the technology partner for financial institutions end user best practices presented by:

The Technology Partner for Financial Institutions

End User Best Practices

Presented By:

The Technology Partner for Financial InstitutionsThe Technology Partner for Financial Institutions

Best Practices

• Layered security• Keep software up-to-date• Firewalls• Internet browsing• Email• Passwords• Social networks/social media


Layered Security


Keep Software Up-to-Date

• Windows Patch Management• Internet Explorer

IE 6.0 example• Antivirus/Anti-Malware


Patch Management

• Windows updates are constantly released Typically on Tuesdays Critical and security updates should always be

installed• Unless business reason not to

Larger offices and companies should consider a patch management solution like WSUS or HFNetChk• Smaller office might want to enable automatic updates

by following the screenshots below


Patch ManagementOpen Internet Explorer and click Tools-Windows Update to update computer


Accept Any License Terms


Restart machine when install finishes


Patch ManagementOnce machine is up-to-date, you should enable automatic update to keep it updated


Reboot

• For patch management to be completely successful reboots are most likely required

• Have users turn their computer off or restart at least weekly Green advantages to turning off nightly if this

doesn’t interfere with business needs


Malware

• Antivirus/Malware Both can cause production downtime Both can spread to other machines Both can be used to gather information to gain

access to nonpublic information creating financial loss or reputation issues


Antivirus Options

• avast! – Price range: $40.00-$60.00 - http://www.avast.com/index• AVG – Price range: $34.00-$44.00 - http://free.avg.com/us-en/226284?

cmpid=fs_hp_testa_226284• Kaspersky – Price range: $30.00-$60.00 - http://www.kaspersky.com/• McAfee – Price range: $40.00-$50.00 -

http://home.mcafee.com/Store/Store7.aspx?cid=60460• Microsoft Forefront -

http://www.microsoft.com/forefront/clientsecurity/en/us/default.aspx• Symantec – Price range: $24.00-$37.00 -

http://www.symantec.com/business/products/purchasing.jsp?pcid=pcat_security&pvid=endpt_prot_sbe_1

• Trend Micro – Price range: $27.00-$60.00 - http://buyonline.trendmicro.com/store/trendsb/en_US/home


Anti-Malware option

• Along with antivirus solutions consider a separate anti-malware solution. Even if your antivirus solution includes anti-malware you will often have better luck installing a separate program for malware. One of the best programs on the market today for malware is Malwarebytes.

• Malwarebytes – Price range: $25.00 onetime fee - http://www.malwarebytes.org/mbam.php


Key to Antivirus and Anti-Malware

Programs• You must keep both programs updated• Review update options in settings of each

program• Set to update at least daily• Schedule to scan a machine at least weekly

Even if it contains an “active scan” option


Firewalls

• Hardware firewall Preferred

• Software firewall Minimum level of security Free


Windows Firewall

• Windows Firewall included in Windows XP Service Pack 2 and later Blocks unsolicited Internet traffic to your

computer• Still should consider a hardware firewall

Windows Firewall should be enabled unless you are using a hardware firewall• If unsure, turn Windows firewall on

• Follow screenshots below for enabling Windows firewall


Enable Windows Firewall


Email Best Practices

• Never respond to unsolicited emails or instant messages requesting sensitive information

• Be wary of links or attachments in emails Even from people you know Hover mouse over links to see if link name matches

website address• Be cautions of emails with grammatical errors or

misspellings especially if they contain threats, prizes, or request personal information


Internet Browsing Best Practices

• Minimize personal web browsing on machines used for business or banking purposes (including online banking)

• Avoid clicking on links in pop-up windows• Look for “https” in URL bar when entering

sensitive information. A “closed” lock may appear in the URL bar also


Passwords

• Passwords are key to security success Weak or shared passwords open up vulnerabilities Grant access to computers and programs• Can not be shared, written down, sitting out


Poor Passwords

• Contain less than 8 characters• Word found in the dictionary• Names of pets, family, friends, characters• Birthdays or other personal dates• Phone numbers• Addresses• Any of the above spelled backwards or

preceded/followed by a digit


Good Passwords

• Contain upper and lower case character• Contain digits and punctuation characters• Have no personal information (family/pets/etc.)• Should change on regular basis (e.g. 60 days)• Not be a word, slang, or jargon


Other Considerations

• Do not use same password for personal and business applications

• When possible do not use the same password for multiple sites, applications, programs, etc.

• Do not share with secretary, family members, friends


Password Don’ts

• Don't reveal a password over the phone to ANYONE • Don't reveal a password in an email message • Don't reveal a password to the boss • Don't talk about a password in front of others • Don't hint at the format of a password (e.g. "my family

name") • Don't reveal a password on questionnaires or security forms • Don't share a password with family members • Don't reveal a password to co-workers while on vacation


Passphrases

• Consider using passphrases Good because contain several words with usually

a high number of characters, upper/lower case and punctuation.

• Sample Passphrase "TheTrafficOnThe101InTheMorningIsBad!" “I’mAlwaysLateToWork!”


Letter Substitution

• Another good option is letter substitutionL=1o=0 Or O=()S=5 Or S=$E=3a=@i=! Or I=1t=+


Letter Substitution

• JohnySmith = J()hny$m!+h

• Combine a passphrase with letter substitution for a really strong password

• ILoveMyBoss becomes !10v3MyB()$$ Which do you think is harder to break?


Password Safe

• Consider a password management program• Find one that encrypts passwords and is

trusted• One free program is Password Safe

http://passwordsafe.sourceforge.net/


Social Media

• Be careful what information you share• Check security settings under “Settings” or

“Options” menus to limit access to personal information


Other Resources

• http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html

http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html

http://www.ftc.gov/bcp/edu/multimedia/interactive/infosecurity/index.html


Questions

the technology partner for financial institutions end user best practices presented by:

Documents

technology partner

financial institutions

security slide

ushome slide

financial loss

business needs slide

malwarebytes price range

patch management solution