Internet And Data Securityfinalpdf - IPOWER
Internet and Data SecurityJohn CampbellBill Ault, Peter Cronas, Paul MillerFebruary 8, 2008jampbell5269@gmail.com
To Do .Paranoia meterIn this paper I will discuss why using the internet for transactions is useful besides being convenient. I willalso show why being cognizant of internet security is important and what steps are necessary to protect yourinternet usage. I will show how to recognize secure sites and how to protect online purchases by using virtualcredit cards. Lastly, I will discuss options for storing passwords conveniently and securely as well as securefile storage and complete removal of sensitive data.On each page a reference number(s) will be listed with a complete reference list on the last page. Just copy theaddress starting with htpp and paste it in your browser to get additional information. The circle at the top rightof the page is my arbitrary assignment of importance with red being the highest importance ranking. Why bother with securityInternet security Prerequisites How to tell if an internet site is secure Online financial transactions Online purchases – virtual credit cards Password management – records/RoboformData security Storing data securely – True CryptUse it and lose it – complete data removalFinal thoughtsReferences #
Why bother with Internet Security Online transactions are very convenient – for example I took advantage of Black Fridaysales on the Wednesday before from my computer and got several great deals.Wide range of possibilities- online purchases (eBay, Amazon, stores.)- online banking- online trading- credit card bill status- social security, insurance Diligent monitoring of financials reduces identity theft exposure. I check my credit cardsand other financials (banks, brokerage) online frequently to make sure no unauthorizedusage is occurring. In this way I can catch any theft much sooner than if I wait for amonthly statement.Hopefully this will have convinced you that using the internet is a good idea but now I willshow you why internet security is important.OK – so why is security important?Reference 1
Importance of good security Unsecured internet activity data can be viewed with programs that are readily available. Thisis called “packet sniffing” and is like sending regular mail in a clear envelope. Personal information can be viewed on an site that is not secure and dramatically increasesexposure to identity theft!!!! It is necessary to protect both internet use and your computer.Reference 2
Computer Security It is very important to have a good anti-virus program running that is up to date along witha firewall. I use AVG anti-virus and Zone Alarm firewall (both free) together with thespyware programs listed below. Anti-virus (one only, updated and running) – AVG (free)Firewall Windows XP – Zone AlarmMalware programs- Adaware- SpybotWindows Updates current References 3 - 6Types of security?
Browser security - Phishing? One threat is a “phish’ as described below. Fortunately both Firefox 2 andInternet Explorer 7 browsers provide protection. Phish – e-mail masquerading as legitimate to obtain user information – link toweb sitesBoth Firefox 2 and Internet Explorer 7 havebuilt-in protection References 7,8
Is a site secure – how to tell Secure websites use data encryption that is virtually uncrackable withindicators to show that the site is secure. On such sites confidentialinformation can be transmitted with confidence. References 9-11provide much more detail on the mechanics of this process.Secure sites encrypt data transmission- use SSL (Secure Sockets Layer)- all data is encrypted (strong!!) Look for 2 SSL indicators on Web page:-https in address bar and padlock Key to secure internet transactions- banking- online purchases- investing Reference 9, 10, 11
Secure site identifiershttp://Site not secure – no https or padlock
Secure site exampleIdentifier 1- httpsIdentifier 2- padlock- Padlock is shown at bottom of page also for FirefoxBoth identifiers present – buy with confidence
Secure Internet Explorer Site Both identifiers – secure for:- online purchases- financial transactions (eg banking, investments) Online banking – monitor activity, transfer funds,pay bills . Convenient access – better monitoring improvessecurity (banking and credit cards)
Wireless hot spot cautions Wireless hot spots – open networks – vulnerable Avoid for sensitive transactions If you use:- have an active firewall- disable file sharing- keep sensitive data off your laptop- make files private- monitor connections – restricted access better- secure sites onlyReferences 6b,6c
Online purchases Online purchasing security depends not only on using a secure site but also on thereputation of the company. However use of a credit card provides some additionalsecurity in that purchases can be disputed if there is an error. Moreover, virtualcredit cards offer additional security in that a “special” credit card is issued to aregular account holder with certain restrictions. As shown below these restrictionsprovide some additional security and are launched as shown on the next page forthe case of a Citicard account. Transactions on secure sites - reputable companiesCredit card reputation – fraud detection, dispute handlingUse virtual credit cards- issuer installs program to generate a number- linked to regular card – specific to 1 purchase ormerchant- limited lifetime - one use/one month Free service – many companies – Citi, Discover MBNA .download program Claim increased securityReference 12
Virtual Card Set-upStep 1- start program and log inVillagerBeautiful dayStep 3 – transfer info toonline orderStep 2 – generate #
Password Management The following table illustrates how important the choice of a strong password is.Existing password cracking times – average computerPassword Length3 characters4 characters5 characters6 characters7 characters8 characters9 characters10 characters11 characters12 characters13 charactersReference 13,1414 charactersAll CharactersOnly Lowercase0.86 seconds1.36 minutes2.15 hours8.51 days2.21 years2.10 centuries20 millennia1,899 millennia180,365 millennia17,184,705 millennia1,627,797,068 millennia154,640,721,434 millennia0.02 seconds.046 seconds11.9 seconds5.15 minutes2.23 hours2.42 days2.07 months4.48 years1.16 centuries3.03 millennia78.7 millennia2,046 millenniaPassword /password/checker.mspx
Password Storage Write them down – NOT!!See 11/30/07 talk on AutohotkeyPrograms - Roboform- Stored in encrypted form (passwordprotected)To store passwords record them as a rule rather than the password themselves.The rule serves as a memory device to regenerate the password as you enter it. Record in coded form Code by recording a memory device/ruleeg: tT1!qQ2@bB3#fF4 jJ5%oO6 rule: typing&number up/down 5 levelfrom: the quick brown fox jumped overI just picked the first letter of each word using both lower and upper case, addedthe number of the word from with the letter came (again lower and upper case).In this way I generated a 20 character password that appears hard to rememberbut can be easily recreated by looking at the rule which one can keep handy inwritten form as it appears to be nonsense to anyone else.
Password Management - Roboform Lots of alternates- Firefox stores passwords in protected fileBut I don’t like this as the level of security is not known to me and mightbe susceptible to hacking.- autohotkey Roboform- Very convenient way of storing passwordsin an encrypted file (10 passwords free, 30for 10)- Automatic login and password submission- Form fill-in .Reference 15
Roboform loginAfter installing Roboform, a toolbar appears when your browser is opened. As you go to a sitethat requires a password Roboform will ask you to open it with your master password thenstore the login and password. Each time you go to login you can select that site and afterentering the Roboform master password which is required only for the first time you open thebrowser, Roboform will open the site and log you in. For some sites that require a 2 step processit is more difficult, although the password will be stored.Roboform
Roboform loginIn the example below I selected the staples item from the Roboform login menu and Roboform automaticallyopened the Staples page and logged me in. Very convenient!! More involved with dual sign-in sites (banks)Very convenient, secure password management
Roboform login advancedAlternately, if you open a website from your browser bookmarks, a pop up Roboform window will appear asking youIf you want to fill in a password. Once you select a version (if more than 1 stored) Roboform will fill in and logYou in automatically.xxxxxxx Good for 2 step logins (eg banks)xxxxxxxx
Roboform form fill-inThe same thing can be done with addresses and even credit card information although I prefer toDo that myself each time.
Roboform to goRoboform also offers the option of storing your encrypted information on a flash drive for use whenTravelling.
To Do .Paranoia meter Why bother with securityInternet security PrerequisitesHow to tell if an internet site is secureOnline financial transactionsOnline purchases – virtual credit cardsPassword management – records/RoboformData security Storing data securely – True Crypt Use it and lose it – complete data removal Final thoughtsReferences #
Secure data storage Incidents of data theft – hardware theftData encryption – several easy optionsTrue Crypt – free download, easy to use & set upUsed by IRSSet up – set up an encrypted file- password protected- only read via password activation- access as another drive (My Computer)- file can be copied from drive to DVD- good manual has step by step guideReference 16
True Crypt file Set up an encrypted folder (step by step in manual)
Access file by mountingSelect filejust madeand mount
File shows up as another driveTrue Crypt folder
Secure data removal Important to completely erase sensitive documents Eraser – free Recycle bin – erase with options (DOD – 7x, up to 28x)Reference 17 Can also secure free diskspace
Final Thoughts Internet brings convenience butrequirements Online options for better personal security Security software Knowledge of secure sites Approaches to secure online transactions Secure data storage and removalInternet is a great resource if used correctly and securely
Resources/References1.(stealing information): http://en.wikipedia.org/wiki/Computer surveillance2.(packet sniffing): http://en.wikipedia.org/wiki/Packet sniffer3.(free AVG download): http://free.grisoft.com/doc/5390/us/frt/0?prd aff/4.(free zone alarm): ucts/znalm/freeDownload.jsp5.(free Adaware download): http://www.lavasoftusa.com/products/ad aware free.php6.(free spybot): tml7.(definitions): http://www.smartcomputing.com8.(firefox phishing demo): SL definition): http://en.wikipedia.org/wiki/Secure Sockets Layer10.(how it works): 1. (details of SSL process): http://en.wikipedia.org/wiki/Image:Ssl handshake with two way authentication with certificates.png12.(virtual credit cards): acking weak passwords): -weak-passwords/14.(password checker): d/checker.mspx15.(Roboform download): http://www.roboform.com/download.html16.(freeTrue Crypt download): http://www.truecrypt.org/downloads.php17.(free eraser download): http://www.heidi.ie/eraser
Paranoia meter Internet security Data security In this paper I will discuss why using the internet for transactions is useful besides being convenient. I will also show why being cognizant of internet security is important and what steps are necessary to protect your internet usage.
shipping date of the product will be used to determine the warranty period starting. WARRANTY TERM Any new A-iPOWER high pressure purchased for non-commercial use from an authorized A-iPOWER high pressure dealer in the continental North America will be warranted against defe
MIT 11.188/11.520 Web Service Notes 1 Internet GIS and Geospatial Web Services Introduction Section 1 -- What is Internet GIS? Section 2 -- Internet GIS: state of practice Section 3 -- Future development of Internet GIS Section 4 -- Function comparisons of current Internet GIS programs Section 5 -- Internet GIS applications Section 6 – I
repository.uinjkt.ac.id Internet Source eprints.uns.ac.id Internet Source digilib.uin-suka.ac.id Internet Source repositori.uin-alauddin.ac.id Internet Source dokumen.tips Internet Source repository.usu.ac.id Internet Source adit2211.blogspot.com Internet Source. 8 1% 9 1% 10 1% 11 1% 12 1% 13 1% 14 1% 15 1% 16 1% 17 1% 18 1% 19
repository.usu.ac.id Internet Source adietcandra.files.wordpress.com Internet Source prosiding.lppm.unesa.ac.id . Internet Source eprints.poltekkesjogja.ac.id Internet Source repository.iainpurwokerto.ac.id. 30 1 % 31 1% 32 1% 33 1% 34 1% 35 1% 36 1% 37 1% 38 1% Internet Source es.scribd.com Internet Source eprints.umm.ac.id Internet .
repository.iainpurwokerto.ac.id Internet Source mudaanggie.blogspot.com Internet Source ensiklopediteori.com Internet Source doctiktak.com Internet Source delfiandriestory.blogspot.com Internet Source delnismakailipessy.wordpress.com Internet Source unmas-library.ac.id Internet Source. 9 1% 10 1% 11 1% 12 1% 13 1% 14 1% 15 1% 16 1% 17 1%
CSCA0101 Computing Basics 22 The Internet Internet Applications An Internet application is an interactive, compiled application that can be accessed through a corporate or through the Internet. Internet applications can perform complex business processes on either the client or the server. The application uses the Internet protocol .
Software Training for Packaging Professionals CAPE PACK 2.11 Presented by: CAPE SYSTEMS, INC. CUSTOMER SERVICE 100 Allentown Parkway, Suite 218 Allen, TX 75002 888-387-0485 or 800-229-3434, ext 24 FAX 989-681-6260 help@capesystems.com www.capesystems.com
Designed by Cardiff Archaeological Illustration and Design Software: Adobe Creative Suite 6 Design Premium EXCAVATIONS AT CAERAU HILLFORT, CARDIFF, SOUTH WALES, 2014 National Primary Reference Number (NPRN) 94517 Cadw Scheduled Ancient Monument No. GM018. Contents 1. Introduction 1 2. Background 3 3. Previous Archaeological Work 7 4. Project Aims & Objectives 9 5. Excavation Methodology 13 6 .
