User Security Presentation

Information security
Dont be the weakest link

or
But, I use a password!!
2002 TechRepublic, Inc. www.techrepublic.com. All rights reserved.
A Matter of Balance
Convenience
Security
There is an inverse
relationship between
convenience (easeof-use) and security.
As you increase
security, you lose
convenience.
2002 TechRepublic, Inc.

www.techrepublic.com. All
rights reserved.
What is Security?
Websters Dictionary: Measures taken to

guard against espionage or sabotage, crime,
attack, or escape.
H. Stanley Judd: The ultimate security is

your understanding of reality.
rights reserved.
Threat Categories
Natural Disasters Fire, flood, tornado, etc.

Nonhuman Product failures, bugs, etc.
Human
Malicious:
Insiders Disgruntled employees
Outsiders Hackers, crackers, etc.
Nonmalicious: Untrained2002
or uninformed employees
TechRepublic, Inc.
rights reserved.
One of the Companys Most

Valuable Assets
The information stored in computer
files on our desktop computers and
on the local area network
Profiles: Whos Breaking In?
Corporate spies
Financial, competitive gain
Governments
National interests
Terrorists
Religious, political ideals
Career criminals
Financial, control/power
Insiders
Financial, revenge
rights reserved.
What Makes Us Vulnerable?
Easily guessed passwords Too short;

too simple; common words
Not keeping secrets Writing passwords down;
sending confidential data in e-mails
Trusting things we get from others Opening
e-mail attachments that have a virus or other
malicious code
rights reserved.
Password
A string of characters, entered to verify that you

are authorized to access computer resources,
consisting of:
Alphabetic A to Z and a to z
Numeric 0 to 9
Special Characters ~; !: @; #; $; %; ^; &; *;
(; ); +; =; [; ]; {; }; /; ?; <; >; ,; ;; :; \; |; `; ; ; .
rights reserved.
Problems with Passwords
There is a direct relationship between the ease

with which a password can be remembered and
the ease with which it can be guessed.
Without a gimmick, a password that is difficult
for an unauthorized person to guess is usually
difficult for a user to remember (more about
gimmicks later).
If a password is easy to remember, it is probably
easy for someone else to guess.
rights reserved.
Password Security
Dont tell anyone your password.

Dont write your password down anywhere.
Make sure your password cannot be easily
guessed.
If you think there is even a slight chance
someone knows your password, change it.
Dont let someone see what you are
entering as your password.2002 TechRepublic, Inc.
rights reserved.
Dont Choose a Weak Password:
With fewer than eight characters.

That could be found in a dictionary.
That uses public information about you or your
family or friends (Soc Sec #; birthdate; credit
card number; telephone number, etc.).
That you have used before.
That is a variation of your user ID.
2002
TechRepublic,
Inc.
That is something significant
about
you.
rights reserved.
Do Choose a Strong Password:

That is at least eight characters long.
That contains uppercase and lowercase letters.
That contains at least one number or special
character.
That is not a dictionary word in any language,
slang, or jargon.
That cannot be easily guessed and is easy to
remember.
Remember to change your password
every 90 days.
rights reserved.
Weak Passwords (examples):
cat dog diego querty hart heat heart mary

1dennis2 hartelephone lintelco hartwell
eednyw ydnew kayak palindrome
september superman mickeymouse r2d2
aaaabbbccd 12345678 a1b2c3d4 zxcvbnm
bonvoyage mercibeaucoup volkswagen
mircrosoft colorprinter windows98
nowisthetimeforallgoodmentocometotheaid
rights reserved.
Strong Passwords (examples):

Wwe&nadtd 2BoN2bTist?
IsfgaWDo6
3bmstfw1491
Mdi#1imh
52eobbowtffcd
tmb1W2rpw
mkrG8b$
I know what you are thinking:
Wait one minute, you geek you said it must be
easy to remember!
Let me explain mnemonics. 2002 TechRepublic, Inc.
rights reserved.
Mnemonics Made Easy

Take a phrase that is easy for you to remember and
convert it into characters.
It could be the first line of a poem or a song lyric.
Water, water everywhere and not a drop to drink
(Rhyme of the Ancient Mariner) converts to
Wwe&nadtd.
We Three Kings from Orient Are converts to
w3KfOr3691.
(3691 is the year 1963 spelled2002
backward
to extend
TechRepublic, Inc.
beyond six characters.)
rights reserved.
Protect the Security of the

Companys Information As If
Your Job Depends on It, Because
IT DOES!

User Security Presentation

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

User Security Presentation

Загружено:

Авторское право:

Доступные форматы

Information security

Dont be the weakest link

2002 TechRepublic, Inc.

Websters Dictionary: Measures taken to

H. Stanley Judd: The ultimate security is

Natural Disasters Fire, flood, tornado, etc.

One of the Companys Most

Profiles: Whos Breaking In?

Financial, competitive gain

Religious, political ideals

What Makes Us Vulnerable?

Easily guessed passwords Too short;

A string of characters, entered to verify that you

Problems with Passwords

There is a direct relationship between the ease

Dont tell anyone your password.

Dont Choose a Weak Password:

With fewer than eight characters.

Do Choose a Strong Password:

Weak Passwords (examples):

cat dog diego querty hart heat heart mary

Strong Passwords (examples):

Mnemonics Made Easy

Protect the Security of the

Вам также может понравиться