information systems security for the special educator mgmt 636 – information systems security
TRANSCRIPT
![Page 1: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/1.jpg)
Information Systems Security for the Special Educator
MGMT 636 – Information Systems Security
![Page 2: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/2.jpg)
Overview
• Awareness of information systems security in work and at home.
• Basic understanding of security techniques that can be implemented in both the work environment and at home.
![Page 3: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/3.jpg)
Legal Environment
• FERPA– Family Educational Rights and Privacy Act
L.S. v. Mount Olive Board of Education (New Jersey)
– 11th grade English class studying The Catcher in the Rye.• An assignment required students to create a psychological
profile of the main character.• The teacher obtained a real psychological profile from the
school’s psychologist to use as an example.• Even though the profile was redacted, a student deduced
that the profile was his friend’s psychological profile.
![Page 4: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/4.jpg)
Legal Environment
• FERPA– L.S. v. Mount Olive Board of Education (New
Jersey)
• The court ruled that the teacher and the school’s psychologist could be personally sued under 42 U.S.C. § 1983: Civil action for deprivation of rights.
• Extreme case due to negligence.
![Page 5: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/5.jpg)
Work Computing Environment
• District and school policies concerning information systems security.– Know your data.
• Schools provide protection infrastructure.– Firewalls to protect networked computers.
• School assumes risk in case of a security breach, unless negligence is found.
![Page 6: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/6.jpg)
Protecting Your Computer
• Password protect your computer.• Lock computer when away.• Use username and password to login.
– Do not share password or accounts.– Do not allow others use your computer while
you are logged in.• Someone could e-mail parents, students, your
boss.
![Page 7: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/7.jpg)
Protect Your Files
• MS Office: 2010 offers AES 128-bit advanced encryption.
• iWork offers encryption.• File encryption software.
– Third party software.• Requires being able to add
software to computer.
![Page 8: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/8.jpg)
Encryption
• Benefits– “Scrambles data” making
it unusable in it’s encrypted
state.
• Downfalls– Forgotten password.– Business continuity.
![Page 9: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/9.jpg)
Password Construction
• In order to understand solid password creation, it is important to understand the three basic techniques to “crack” a password.
![Page 10: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/10.jpg)
Three Basic File Hacking Techniques
• Shoulder surfing and social engineering.• Brute force attack.
– A properly designed password can make this technique take a million years to crack.
• Dictionary attack.– Avoid common words and combinations.– Avoid common password security techniques.
• i=!, i=1, a=@, and etcetera.
![Page 11: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/11.jpg)
Password Construction
• The longer the better.• What is a bit and what does it mean?• Using a passphrase.
“and she's climbing the stairway to heaven”
![Page 12: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/12.jpg)
Password Construction
The Next Level• Multi-Factor Authentication
– Goes beyond username and password.• Requires additional information that only the user
would know (knowledge factor).
• Increases security. Used by banks and credit reporting agencies.
– Questions such as “Name of your first pet” or “Name of company that holds your home mortgage”.
![Page 13: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/13.jpg)
Taking Work Home• Risk transference.
– You are now responsible for data security.• Does this violate security policies?• Transportation of data.
– Flash Drive• SanDisk Cruzer offers software to encrypt the
entire flash drive (SanDisk Secure Access).
– E-Mail: Not highly secure on its own.– Laptop: Whole device could be stolen.
![Page 14: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/14.jpg)
Home Networking Security
The firewall is the first line of defense.• Decent router with firewall.• Wi-Fi with good encryption protocols and a
strong password.
![Page 15: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/15.jpg)
Personal Devices
Risks• Text messaging.• E-mail.• Loss of device or laptop.
– Password protect entire device.– Google’s pattern lock.
![Page 16: Information Systems Security for the Special Educator MGMT 636 – Information Systems Security](https://reader035.vdocuments.net/reader035/viewer/2022062423/56649e035503460f94aef19b/html5/thumbnails/16.jpg)
Questions?
Questions?