Upload
issa-la
View
19
Download
0
Tags:
Embed Size (px)
Citation preview
**Confidential** **Confidential**
Mitigation - Defense in Depth
**Confidential** **Confidential**
Secure Configurations
• Most basic line of defense
is a secure configuration.
• Do blank passwords work?
Guest access?
• Is your wireless
accesspoint using WPA?
• Can the software be
secured? Is it still
supported?
• Many excellent resources
to help users at all levels.
**Confidential** **Confidential**
Is your software updated?
• Auto-updates
• Verify current status
• Qualys Browser Check
• Windows Update
**Confidential** **Confidential**
Anti-Virus
**Confidential** **Confidential**
Firewall - Windows
**Confidential** **Confidential**
Social Media
• Who are your on-line “friends”? Attackers? Who are their friends?
• What information are you (or your spouse, or your kids) disclosing?
• Master the privacy policies of each service BEFORE you use it.
**Confidential** **Confidential**
Two Factor Authentication
• Use two factor authentication whenever possible.
• Do not synchronize passwords!
• Make sure email accounts are locked down.
**Confidential** **Confidential**
Password Management
• Do not synchronize passwords!
• Make sure email accounts are locked down.
• Password management programs help with complying with
good password practices.
Challenges
Users
Case Study - Phishing Email
Phishing Webpage