Information Security News Alert December 2015
Be a Human Firewall! The Human Firewall'’s Top Concerns in the Cyber, People & Physical Domains
+GAMES
Spot the insider & Human firewall Filtering EXerCISE
QUESTIONS? PLEASE CONTACT: Dawn Thistle 508-767-7095 dthistle@assumption.edu
Bob Lavner 508-767-7006 blavner@assumption.edu
DISCLAIMER: The advice within was collected and created by the Security Awareness Company and is intended to be used as general safe practices. You should always follow College policy.
WHAT IS A HUMAN FIREWALL?
A human firewall uses street smarts, common sense and situational security awareness to do the same things physical and digital firewalls do—keep good things in and bad things out. YOU act as a bidirectional control agent for what comes into and goes out of both the company networks and your personal home networks. YOU help keep company data confidential and secure. YOU help protect against internal and external threats. YOU know what to do in the case of a potential security incident. You, the human firewall, have many responsibilities. You know that threats are everywhere and you must be alert at all times. You also know that threats to our security are constantly changing. We must all maintain constant vigilance and stay aware of the latest tricks that criminals and others use to harm us, our networks, our clients or our reputation. You don’t need to be a technical expert to be security aware, you just need to know how and when to call one. Being a strong human firewall is all about using common sense, making good decisions and asking for clarification whenever you are in doubt!
There are two types of firewalls: HARDWARE and SOFTWARE. Both types of firewalls work the same way. SOFTWARE FIREWALLS are programs that can be installed on computers, devices or servers. Software firewalls are the best option for most home computers and networks. A good security practice is to install firewall software on every computer or device, even if it is protected by a hardware firewall.
BUT HOW DO FIREWALLS WORK? A firewall for your computer or network is just like a firewall in a building—a wall that keeps a potential fire from spreading to other areas. In a computer or network, it prevents destructive, hostile or malformed packets, data and programs from crossing and potentially spreading beyond the cyberbarrier. Firewalls also allow companies to control how their networks are being used.
INTERNET Data packets from a network attempt to pass through a firewall.
HARDWARE FIREWALLS are special network boxes that can hide a company’s network from the outside world. It is becoming more popular to isolate resources using intranet, or next generation firewalls, too. This type of firewall is used by small or large enterprises and is managed either internally or by a third party security service. However, many routers for the home also contain some type of simple firewall hardware.
SOFTWARE FIREWALL
...DATA Data packets are analyzed then compared to a set of criteria or filters.
HARDWARE FIREWALL
FireStopper 4000
If the data is deemed acceptable, it is allowed to continue on to its destination.
...DATA The data is compared to another set of criteria when it reaches the software firewall. Only data that meets the criteria is allowed to pass.
...DATA If the data or programs are deemed to be potentially hostile or damaging, they are discarded.
Human firewalls function the same way—you filter out the bad and only let in the approved.
THE HUMAN FIREWALL’S TOP SECURITY CONCERNS IN THE CYBER DOMAIN PHISHING: In addition to conventional
widespread phishing, the human firewall knows about two specific kinds of targeted attacks. Whale phishing attacks target high profile individuals within organizations. Spear phishing attacks target specific organizations and all of the people who work there.
MALWARE: Malware isn’t just viruses,
and it’s not just something you can get on your desktop PC. Mobile malware has exploded; in the first quarter of 2015, Kaspersky Lab saw 3.3 times as many new mobile malware than it did in the final quarter of 2014. Check out the link below for a cool infographic about the history of malware.
WEBMAIL: Are you clear about work
webmail policies and what you are permitted to send out from company networks? If not, ask.
SOCIAL NETWORKING: On
social networking sites and forums, be exceedingly careful what you say about any aspect of your professional life. PASSWORDS: How confident are you
that your passwords are strong and unhackable? Do you use a password manager at home? When was the last time you updated your passwords? Do each of your online accounts have a unique login?
http://blog.thesecurityawarenesscompany.com/its-an-epidemic/
DATA CLASSIFICATION: How do you classify data at home? Do you know your data classification responsibilities at work? Do your family members know what data is acceptable to post in public? SECURITY SOFTWARE & CONTROLS:
At work, never, ever attempt to bypass any security controls or change any software on your devices. At home, make sure you use anti-virus and antimalware software and keep it updated! POLICY: It is imperative to know and always follow policy at work regarding email, social media, passwords, data classification and software installation. If you are ever unsure about anything, be sure to ask ASAP!
THE HUMAN FIREWALL’S GUIDE TO DATA CLASSIFICATION
BORDER CONTROL & FIREWALLS
Whether at work or at home, there are essentially two types of data: at the highest level, data that can be made public and data that requires secrecy and privacy. The key to being a great human firewall is knowing which
One way to understand firewalls is to look at the border controls between countries. Border controls are designed to monitor, inspect and limit what you are removing from the country—such as antiquities and cash—and operate in two directions. Countries want to know who is coming in or out, what they are carrying with them and what their intentions are. Often, border control agents have lists of items and people that are not allowed to leave or enter. Their job is to monitor for these items or individuals and prevent them from passing through the borders. It’s the same with computer and network-based firewalls. The firewall acts like a border control agent. It checks the data wanting to enter a network for proper credentials, it scans items for potential contraband and then either detains the data or lets it pass through to its destination. Like border control agencies, firewalls can prevent data from leaving a network as well.
category data falls into, and where and how to store it. Common sense is the best approach to determining what you should do with each piece of data. Should I post my SSN on Facebook? Common sense would say no. To be a human firewall at home, you can make your own “Data Classification Policies.” You get to determine what data you keep private, and what data you make public. You decide where and how to store and backup your data. You should note that some data is automatically public. Do a public search online to see what data you can find about yourself. At work you should always follow company policy. If you see misplaced data, be it physical or digital, report it. If you don’t know where to store or what to do with specific data, ASK! You, the human firewall, have control of the data you put out into the world.
The Human Firewall’s TOP SECURITY CONCERNS
in the People Domain
Human Error
Think Before You Click
According to researchers, human error and failure to follow policy are the two most common causes of data loss, accounting for roughly three quarters of all security incidents.
This might sound like something that belongs in the cyber domain but who’s doing the clicking? You are! You are your organization’s greatest defense against phishing scams, malware, advanced persistent threats and criminal hackers.
The Insider Threat We must be aware that all insiders pose a potential threat: unintentional errors or omissions as well as intentional hostile acts can all cause the same amount of damage to an organization. Malicious insiders can be motivated by anger, revenge, monetary gain, etc.
Social Engineering Remember, social engineering comes in many forms and a social engineer can look like anyone. We must all be alert to scams and con artists trying to get us to reveal sensitive information or give them access to restricted areas. Read more in this article: http://tinyurl.com/ov4qf6f.
Common Sense Always remember to think like a human firewall - because you are responsible for any action taken with your user ID. We call it situational awareness or street smarts.
SPOT THE INSIDER Here are four different people who work for an unnamed tech organization. Read each of their comments and determine who you think could be an inside threat to the organization.
GABRIELLA Hey, what’s the passcode to the supply closet ? I need to get another box of file folders.
KADEN Check out this 64 GB thumb drive I found ! Let’s go to my office and see what’s on it !
Policy
CLAUDIA
Stay up to date on policy at work so you know what to do if you suspect someone isn’t who they say they are.
I can’t believe Shelly beat me out for that promotion! I’ve been here way longer than she has.
Read More Here 5 TRAITS OF A SECURITY AWARE EMPLOYEE http://tinyurl.com/q79yakg
RAYMOND Phew, so glad Rachel let me walk in the side door with her ! I didn’t want to have to drive all the way home for my badge. Answers on next page >>>
THE HUMAN FIREWALL’S
TOP SECURITY CONCERNS IN THE PHYSICAL DOMAIN POLICY Always be sure to follow policy, even if it seems like extra work. Policies are in place to protect data and the networks, and it is your job to respect and follow that policy no matter what.
WAYFIN D CORPO ER RAT
BADGES D o yo u k no organiza w your tion’s badge p olicy?
DISASTERS At home, make sure your family has a disaster recovery plan. What would happen if your house got flooded or robbed? Are all of your important family documents backed up somewhere? At work, ask about disaster recovery and make sure you know what the backup plans are!
CLEAN DESK
Keep your work area neat, especially when handling data of different sensitivities.
SHRED At home, be sure to shred documents containing personal info before disposing. At work, ask about company shredding policy.
USB STICKS Never stick an unknown USB stick or external drive into your machine. These devices can be infected with malware set to auto-run.
HARD COPIES Always check and double check that you have not left any documents in public areas, printers, copy or fax machines or conference rooms.
TMI LOCK SCREEN Don’t talk loudly Be sure to not only in public when set a lock screen discussing with a passphrase or sensitive or PIN on your mobile confidential device, but to also information. lock your workstation Always be aware every time you leave of who can be your desk! listening.
Human Firewall Filtering Exercise Sometimes the decisions human firewalls must make are easy, like deleting an obvious phishing email or always following policy. But sometimes the decisions are more complex, like, “Should I question that unfamiliar person entering the building without a badge?” or “Who do I give this unmarked USB drive to?” Remember, when you are in doubt, always ask an admin or manager. A good human firewall recognizes potential security incidents and always reports them to the proper individuals. Take a look at the “wall” to the right and decide: Should these things be filtered in or out?
A. Email from the boss.
B. Email from the IRS claiming you owe $7,500 in back taxes.
C. Email from boss with misspellings and weird links.
D. Colleague wearing a badge.
E. Someone talking loudly on cell phone about company information. F. A mobile phone with a PIN code lock screen.
G. Delivery man without identification.
H. A zip file labeled zwd459h24.zip sent to you by a name that sounds vaguely familiar. I. Email from a colleague with a zip file labeled PresentationForMeeting.zip. J. Unmarked USB you found in the break room. L. Colleague who regularly ignores policy.
K. This password: i@m$3cure@w0rk! M. This password: admin123.
N. A friend request from someone you met at a conference.
O. A shredder.
P. A piece of paper on your colleague’s desk with all of his passwords. Q. A friend request from someone in another country whose name you don’t know.
SPOT THE INSIDER: Trick question! ALL of these people could be threats to the organization. Whether it’s tailgating, unknown USBs, asking for restricted access or an insider gone bad, we must always be on the look out for potential threats in the human domain! HUMAN FIREWALL FILTERING EXERCISE: Filter In - A, D, F, I, K, N, O. Filter Out - B, C, E, G, H, J, L, M, P, Q.