online security webinar 4_9
TRANSCRIPT
![Page 1: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/1.jpg)
I Agreed to What?
Online User Agreements, Social Media, and Your Data Privacy
Philip Alexander CISSP-ISSMP, CEH, CHFIFounder - Data Privacy Network
![Page 2: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/2.jpg)
Agenda
I Agreed to What?!?!?! Social Networking End-user License Agreement (EULA) Secure Your Internet Site Outsourcing Site Access Gmail Protecting Sensitive Data Online Data Storage Hack Proof (Myth or Reality) Questions
![Page 3: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/3.jpg)
I Agreed to What!
How Many People Actually Read End-User License Agreements (EULAs)
Game Station - April 2010 EULA contained ‘Immortal Soul Clause’
![Page 4: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/4.jpg)
Social Networking
Social Networking Sites - An effective networking tool if used correctly
Don’t post sensitive data online
Companies need to classify their data by sensitivity Regulated data
HIPAA – health data SSN Name + DOB Financial information (credit/debit card #s, checking/saving account #s)
Sensitive Data: customer contact list strategic business plan secret sauce
![Page 5: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/5.jpg)
End-user License Agreement (EULA)
Have a EULA (privacy policy) that protects your rights, but is also respectful of your customer.
Facebook Right to Use Your Content (Photos – Videos – Intellectual Property)
Without your knowledge or consent Royalty free
Instagram Right to Use photos that you post
Without your knowledge or consent Royalty free
LinkedIn Will not; sell, rent, or otherwise provide personally identifiable
information to third parties without your consent.
![Page 6: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/6.jpg)
Secure Your Internet Site
Use HTTPS (SSL) for customer logins
Username/Password Account lock-out for failed login attempts Password complexity Clearing account name after failed login attempts
Send unlock code to customer email or cell # This protects customers from account take-over
ID Theft Financial Fraud, Cyber-stalking
![Page 7: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/7.jpg)
Outsourcing Site Access
![Page 8: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/8.jpg)
Gmail
Gmail Your email, and those of your customers are scanned for
marketing purposes
Have your own email domain @DataPrivacyNetwork.com
Use an Internet-based email domain that respects your privacy
Outlook.com
**Don’t Get
![Page 9: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/9.jpg)
Online Document Storage
A cost effective way to store documents There are security implications
Use online storage for non-sensitive documents only Public marketing brochures FAQs Manual (some assembly required)
![Page 10: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/10.jpg)
Hack Proof (Myth or Reality)
Balance between functionality and security
When the computer hard drive is spinning
One-time use passwords
![Page 11: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/11.jpg)
Questions
![Page 12: Online security webinar 4_9](https://reader033.vdocuments.mx/reader033/viewer/2022051414/55c1e2c5bb61eb51408b462a/html5/thumbnails/12.jpg)
Philip Alexander CISSP – ISSMP, CEH – CHFIFounder – Data Privacy Network
[email protected]://www.dataprivacynetwork.comhttps://twitter.com/DataPrivacyNtwk