Security Issues and Desktop Computers in a Corporate Environment

Target Audience: Non-technical computer users in a corporate or small business environment. The basic outline here can be custom-modified for your organization.

Benefits:

The biggest benefit that is expressed in this seminar is helping users develop a mentality for protecting their system information, showing how easy it is the security system on the computer to be breached, often by the user with the unscrupulous person initiating the attack using social engineering. The user most often opens the door. This seminar describes this strategy and also basic concepts of protection.

Learn how to protect your company, yourself, and your computers from viruses, worms, Trojans, spyware, and malware.
Learn the basic definitions of the various types of malware and how they differ or are similar.
Learn why the user is the weak link in most security systems and how unscrupulous people are using social engineering to get you to defeat your own security system.
Hear a few scare stories on how companies have lost millions through various types of malware.
Learn how to detect a phish – an attempt on stealing you identity – and how to respond to a phish attempt.
Learn how to discover the sending host of a spam or phish and detect the source of the email.

Presenter: Carl Townsend.

Carl has written over 30 computer books, with most of these targeted to the users of application programs, such as Excel and Access. He has a gift of taking technical concepts and translating these to a language that a non-technical person can understand. He has led presentations internationally – Brazil, Singapore, India, and England. Here is your chance to bring him to your organization!

Table of Contents

Introduction

Basic Definitions: Virus, Worm, Trojan, Spam, Malware

A Few War Stories

Who is Vulnerable to Security Attacks?

Stopping the Virus Security Breach

Expanded Definition: The Three Defining Qualities of the Virus

Examples Viruses and What They Do: Chernobyl, Michelangelo, Jerusalem

How an Anti-Virus Program Works

How they Propagate - Propagation Strategies

How the Virus Infects

Another Goal: Viruses Avoid Detection

How a Virus is Written

The History of the Virus

The Future of the Virus

Protection from Viruses

Virus Hoaxes

Breaking Security With Worms and Trojans

Extended Definition

How the Worm Differs from a Virus

What the Worm Does

Delete files

Slows down network

Strategic Damage

Examples: Morris, Sobig, MyDoom

How the Trojan Works

The Crediential Stealing Trojan: Stealing Your Keystrokes

Bogus SSL Trojans: Serving Up Fake Web Pages of Real Financial Sites

Transaction-based SSL-Evading Trojans: Most Dangerous and Sophisticated

Example: Win32.Grams E-gold

Introduction to Spyware

What is Spyware? How does it differ from viruses and worms?

Who Has It? (11/04 80% of Surveyed Users had some kind of Spyware)

Uses of Spyware

Adware – Any software that displays ad, with or without user’s consent.

Examples: Sony’s XCP, Alexa Toolbar

Legality of Spyware (EULA)

Anti-Spyware tools

Requires frequent updates

Two types: real-time protection and detection & removal

Do Anti-Virus products support Anti-Spyware?

PC Tools Spyware Doctor, Others

Google as Spyware?

Popular Trick: Explorer queries on a download. A Popup can query

would you like to optimize your system?) Clicking “yes” or “no”

starts a spyware download and installs spyware. (This is social

engineering.)

Spyware can disable firewalls and anti-virus software

Fake Anti-spyware Programs Can Actually Install Spyware: Spyware Stormer,

AntiVirus Gold, Spy Trooper, more

Dealing with Spam Malware

Reading the Email Header

Finding Host Information from the Header

Creating Your Own Black List

Protecting Blogs from Spam

Protecting Wireless Networks

The Problem

The Solution

Rename SSID and Turn off Broadcasting the SSID

Use WAP or WAP2 Encryption

The War on the Hosts

Denial of Service Attacks

The Use of Botnets

Protection from Malware Damage

What is Needed: AntiVirus, Firewall(s), Anti-Spyware

Why do People Write Malware?

Overview of AntiVirus Software

Firewalls

Hardware Firewalls

Software Firewalls

Overview of Anti-Spyware Products

Use Partitioning Strategies

Develop Good Backup Strategies

Use Encryption with Wirelss Networks, rename SSID and turn off broadcasing the SSID

It Helps to Avoid Internet Explorer, Microsoft Outlook

Don’t Open Attachments from Unknown Sources

Use a Virtual Machine if Necessary

Use a Host with Blocking Software

Avoid shareware and freeware, which often carries spyware

The Bigger Identity Theft Problem: Social Engineering

Recovery from Malware Damage

First Level - Repairing

Second Level – Reformatting and Rebuilding

A Quick Look at Vista

Developing a Malware Warfare Mentality

Conclusions

Contact Us Today to Get a Seminar Going for and at Your Business Site!