TECHNOLOGY
GUIDE 5:
Protecting Your
Information Assets
1
PROTECTING YOUR INFORMATION
ASSETS
TG 5.1
TG 5.2
TG 5.3
Introduction
Behavioural Actions to Protect Your
Information Assets
Computer-Based Actions to Protect
Your Information Assets
Copyright John Wiley & Sons Canada
2
LEARNING OBJECTIVES
1. Explain why it is critical that you protect your
information assets.
2. Identify the various behavioural actions you can take to
protect your information assets.
3. Identify the various computer-based actions you can
take to protect your information assets.
Copyright John Wiley & Sons Canada
3
TG 5.1 INTRODUCTION
•
There are a number of behavioural actions that you
should take to protect your information assets:
– General behavioural actions
– Computer-based actions
Copyright John Wiley & Sons Canada
4
TG 5.2 BEHAVIOURAL ACTIONS TO
PROTECT YOUR INFORMATION
ASSETS
•
Take action to protect information assets such as:
–
–
–
–
–
–
–
Personal Information
Social Insurance Number
Credit Cards
Debit Cards
Financial Accounts
Personal Mailbox
Dealing with old records
Copyright John Wiley & Sons Canada
5
WHAT TO DO IN THE EVENT OF
IDENTITY THEFT
•
•
•
•
If your social insurance number has been compromised,
contact Service Canada; in the event of passport theft,
you would contact your local passport office.
If you believe your mail is being diverted, contact your
local Canada Post office.
Cancel all affected credit cards and obtain new credit
card numbers.
Consult a lawyer for the type of paperwork that may be
required to deal with disputes with financial institutions
or credit-granting organizations.
Copyright John Wiley & Sons Canada
6
WHAT TO DO IN THE EVENT OF
IDENTITY THEFT (CONTINUED)
•
•
•
•
Organize your paperwork, including the names,
addresses, and phone numbers of everyone you
contact about this crime.
File a detailed police report. Send copies of the report to
creditors and other agencies or organizations that may
require proof of the crime.
Get the name and phone number of your police
investigator, and give it to your creditors.
In all communications about the crime, use certified,
return-receipt mail.
Copyright John Wiley & Sons Canada
7
WHAT TO DO IN THE EVENT OF
IDENTITY THEFT (CONTINUED)
•
•
•
•
Get your unique case number from each credit agency,
and ask each agency to send your credit report.
Tell each agency to issue a fraud alert.
Get the document that you need to file a long-term fraud
alert, which lasts for seven years and can be cancelled
at any time.
Ask the credit agencies for the names and phone
numbers of lenders with whom recent accounts have
been opened in the affected time frame, so you can
identify fraudulent accounts that have been opened.
Copyright John Wiley & Sons Canada
8
WHAT TO DO IN THE EVENT OF
IDENTITY THEFT (CONTINUED)
•
•
•
•
•
Point out all entries generated due to fraud to each
agency. Ask each agency to remove the specified
fraudulent entries.
Tell each agency to notify anyone who received your
report in the last six months (or the affected time frame)
that you are disputing the information.
You may be able to order a “credit freeze” with the two
major credit agencies.
Be alert for change-of-address forms in your mail.
If debt collectors demand payment of fraudulent
accounts, write down the name of the company as well
as the collector’s name, address, and phone number.
Copyright John Wiley & Sons Canada
9
TG 5.3 COMPUTER-BASED ACTIONS
TO PROTECT YOUR INFORMATION
ASSETS
•
•
•
•
•
•
Determine what sites users of your computer have
visited on the Internet
Access social networking sites safely
Detect malicious software
Protect your system when computing wirelessly.
Recover from a disaster
Protect your privacy when using the Internet and e-mail
Copyright John Wiley & Sons Canada
10
DETERMINING WHERE PEOPLE HAVE
VISITED ON THE INTERNET USING
YOUR COMPUTER
•
•
Identify the Internet sites that anyone who uses your
computer has visited. To do this, check the browser
history.
You will not be able to check the browser history of
someone who uses private browsing on your computer.
Copyright John Wiley & Sons Canada
11
THE DANGERS OF SOCIAL
NETWORKING SITES
•
•
•
•
Well-known social networking sites include Facebook,
Twitter, LinkedIn, YouTube, MySpace, and Flickr.
Never post personal information about yourself or your
family in chat rooms or on social networking sites. In
fact, you should
Potential employers are now searching social
networking websites for information about you.
Social networking websites have privacy features that
give users more control over their information.
Copyright John Wiley & Sons Canada
12
DETERMINING WHETHER YOUR
COMPUTER IS INFECTED
•
There are several signs to look for if you think your
computer system is infected with malicious software or
malware:
–
–
–
–
–
–
–
–
–
–
Shuts down unexpectedly
refuses to start normally
exhibits erratic behaviour
system unexpectedly runs out of memory
system continually runs out of main memory (RAM)
system displays an unusually high number of error messages
programs take longer to load than normal, or run very slowly
programs act erratically
monitor displays strange graphics or messages
e-mail program sends messages to all your contacts
Copyright John Wiley & Sons Canada
13
COMPUTER ACTIONS TO
PREVENT MALWARE INFECTIONS
•
•
•
•
Never open unrequested e-mail attachments, even if
the message is from someone you know and trust.
Never open attachments or web links in e-mails from
people you do not know.
Never accept files transferred to you during Internet
chat or instant messaging sessions.
Never download any files or software from websites that
you do not know or files or software that you have not
requested.
Copyright John Wiley & Sons Canada
14
TEST YOUR SYSTEM
•
It is a good idea to test your system. Several websites
provide security tests:
–
–
–
–
•
ShieldsUP!
Norton Security Scan
McAfee My SecurityStatus
AuditMyPC
Click on the links above to read about the variety of
services available to test your computer system.
Copyright John Wiley & Sons Canada
15
TEST YOUR SYSTEM
(CONTINUED)
•
Install the following to protect your computer:
–
–
–
–
–
–
–
–
•
security suite
anti-malware product
firewall
antispyware product
monitoring software
content-filtering software
anti-spam software
proactive intrusion detection and prevention software
Click on the links above to read about the variety of
products available to test your computer system.
Copyright John Wiley & Sons Canada
16
TEST YOUR SYSTEM
(CONTINUED)
•
To protect your computer:
– manage patches
– use a browser other than Internet Explorer
– use an Operating System other than Windows
Copyright John Wiley & Sons Canada
17
PROTECTING YOUR PORTABLE
DEVICES AND INFORMATION
•
There are two common-sense precautions that many
people forget:
– Keep your laptop in an inconspicuous container. Laptop cases
with your company logo simply draw the attention of thieves.
– Do not leave your laptop unattended in plain view; for example,
in the back seat of your car where it can be seen. Instead, lock it
in the trunk.
Copyright John Wiley & Sons Canada
18
STRATEGIES TO PREVENT THEFT
OF PORTABLE DEVICES
•
•
•
•
•
•
Use alarms
Two-factor authentication
Data encryption
Encrypt your entire hard drive, including your
applications
Use laptop-tracing tools or device reset/remote kill tools
Click on the links above to read about the variety of
products available to help prevent theft of portable
devices.
Copyright John Wiley & Sons Canada
19
Protect your Computer and
Wireless Area Network
•
•
•
•
•
•
•
•
•
•
Prepare for personal disasters
Secure a home based wireless area network
Hide your service set identifier (SSID)
Use encryption
Filter out media access control (MAC) addresses
Limit Internet Protocol (IP) addresses
Sniff out intruders
Take precautions when using a public hotspot
Test your wireless network
Use wireless security software
Copyright John Wiley & Sons Canada
20
USING A PUBLIC HOTSPOT
•
Precautions to take when using a public hotspot:
– Use virtual private networking (VPN) technology to connect to
your organization’s network.
– Use Remote Desktop to connect to a computer that is running at
your home.
– Configure your firewall to be “on with no exceptions.”
– Visit only websites that use secure sockets layer (SSL) to
conduct any financial or personal transactions.
Copyright John Wiley & Sons Canada
21
CHAPTER CLOSING
1. It is critical that you protect your information assets
2. There are several behavioural actions you can take to
protect your information assets such using credit cards
with your picture on them, paying close attention to
your credit card billing cycles, limiting your use of debit
cards, etc.
3. There are many computer-based actions you can take
to protect your information assets such as testing your
system, running free malware scans on your computer,
having an anti-malware product on your computer and
have it set for automatic updates, etc.
Copyright John Wiley & Sons Canada
22
Copyright
Copyright © 2014 John Wiley & Sons Canada, Ltd. All rights
reserved. Reproduction or translation of this work beyond
that permitted by Access Copyright (the Canadian copyright
licensing agency) is unlawful. Requests for further
information should be addressed to the Permissions
Department, John Wiley & Sons Canada, Ltd. The purchaser
may make back-up copies for his or her own use only and
not for distribution or resale. The author and the publisher
assume no responsibility for errors, omissions, or damages
caused by the use of these files or programs or from the use
of the information contained herein.