protecting your data
play

Protecting Your Data Presented by: Shawn Davis Adjunct Professor - - PowerPoint PPT Presentation

Mar 25, 2023 •183 likes •594 views

Sen. Cristina Castros Cybersecurity Forum Protecting Your Data Presented by: Shawn Davis Adjunct Professor - Illinois Institute of Technology Dir. of Digital Forensics Edelson PC Data Collection & Tracking Staying Safe Online

  1. Sen. Cristina Castro’s Cybersecurity Forum Protecting Your Data Presented by: Shawn Davis Adjunct Professor - Illinois Institute of Technology Dir. of Digital Forensics – Edelson PC

  2. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Table of Contents: 1. Staying Safe Online 2. Protecting Your Online Privacy 3. Questions

  3. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Staying Safe Online

  4. Data Collection & Tracking Staying Safe Online Protecting Your Privacy What are some typical online attacks against consumers??? ▪ Phishing/social engineering ▪ Email hacked and friends spammed ▪ Hacked online accounts/cards ▪ Malicious software installed on your computer/mobile device ▪ Attackers gaining access to your computer or network

  5. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Social Engineering (Phishing Emails) Make sure not to: 1. Click on a malicious link o Leads to infected or fake website that requests your username/password (fake Gmail, Facebook, etc.) 2. Open a malicious attachment o Infection with spyware, ransomware, etc. 3. Reply to attacker with PII or other sensitive information

  6. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Phishing Email Example 1 • Hover over link but don’t click • Make sure the domain (highlighted) is for the real site

  7. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Identifying Malicious Links in Phishing Emails • Good links: ▪ https://www.google.com ▪ https://mail.google.com ▪ https://www.google.com/signup • Bad Links: ▪ https://www.google.com.me.com ▪ https://www.corp-google.com ▪ https://www.googgle.com

  8. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Phishing Email Example 2 • Don’t open unknown attachments

  9. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Phishing Email Example 3 • Don’t ever provide password or PII

  10. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Identifying Phishing Emails • Let’s take a quiz! • https://phishingquiz.withgoogle.com/

  11. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Legitimate Email (shown below) ▪ Make sure “from” and “mailed - by” domains match and are the real domain of the site (not something similar or spelled incorrectly)

  12. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Social Engineering (Phone) ▪ Fake Tech Support ▪ Fake IRS ▪ Fake Loved One ▪ Fake Sweepstakes ▪ Fake Utility/Bank

  13. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Prevent Hacked Online Accounts by… • Not falling for Phishing • Not using the same password on multiple sites • Not using an insecure password ▪ Bad: Short, dictionary word, all lowercase, etc. ▪ Good: 10 char or more, no dictionary words, use uppercase, lowercase, numbers, symbols ▪ Best: Use a password manager! • Using 2-Factor Verification! • Not entering information on illegitimate sites

  14. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Password Managers • Generates good random passwords for each site • Only need to remember one master password!

  15. Data Collection & Tracking Staying Safe Online Protecting Your Privacy • Use 2-Factor Authentication for email, banks, etc.!!! o https://www.google.com/landing/2step/ o Use mobile app with codes as opposed to email when you can

  16. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Illegitimate Web Sites ▪ Don’t proceed/continue to websites that have issues with their certificate (which determines if site is legitimate)

  17. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Other Avenues for Device Infection • Don’t use out of date software ▪ Patch OS, Browser, Browser Extensions (Java, Flash, etc.) regularly. • Don’t use malicious mobile apps ▪ More prominent on Android due to ability to install 3 rd party apps and less stringent Google Play store when inspecting new apps (Apple is better at vetting apps) • Don’t download computer applications from less than reputable sources (also no toolbars)

  18. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Other Avenues for Device Infection (Cont.) • Don’t view shady websites (may contain malware) • Don’t Use public Wi -Fi or insecure home Wi-Fi ▪ Use VPN for computers and phones ▪ Only setup home Wi-Fi with WPA2 with AES (not WEP or Open)

  19. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Other Avenues for Device Infection (Cont.) • Make sure to change default passwords on IoT or network devices ▪ Attackers can search online through Shodan.io for a nanny cam or other device and connect with default passwords • Use updated Antivirus (AVG, Avira, McAfee, etc.) & Antimalware products (MalwareBytes, SpySweeper, etc.)

  20. Data Collection & Tracking Staying Safe Online Protecting Your Privacy • You can take the steps I provided to help prevent the prior attacks • However, you may still be at risk from a company not taking steps to protect your data ▪ Resulting in a data breach • The following are four examples of major data breaches and their causes

  21. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Target • Attack: ▪ Network credentials stolen from third party HVAC vendor ▪ Malware pushed to POS devices to capture credit/debit cards ▪ Didn’t act on alerts from own 1.6 mil FireEye system • Result: ▪ 41 million payment accounts stolen ▪ Target paid ~200 million in lawsuits / CEO fired

  22. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Premera Blue Cross/Blue Shield • Attack: ▪ Attackers impersonated Premera website by using fake websites with “prennera.com” domain ▪ Lured employees to fake sites with phishing emails • Result: ▪ Name, DOB, SSN, Contact Info, Bank Account Info, Clinical Info of 11 mil people may have been accessed

  23. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Advocate Health • Attack: ▪ Four unencrypted desktop computers were stolen from Park Ridge, IL • Result: ▪ Computers contained medical and financial records of ~4 mil patients ▪ Paid 5.5 mil for HIPAA violation

  24. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Equifax • Attack: ▪ Equifax didn’t patch vulnerable Apache Struts server software even though patch was available for 4 months • Result: ▪ Sensitive personal and financial information of ~143 million consumers exposed

  25. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Protecting Your Online Privacy

  26. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Active Collection: Consumer Surveys, Social Media Postings, Web Registration Forms ▪ Don’t overshare! ▪ Don’t add DOB, employer, hometown, current address or city, family member names, email, etc. to social media ▪ Keep in mind pictures taken on your cell phone may have GPS coordinates embedded (AKA Geotagging)

  27. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Disabling Geotagging in Photos • iPhone ▪ Settings / Privacy / Location Services / Camera ▪ Select “Never” • Android ▪ Camera App / Settings ▪ Turn off “Save location”

  28. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Passive Collection 3 rd Party Computer Cookies ▪ Turn off 3 rd party cookies in your browser or ▪ Install the EFF’s Privacy Badger extension in Chrome, Opera, or Firefox to block 3 rd party trackers

  29. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Passive Collection 3 rd Party Cell Phone Cookies • iPhone ▪ Settings / Safari ▪ Make sure “Prevent Cross - Site Tracking” is on • Android ▪ Chrome / Three Dots / Settings / Site Settings / Cookies ▪ Uncheck “Allow third - party cookies”

  30. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Passive Collection Cell Phone Advertising Identifier & Analytics • iPhone Advertising ID ▪ Settings / Privacy / Advertising ▪ Turn on “Limit Ad Tracking” ▪ Can also “Reset Advertising Identifier” • iPhone Analytics ▪ Settings / Privacy / Analytics ▪ Turn off “Share iPhone Analytics”

  31. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Passive Collection Cell Phone Advertising Identifier & Analytics • Android Advertising ID ▪ Google Settings / Ads ▪ Select “Reset advertising ID” ▪ Turn on “ Opt out of Ads Personalization” • Android Usage and Diagnostics ▪ Google Settings / Three Dots / Usage & Diagnostics ▪ Turn to Off

  32. Data Collection & Tracking Staying Safe Online Protecting Your Privacy Defenses Against Passive Collection Do Not Track • iPhone ▪ Settings / Safari ▪ Turn on “Ask Websites Not to Track Me” • Android ▪ Chrome / Three Dots / Settings / Privacy ▪ Turn “Do Not Track” to On

Recommend

Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice

Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice

Sharing and Protecting Data to Improve Student Outcomes Community Schools Community of Practice Nov. 16, 2017 Agenda Why sharing and protecting student data matters Sharing data deep dive Protecting data deep dive Tips

313 views • 30 slides
Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6

Protecting Your Identity, Data, and Assets 1 Its Not a Matter of If, but When 17.6 million 63% Identity fraud is a serious issue. people experienced of confirmed data Fraudsters have identity theft in 2014 breaches involved stolen

605 views • 29 slides
Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed

Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed

Protecting Sensitive Data Implementation of a Sensitive Data Manager Recommendation Briefed Presidents Executive Council on 13 Jan: recommended to proceed with deploying a Sensitive Data Manager tool on all UND owned computers to

321 views • 6 slides
P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g

P Protecting Confidential Data on i C fid i l D Personal Computers with S p torage g Capsules Kevin Borders, Eric Vander Weele, Billy Lau, and Atul Prakash Problem: Malicious S oftware Computing becomes pervasive, so is malware

524 views • 29 slides
Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data

Privacy & Security Matters: Privacy & Security Matters: Protecting Personal Data Protecting Personal Data Privacy & Security Project HIPAA: What it is Health Insurance Portability and Accountability Act of 1996 Also known as

445 views • 26 slides
What are we protecting? Student Data (SSN, Grades, DOBs, Credit card) Employee Data

What are we protecting? Student Data (SSN, Grades, DOBs, Credit card) Employee Data

Freeze your credit will stop someone from opening a new line of credit in your name FREE! You can unfreeze your credit at any time Get an annual copy of your credit report and review it ALSO FREE! What are we protecting? Student

885 views • 31 slides
Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data

Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data

Data Sharing Enabling innovation Protecting people Geof Heydon October 2018 1 Data Driving Smarter Community Success AGENDA Smarter Community Data sharing NSW Government Data Task Force and ACS Data Sharing technical committee

641 views • 25 slides
Protecting Australias red meat industry with interactive data visualisation Grant Carlson

Protecting Australias red meat industry with interactive data visualisation Grant Carlson

Protecting Australias red meat industry with interactive data visualisation Grant Carlson Development Manager Binh (James) Tham Lead Solution Architect Integrity Systems Company YOW! Data 2018 About us About us Livestock Production

444 views • 25 slides
Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k

6/2/20 HealthMatters in our Homes Pr Protecting Ourselves, Pr Protecting Ot Other hers Pa Part 1: Wha What to Wear at Work k and nd Wh Why 1 During this presentation, we will: Summarize what COVID-19 is, how it spreads, and who

463 views • 19 slides
#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy

#MicroFocusCyberSummit Cloud-based Data Privacy and Protection Protecting data and privacy across hybrid IT Farshad Ghazi - Moderator Mat Spitz Lacy Gruen #MicroFocusCyberSummit Reiner Kappenberger Cloud-based Data Privacy and Protection:

455 views • 10 slides
Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond

Protecting Yourself Against Scams and Data Breaches During Coronavirus Crisis ... and Beyond Daler Radjabov, Esq. NYCLA CLE Institute Todays topics CoronaVirus related scams How to secure your online identity How to protect your

514 views • 22 slides
SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan

SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan

CloudCom, Dec 3, 2010 SafeVanish: An Improved Data Self-Destruction for Protecting Data Privacy Lingfang Zeng, Zhan Shi, Shengjie Xu, Dan Feng School of Computer Science and Technology, Huazhong University of Science and Technology

269 views • 13 slides
Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden

Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden

Data confidentiality Protecting privacy in medical research Henk Jan van der Wijk Leiden University Medical Center (LUMC) Tuesday 1st April 2014 from 11.30 12.00 #EBMT2014 www.ebmt.org Data confidentiality requested topics Explanation

512 views • 20 slides
CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska

CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska

CryptDB Protecting Confidentiality with Encrypted Query Processing Katarzyna Baranowska University of Warsaw January 21, 2012 Threats Threat 1 Speed Evaluation Threat 2 More Evaluation Why secure data? Medical data Contact data Payment

1.27k views • 78 slides
Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its

Protecting Our Protecting Our Introduction Family Family Globally HIV/AIDS has left its mark on every continent, with its highest prevalence being in sub Saharan Africa 10% of the worlds population An Assessment of In 2008,

353 views • 6 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

418 views • 8 slides
Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So

Peer Review: Protecting Your Investment Peer Review: Protecting Your Investment So Hospitals will be paid less unless: Good scores on Incentive payments Meeting 17 clinical processes Funded by 1% cut in base (aspirin,

614 views • 7 slides
Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan

Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan

Protecting Data in Untrusted Locations An exercise in Real World threat modeling. Jan Schaumann 99CE 1DC7 770A C5A8 09A6 @jschauma 0DCD 66CE 4FE9 6F6B D3D7 Me. Errday. Obligatory James Mickens This World of Ours reference.

714 views • 40 slides
Protecting the Privacy of Healthcare Data While Preserving the Utility of Geographic Location

Protecting the Privacy of Healthcare Data While Preserving the Utility of Geographic Location

Protecting the Privacy of Healthcare Data While Preserving the Utility of Geographic Location Information for Epidemiologic Research Daniel C. Barth-Jones, M.P.H., Ph.D. Center for Healthcare Effectiveness Research Wayne State University (

652 views • 61 slides
Protecting medical data with passwordless authentication Carl Svensson, KRY/LIVI @ PasswordsCon

Protecting medical data with passwordless authentication Carl Svensson, KRY/LIVI @ PasswordsCon

Protecting medical data with passwordless authentication Carl Svensson, KRY/LIVI @ PasswordsCon 2018 1 / 16 Background Biography MSc in Computer Science, KTH Head of Security, KRY/LIVI CTF: HackingForSoju E-mail (private):

448 views • 22 slides
Voice-Indistinguishability Protecting Voiceprint in Privacy-Preserving Speech Data Release

Voice-Indistinguishability Protecting Voiceprint in Privacy-Preserving Speech Data Release

Voice-Indistinguishability Protecting Voiceprint in Privacy-Preserving Speech Data Release Yaowei Han, Sheng Li, Yang Cao, Qiang Ma, Masatoshi Yoshikawa Department of Social Informatics, Kyoto University, Kyoto, Japan 1 National Institute of

611 views • 27 slides
Balancing Privacy and Safety: Protecting Driver Identity in Naturalistic Driving Video Data

Balancing Privacy and Safety: Protecting Driver Identity in Naturalistic Driving Video Data

Balancing Privacy and Safety: Protecting Driver Identity in Naturalistic Driving Video Data Sujitha Martin, Ashish Tawari and Mohan M. Trivedi Laboratory of Intelligent and Safe Automobiles September 19 th , 2014 1 2 Question: Can you tell

705 views • 21 slides
protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data

k-ANONYMITY: A model for protecting privacy ( By L.Sweeney ) Presented by : Navreet Kaur ROADMAP Data sharing and data privacy Related background work k-anonymity model Possible attacks against k-Anonymity Weaknesses of

575 views • 28 slides
Vembu Technologies Experience 100+ Countries 24X7 Support www.vembu.com Best practices for

Vembu Technologies Experience 100+ Countries 24X7 Support www.vembu.com Best practices for

Vembu Technologies Experience 100+ Countries 24X7 Support www.vembu.com Best practices for protecting your data center from disaster Criterias for protecting a Data-center Achieving your objectives Agenda How Vembu ensures data protection?

463 views • 22 slides

More recommend