Downloaded 379 times
Uploaded byCommunity IT Innovators
Basic Security Training for End Users
The document outlines a webinar on training nonprofit staff in end-user IT security, emphasizing the importance of awareness and education to safeguard against various digital threats. Key topics include password security, email and web threats, and mobile security tips, highlighting practical measures for maintaining security. Additionally, the document promotes an upcoming webinar on nonprofit IT budgeting and mentions feedback opportunities for participants.
More Related Content
![Employee Security Training[1]@](https://cdn.slidesharecdn.com/ss_thumbnails/EmployeeSecurityTraining1-122974944243-phpapp01-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
Similar to Basic Security Training for End Users
More from Community IT Innovators
![UiPath Automation Suite Installation (Hands-On) [2/3]](https://cdn.slidesharecdn.com/ss_thumbnails/automationsuitecommunitysession2-251015095633-a6d862f1-thumbnail.jpg?width=600ounds&width=560&fit=bounds)
Basic Security Training for End Users
- 1. Training Staff inEnd User IT Security Community IT Innovators Webinar Series September 17, 2015
- 2. Training Staff inEnd User IT Security Community IT Innovators Webinar Series September 17, 2015
- 3. Webinar Tips • Interact Ask questionsvia chat Connect on Twitter • Focus Avoid multitasking. You may just miss the best part of the presentation • Webinar Slides & Recording PowerPoint and recording links will be shared after the webinar
- 4. About Community IT Advancing mission throughthe effective use of technology. • Invested Work exclusively with nonprofit organizations, serving over 900 since 1993. • Strategic Help our clients make IT decisions that support mission. • Collaborative Team of over 30 staff who empower you to make informed IT choices.
- 5. Mark Kraemer Network Administrator mkraemer@communityit.com NuradeenAboki Network Manager naboki@communityit.com
- 6. Common Internet Activities •Check emails, collaborate and share documents online… • Communicate with friends on Facebook, Twitter, Whatsapp… • Pay bills, view health and financial records… • Read blogs, articles, magazines, and news… • Order books, electronics, apparel… • Listen to music, watch videos, and play games.. • Download digital content..
- 7. Threat Landscape • “DigitalExtortion” through Malware • Data Breaches • Scams through Social Media platforms • Mobile attacks on the rise • Internet of Things including wearables, and even cars • Targeted Attacks • Web Threats
- 8. Corporate IT SecuritySystems Some say, “Our organization is SAFE because we have Antivirus software on computers and servers, Anti-spam filters for email protection, encryption on our websites, firewall security to secure our local area network, and password-protected WiFi connections.” Unfortunately, these alone may not be enough to keep your network secure from all threats. An organization is more likely to be jeopardized from employees unintentionally, erroneously, carelessly, or deliberately.
- 9. IT Security forEnd Users • Trickiest to manage • Balance between security and convenience • Best defense is awareness and education
- 10. IT Security -Basics Physical Workstation Password Email Web Mobile Remote Access
- 11. Physical Threats • YourWorkplace, desk, cubicle, office space • Your Workstation, desktop PC, laptop, and mobile devices • Your paperwork
- 12. Physical Security • Lockyour screen before you leave your computer or mobile device unattended – For Windows, press & hold the Windows Key, then press L. – For Mac, press these keys at the same time: • Control + Shift + Eject (Mac with eject key) • Control + Shift + Power (Mac without eject key) • Store documents containing sensitive data in a lockable safe or cabinet • When destroying sensitive documents, at least shred them properly • Report all suspicious activities
- 13. Workstation Security Tips: 1. Antivirussoftware should always receive the latest virus signatures, and set to ran full virus scans weekly. 2. Antivirus software should be configured to scan web pages, attachments, and downloads. 3. Operating System and 3rd party applications should be patched regularly
- 14. Password Security Tips: 1. CreateStrong or hard-to-guess Passwords • For example, it must have at least 8 characters, 1 uppercase, 1 lowercase,1 numeric, & a special character. You use a phase with space between words 2. Change passwords after every 90 days 3. Set a lockout threshold for failed logon attempts 4. Disable password caching on workstation and mobile devices 5. When necessary, end users may share passwords with authorized persons only 6. Do not store your password on or near your workstation 7. If available, use two-factor authentication when accessing password protected websites 8. Protect password files
- 15. Email Threats Source -http://cdn2.hubspot.net/hub/204663/file-277596927- jpg/images/email-security.jpg
- 16. Email Security • BasicRules – Do not click unless you are certain that it’s safe – Think about the source, identify the sender, scan or preview the attachment, verify the legitimate web address – Sign out of your email client after use – If you are in doubt or compromised contact your IT helpdesk
- 17. Web Threats • InstantMessaging Spam • Unsecure Websites, & Compromised Sites • Browser & Plug-in Vulnerabilities • “Malvertising” or Malicious Advertising • Denial of Service
- 18. Web Security Tips: 1. Donot click until you are confident about the Internet link or website 2. Make sure that pop-up blocker is enabled on your web browser 3. Look at the actual web address by “hovering” mouse pointer over the link 4. Verify that you are browsing a HTTPS website, especially transmitting personal data 5. Do not assume all plug-ins are safe. Take some time to do a little research. 6. Be sure to update your browser and your plugins regularly or set them to auto update on your home PC. 1. Firefox, Chrome, Java, Flash 7. When in doubt ask your IT helpdesk
- 19. Mobile Threats • FakeApps • Short Messaging Spamming • Improper use of camera • Tracking users • Stealing Information
- 20. Mobile Security Tips: 1. Keeppatches updated on your device and mobile applications 2. Do not assume all apps are safe. Fake apps exist! a. Beware of apps that are mobile websites many ads b. Read the Reviews/Ratings to learn about the apps c. Look for apps with most downloads, especially those with labeled “Editor’s choice” d. Check the developer’s profile 3. Verify the source of any shared images, videos, and links before opening it. 4. Make sure location services are enabled to help find your mobile if lost or stolen. 5. When in doubt, or attacked, contact your IT helpdesk
- 21. Remote Access Security Tips: –Wireless Networks 1. Home WiFi Make sure your home network is password-protected. Avoid using your personal information as Network Name or Password. Keep firmware updated on your home wireless router. 2. Public WiFi Beware of Fake WiFi Hotspots in coffee shops, restaurants, airports, and public areas 3. Switch off the wireless card when not in use to avoid automatically connecting to an unsecure network. – For Remote Desktop (RD) Connection, do not save your logon credentials on RD client software – If available, use Virtual Private Network (VPN) encryption when accessing work files remotely across an untrusted network.
- 22. Takeaways Source - SecurityBest Practices, https://www.opswat.com/blog/10-things-include- your-employee-cyber-security-policy
- 23. Upcoming Webinar Guidelines forAnnual Nonprofit IT Budgeting Thursday October 22 4:00 – 5:00 PM EST Cedric Boyd Steve Longenecker
- 24. Provide feedback Short surveyafter you exit the webinar. Be sure to include any questions that were not answered. Missed anything? Link to slides & recording will be emailed to you. Connect with us
- 25. Author: DuMont Television/RosenStudios, New York-photographer, Uploaded by We hope at en.wikipedia http://commons.wikimedia.org/wiki/File:20_questions_1954.JPG
Editor's Notes
- #2 GTM starts recording after first slide change. Advance to second Title slide after hitting Record.
- #3 Johan’s
- #4 Johan’s
- #5 Johan’s
- #6 Mark first, then Nura
- #7 Trk
- #8 Trk
- #9 Trk
- #10 Here are examples of threats with suggestions on how to protect yourself, your data, your organization from harm: Abstract – “You control what you choose to Click.”
- #11 Trk
- #12 Locking all your mobile devices is important in case of theft- if the have no barriers to get into your phone, they not only have the devices, they have your data! Don't leave your PW on a sticky note on your laptop, don't make it obvious.
- #13 Locking all your mobile devices is important in case of theft- if the have no barriers to get into your phone, they not only have the devices, they have your data! Don't leave your PW on a sticky note on your laptop, don't make it obvious.
- #14 For physical documents this especially includes passwords, pin numbers etc.
- #15 All of this is for work and home
- #16 Trk
- #17 Trk Data Breaches Malicious URLs Harmful attachments Phishing attacks Social Engineering Attacks Scams
- #18 Trk
- #19 Trk
- #20 Trk
- #21 Trk – Not Apps are created equal
- #22 Trk 1. Netflix, Angry Birds, have multiple fake versions. Take some time to examine the apps, and do a little research on the apps 2. Beware of apps that are just mobile websites with a lot of ads. Mostly, approached free app sites with caution. 3.
- #23 Clarify "Any public wifi“ – Someone may easily be accessing your information, emails, and passwords without your knowledge when your connected to a WiFi hotspot at your local coffee shop, library, or at the airport. Steal transmitted data. If you are banking online or sending work e-mail from this fake hotspot, a hacker can see and steal your information. Don’t use any personal information.
- #24 Trk
- #25 Trk
- #26 Johan
- #27 Johan
- #28 Johan.