Security Awareness Training
Security Awareness Training
Security Awareness Training
Current Threats
The following slides include a few examples of the kinds of threats
you may encounter with suggestions on how you can protect
yourself, your data, your organization and DARS systems from
harm.
Basic Concept
You Control What You Choose to Click
Most end user threats are targeted specifically in hopes that you
will click on a harmful link, attachment, picture, video or icon in an
email or web page, including social media applications
Stop: Do not click. Do not assume that links in your email are automatically safe.
Think: If you cannot identify the source and attachments as legitimate or be sure
the links are safe by looking at the actual web address, you can logically conclude
that you should beware.
Click: Only after you are completely confident that the action is safe.
Protect all of your email accounts. Report all
incidents and suspicious activity to security.
DARS Cyber Security Awareness: Internet Threats
Browsing Can Hazardous To Your PC
The Internet is a significant resource for business and government services.
However, some of the same issues as with email can create security issues that you
need to be aware of.
The Common Threat: On the web, the threats come from malicious links. Most of the
threats come when you click on a link that launches a malicious program or re-directs
you to a dangerous site.
Result: If you click, you may launch harmful programs or be directed to a harmful
web site. You may then find your personal, client, or sensitive business information
compromised and you may subject your PC and network to malicious software.
Stop: Do not automatically click on Internet links until you have confidence in
them. This includes pictures, videos, and navigational elements.
Think: Look at the actual address for the links in question. For instance if the link
indicates “Click Here” be sure to hover your mouse pointer over the link and
investigate the actual web address before you proceed.
Click: Only after you are completely confident that the web site is safe.
Report all suspicious web sites to security
DARS Cyber Security Awareness: Internet Threats
Social Media Can Be Suspect
While usually relatively safe, the rapid increase in social networking and collaborative
sites has offered new opportunities for hackers, thieves and others. You should use
common sense and be cautious when visiting these sites.
The Common Threat: Similar to email threats, postings on FaceBook, LinkedIN,
YouTube, and others may appear to take you to interesting content, funny videos, or
connect you to other users and organizational sites of common interest.
Result: In reality you may be clicking on links that launch malware or take you to
sites other than the ones you expected, and exposing your personal information.
Stop: Do not assume social networking sites are safe. Do not click on links until
you are sure they are legitimate. This includes pictures, videos, invitations to games
and applications, and navigational elements.
Think: Look at the actual web addresses for the links in question. Investigate all
links and linkable items by hovering your mouse over them. Look at the actual web
address before you proceed. Be careful of postings and sites that ask to share your
personal information
Click: Only after you are completely confident that the web site is safe.
Report all suspicious social media activity
DARS Cyber Security Awareness: Telework Threats
For Mobile Workers: Be Careful With Your Connections
The ability to work away from the office is beneficial and flexible, mobile workers need
take special care of the inherent threats to COV systems when connected to public
access points. Special care should taken when working in these environments.
Wireless Networks: Assume when you connect to a public wireless access point that it
is inherently not secure. Other individuals can potentially “see” your activity. When
connecting to a sensitive COV system, this could expose your sensitive data.
Virtual Private Network: VPN allows you to launch a secure Internet connection so
that even with a public access point, you are able to work connected to your home
network, applications and databases with a greater level of security.
Device Encryption: Always make sure your Laptop, Tablet or other mobile device is
protected from someone else logging on. Device encryption should be installed on all
mobile devices that connect to COV systems.
Click: Only proceed if you are confident in the connection and are using VPN.
Keep Your Mobile Computing Safe!
DARS Cyber Security Awareness: The Pledge
Stop, and Think (consider appropriateness and risk) before I Connect to the
Internet.
Take personal responsibility for security, follow my organization’s security
policies, and adhere to sound security practices.
Lock my computer whenever I leave my work area.
Safeguard portable computing equipment when I am in public places.
Create and use strong passwords, and never share my password(s) with
anyone.
Never leave a written password (sticky note, etc.) near my computer, or
easily accessible.
Promptly report all security incidents or concerns to my organization’s
security officer or other appropriate contact.
Safeguard “sensitive data” as well as confidential and/or legally protected
(Personally Identifiable Information and Protected Health Information) data
from any inappropriate disclosure.
Work to the best of my ability to keep my organization’s staff, property and
information safe and secure.
Spread the message to my friends, co-workers and community about
staying safe online.
DARS Cyber Security Awareness: