5.1 Introduction

TG 5.2 Behavioural Actions to Protect Your Information Assets

TG 5.3 Computer-Based Actions to Protect Your Information Assets

PROTECTING YOUR INFORMATION ASSETS

Copyright John Wiley & Sons Canada

Page 3: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

3

LEARNING OBJECTIVES

1. Explain why it is critical that you protect your information assets.

2. Identify the various behavioural actions you can take to protect your information assets.

3. Identify the various computer-based actions you can take to protect your information assets.

Copyright John Wiley & Sons Canada

Page 4: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

4

TG 5.1 INTRODUCTION

• There are a number of behavioural actions that you should take to protect your information assets:– General behavioural actions– Computer-based actions

Copyright John Wiley & Sons Canada

Page 5: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

5

TG 5.2 BEHAVIOURAL ACTIONS TO PROTECT YOUR INFORMATION ASSETS

• Take action to protect information assets such as:– Personal Information – Social Insurance Number– Credit Cards– Debit Cards– Financial Accounts– Personal Mailbox– Dealing with old records

Copyright John Wiley & Sons Canada

Page 6: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

6

WHAT TO DO IN THE EVENT OF IDENTITY THEFT

• If your social insurance number has been compromised, contact Service Canada; in the event of passport theft, you would contact your local passport office.

• If you believe your mail is being diverted, contact your local Canada Post office.

• Cancel all affected credit cards and obtain new credit card numbers.

• Consult a lawyer for the type of paperwork that may be required to deal with disputes with financial institutions or credit-granting organizations.

Copyright John Wiley & Sons Canada

Page 7: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

7

WHAT TO DO IN THE EVENT OF IDENTITY THEFT (CONTINUED)

• Organize your paperwork, including the names, addresses, and phone numbers of everyone you contact about this crime.

• File a detailed police report. Send copies of the report to creditors and other agencies or organizations that may require proof of the crime.

• Get the name and phone number of your police investigator, and give it to your creditors.

• In all communications about the crime, use certified, return-receipt mail.

Copyright John Wiley & Sons Canada

Page 8: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

8

WHAT TO DO IN THE EVENT OF IDENTITY THEFT (CONTINUED)

• Get your unique case number from each credit agency, and ask each agency to send your credit report.

• Tell each agency to issue a fraud alert. • Get the document that you need to file a long-term fraud

alert, which lasts for seven years and can be cancelled at any time.

• Ask the credit agencies for the names and phone numbers of lenders with whom recent accounts have been opened in the affected time frame, so you can identify fraudulent accounts that have been opened.

Copyright John Wiley & Sons Canada

Page 9: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

9

WHAT TO DO IN THE EVENT OF IDENTITY THEFT (CONTINUED)

• Point out all entries generated due to fraud to each agency. Ask each agency to remove the specified fraudulent entries.

• Tell each agency to notify anyone who received your report in the last six months (or the affected time frame) that you are disputing the information.

• You may be able to order a “credit freeze” with the two major credit agencies.

• Be alert for change-of-address forms in your mail. • If debt collectors demand payment of fraudulent

accounts, write down the name of the company as well as the collector’s name, address, and phone number.

Copyright John Wiley & Sons Canada

Page 10: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

10

TG 5.3 COMPUTER-BASED ACTIONS TO PROTECT YOUR INFORMATION ASSETS

• Determine what sites users of your computer have visited on the Internet

• Access social networking sites safely• Detect malicious software • Protect your system when computing wirelessly. • Recover from a disaster• Protect your privacy when using the Internet and e-mail

Copyright John Wiley & Sons Canada

Page 11: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

11

DETERMINING WHERE PEOPLE HAVE VISITED ON THE INTERNET USING YOUR COMPUTER

• Identify the Internet sites that anyone who uses your computer has visited. To do this, check the browser history.

• You will not be able to check the browser history of someone who uses private browsing on your computer.

Copyright John Wiley & Sons Canada

Page 12: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

12

THE DANGERS OF SOCIAL NETWORKING SITES

• Well-known social networking sites include Facebook, Twitter, LinkedIn, YouTube, MySpace, and Flickr.

• Never post personal information about yourself or your family in chat rooms or on social networking sites. In fact, you should

• Potential employers are now searching social networking websites for information about you.

• Social networking websites have privacy features that give users more control over their information.

Copyright John Wiley & Sons Canada

Page 13: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

13

DETERMINING WHETHER YOUR COMPUTER IS INFECTED

• There are several signs to look for if you think your computer system is infected with malicious software or malware:– Shuts down unexpectedly– refuses to start normally– exhibits erratic behaviour– system unexpectedly runs out of memory– system continually runs out of main memory (RAM) – system displays an unusually high number of error messages– programs take longer to load than normal, or run very slowly– programs act erratically– monitor displays strange graphics or messages– e-mail program sends messages to all your contacts

Copyright John Wiley & Sons Canada

Page 14: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

14

COMPUTER ACTIONS TO PREVENT MALWARE INFECTIONS

• Never open unrequested e-mail attachments, even if the message is from someone you know and trust.

• Never open attachments or web links in e-mails from people you do not know.

• Never accept files transferred to you during Internet chat or instant messaging sessions.

• Never download any files or software from websites that you do not know or files or software that you have not requested.

Copyright John Wiley & Sons Canada

Page 15: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

15

TEST YOUR SYSTEM

• It is a good idea to test your system. Several websites provide security tests:– ShieldsUP! – Norton Security Scan – McAfee My SecurityStatus – AuditMyPC

• Click on the links above to read about the variety of services available to test your computer system.

Copyright John Wiley & Sons Canada

Page 16: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

16

TEST YOUR SYSTEM (CONTINUED)

• Install the following to protect your computer:– security suite– anti-malware product– firewall– antispyware product– monitoring software– content-filtering software– anti-spam software – proactive intrusion detection and prevention software

• Click on the links above to read about the variety of products available to test your computer system.

Copyright John Wiley & Sons Canada

Page 17: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

17

TEST YOUR SYSTEM (CONTINUED)

• To protect your computer:– manage patches– use a browser other than Internet Explorer– use an Operating System other than Windows

Copyright John Wiley & Sons Canada

Page 18: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

18

PROTECTING YOUR PORTABLE DEVICES AND INFORMATION

• There are two common-sense precautions that many people forget:– Keep your laptop in an inconspicuous container. Laptop cases

with your company logo simply draw the attention of thieves. – Do not leave your laptop unattended in plain view; for example,

in the back seat of your car where it can be seen. Instead, lock it in the trunk.

Copyright John Wiley & Sons Canada

Page 19: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

19

STRATEGIES TO PREVENT THEFT OF PORTABLE DEVICES

• Use alarms• Two-factor authentication • Data encryption• Encrypt your entire hard drive, including your

applications• Use laptop-tracing tools or device reset/remote kill tools

• Click on the links above to read about the variety of products available to help prevent theft of portable devices.

Copyright John Wiley & Sons Canada

Page 20: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

20

Protect your Computer and Wireless Area Network

• Prepare for personal disasters• Secure a home based wireless area network• Hide your service set identifier (SSID)• Use encryption• Filter out media access control (MAC) addresses• Limit Internet Protocol (IP) addresses• Sniff out intruders• Take precautions when using a public hotspot• Test your wireless network• Use wireless security software

Copyright John Wiley & Sons Canada

Page 21: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

21

USING A PUBLIC HOTSPOT

• Precautions to take when using a public hotspot:– Use virtual private networking (VPN) technology to connect to

your organization’s network.– Use Remote Desktop to connect to a computer that is running at

your home.– Configure your firewall to be “on with no exceptions.”– Visit only websites that use secure sockets layer (SSL) to

conduct any financial or personal transactions.

Copyright John Wiley & Sons Canada

Page 22: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

22

CHAPTER CLOSING

1. It is critical that you protect your information assets

2. There are several behavioural actions you can take to protect your information assets such using credit cards with your picture on them, paying close attention to your credit card billing cycles, limiting your use of debit cards, etc.

3. There are many computer-based actions you can take to protect your information assets such as testing your system, running free malware scans on your computer, having an anti-malware product on your computer and have it set for automatic updates, etc.

Copyright John Wiley & Sons Canada

Page 23: TECHNOLOGY GUIDE 5: Protecting Your Information Assets 1

CopyrightCopyright © 2014 John Wiley & Sons Canada, Ltd. All rights reserved. Reproduction or translation of this work beyond that permitted by Access Copyright (the Canadian copyright licensing agency) is unlawful. Requests for further information should be addressed to the Permissions Department, John Wiley & Sons Canada, Ltd. The purchaser may make back-up copies for his or her own use only and not for distribution or resale. The author and the publisher assume no responsibility for errors, omissions, or damages caused by the use of these files or programs or from the use of the information contained herein.