Privacy and Security 101or

How To Play Safely In A Dangerous World

Brian T. O’Hara CISSP, CISA, CISM, CRISCChief Information Security Officer

The Mako Group, LLCbtohara@makopro.com

http://www.linkedin.com/in/brianohara/Twitter: @brian_t_ohara

260.241.4799

The Mako Group, LLC, Services• IT & Info Sec Auditing• IT Risk Assessments• Security Training• Vulnerability

Assessments• Social Engineering• PCI DSS 3

• FISMA Audits• Penetration Testing• Gap Assessments• SOC 1 and SOC 2• SOX 404• HIPAA• Virtual CISO

BIO• CISO of The Mako Group, LLC• Information Systems Security Assoc. Fellow• Program Chair, CINT Ivy Tech NE• Adjunct Faculty Indiana Tech• CISSP - Certified Info Systems Security Prof.• CISA - Certified Information Systems Auditor • CISM - Certified Information Security Manager• CRISC - Certified Risk Info System Controls

Does Privacy Still Exist

• Google• Post 911 Federal Government Monitoring• E-Commerce Marketing• Data Breaches Everywhere• Impact of HIPAA and HITECH• Social Media• BYOD (Bring Your Own Device)

Yesterday

• Pre 911• Dial up Modems• Signature Based Anti Virus• No Smart Phones• No Zappos • No Electronic Medical Records• No GOOGLE!!!!

Today

• Post 911• GOOGLE!!!• Zappos • Smart Phones• Electronic Medical Records• Card Use Ubiquitous• BYOS (Bring Your Own Stuff)

Quiz 1

• Who invented the internet?

Answer

• Tim Berners - Lee

What Can You Do?

• 10 Steps To Protect Your Privacy

1. Use Good Anti Malware

• Anti Virus• Anti Spam• Intrusion Detection• Firewalls

MACs Get Viruses Too

• Do not suffer from the delusion that Apple computers cannot become infected with viruses or other malware.

2. Patch Your Systems

• Windows Updates• Third Party Apps

– Java– Flash

• MAC OSX Updates

Microsoft

JAVA

Flash

MAC

Windows XP

• To Kill or Not to Kill

3. Secure Your Devices

• Wireless Routers• Machines• Tablets• Phones

4. Social Media

• Facebook• Twitter• Instagram• FourSquare• MySpace• LinkedIn

• Pinterest• Google+• Flickr• Meetup• Classmates• Meetme

Quiz 2

• What was the name of the first Web Browser?

Answer

• Netscape

5. Encryption

• What the heck is it?• How is it used?• Can mere mortals master the dark arts?

Understand SSL and Use It

SSL Verfication

Wireless Safety

• Starbucks• Hotels• Airports

QUIZ 3

• Who sent the first email across the internet?

• When did it occur?

Answer

• Ray Tomlinson

Bonus Question

• Where did the @ orignate?

Answer

• The local supermarket

6. Phishing

7. Passwords

• Length• Complexity• Reusability• Passphrases• When to change• How to store/secure

8. Downloads

VERY DANGEROUS• Use Caution• Never Download from Email

– Use copy and paste• Make sure it is something you want/need• If unsure, ask someone for help• If unsure, delete!

9. Watch Your Monthly Bills

• Keep close tabs on your monthly CC bills• Watch for small anomalous purchases• Report activity to Bank IMMEDIATELY!

10. Ask for Help

• Go to your local computer store• Use online resources with caution• Ask your in house IT staff

– Within reason• Notify authorities if necessary

11. BONUSUse Common Sense

• Don’t give out private information to people you cannot verify actually need it.

• Use your head. If something sounds too good to be true, it is.

• Watch over your children. They are easily duped and tempted. It is not their fault.

• Watch over the elderly. They are easily duped and temtped.

REMEMBER

• If it sounds too good to be true, it isn’t.• If you aren’t sure, ask someone else.• If you think you have been taken

advantage of, report it• Whatever you post on the internet, stays

on the internet,

FOREVER!

THANKSBrian T. O’Hara CISSP, CISA, CISM, CRISC

Chief Information Security OfficerThe Mako Group, LLC

btohara@makopro.comhttp://www.linkedin.com/in/brianohara/

Twitter: @brian_t_ohara

260.241.4799