Looking to better secure your personal network or work network? This webinar highlights some of the best recommended apps to help secure you and your family as they navigate the digital waters of the internet. We will touch on some basic at-home (and at work) security tips and best practices in addition to paid and free software alternatives to mitigate risks and keep your computer, data, and privacy safe. 

1. Must Have Apps for Security
Brian Pichman

2. Protecting Yourself
You
threats
Data

3. Description
• Looking to better secure your personal network or work network?
This webinar highlights some of the best recommended apps to help
secure you and your family as they navigate the digital waters of the
internet. We will touch on some basic at-home (and at work) security
tips and best practices in addition to paid and free software
alternatives to mitigate risks and keep your computer, data, and
privacy safe.

4. Agenda
• Apps For Security
• Protecting Yourself
• General Best Practices

5. At Home Security

6. ESET Products
https://www.eset.com/us/home-store/

7. Sophos Home
https://home.sophos.com/en-us/free-anti-virus-windows.aspx

8. Proactive Scanning
• Malwarebytes (Free): https://www.malwarebytes.com/

9. Proactive Cleaning
• CCleaner (https://www.ccleaner.com/ )
• CleanMyMac (https://macpaw.com/cleanmymac )

10. How About Your Personal Network?

11. Using a VPN Client

12. Cloak of Invisibility
• How to hide yourself?
• Private VPN
• You want a TOTALLY anonymous service.
• Look for one that keeps no log history (Verify via reviews)
• Look at Bandwidth & Available Servers
• Recommendations:
• Private Internet Access (PIA)
• TorGuard VPN
• Pure VPN
• Opera Web Browser
• Avast AntiVirus (SecureLine)

13. Normal Users and How They Appear:

14. VPN Protected Users

15. Web Security – No Installs Needed
https://www.opendns.com/

16. Public WiFi?
• If there is no security password to join, there’s a chance that other
guests can monitor the traffic freely.
• Always best to avoid usage of Bank Information, Personal Social
Media, and Email Accounts when using a public open wifi.
• You could use a Private VPN as a layer of security.

17. Home WiFi
• Make sure there is a password needed to connect to your network
(yes, even the “Guest” WiFi network)
• Periodically review connected devices, make sure nothing stands out

18. Parental Controls

19. Email for Kids
• There are service providers that can help manage kid’s emails and
help protect them.
• Google has an option where you can manage a Google Account for
your child:
https://support.google.com/families/answer/7103338?hl=en

20. Apple iOS Parental Controls
• https://support.apple.com/en-us/HT201304
• https://www.apple.com/families/

21. Microsoft Families
• https://account.microsoft.com/family/about

22. Google Families
• https://support.google.com/families#topic=7327495
• https://families.google.com/familylink/

23. App Based Monitoring

24. Protecting Yourself

26. Google Isn’t Always Your Friend

27. Dual Factor Authentication
• After logging in; verify login via Email, SMS, or an app with a code.

28. Credit Card Tools for Online Shopping
• Check out Privacy.Com
• https://privacy.com/join/4
73XB shameless plug

29. Basic Tips
• Accept only people you know to personal and professional accounts
• Never click on links from people you don’t know.
• Especially if they are using a url shortner: bit.ly, tinyurl.com, etc
• https://www.urlvoid.com/ - test the website to see if its safe
• https://snapito.com/ gets a screenshot of what will load on the site
• https://www.site-shot.com/ get a screenshot of what will load on site
• If there are people claiming to be you on social media, it’s best to get
your account “verified” on those social media platforms
• This lets users distinguish that you’re the actual official account
• Dual factor authenticate all of your social media logins

32. Myths
• I’m not worth being attacked.
• Hackers won’t guess my password.
• I have anti-virus software.
• I’ll know if I been compromised.

33. Examples of Hacks/Breaches
• An employee/family member allows a hacker to
access their machine through:
• Email Attachments
• Social Engineering
• Walking away from their computer unattended
• An employee/family member sends information
to someone thinking they are someone else
• “Hi, I’m the CFO assistant, he needs me to collect all
the W2s”
• Or more intrusive –
• There is an attack on a database or server that then
allowed a hacker in (SQL Injection)
• There is a brute force attack or someone guessed the
password on a key admin account, on
servers/networks, etc.

37. Checking Your Accounts / Name Online
• Use this site to check your usernames: https://namechk.com/
• The next is a tool searches through your email with things you may
have signed up for (I've paid for their premium service as well, not
really worth it, the free does just
fine) https://brandyourself.com/privacy-overview.
• This tool: https://email-lookup.online/index.php searches public
searches to see what links. Its similar
to https://www.spokeo.com/email-search.

38. Work Security:
• Website(s)
• Equipment (Computers)
• Network
• And what people do on them
• Stored Data, Files, etc.
• Business Assets
• Personal Assets
• ….anything and everything that is plugged
in…

39. Outside
• Modem Router Firewall
Switches
• Servers
End User
• Phones
• Computers
• Laptops

40. Outside
• Modem Router Firewall
Switches
• Servers
End User
• Phones
• Computers
• Laptops

41. Outer Defenses (Routers/Firewalls)
• Site to Site Protection (Router to
Router or Firewall to Firewall)
• Encrypted over a VPN Connection
• Protection With:
• IDS
• IPS
• Web filtering
• Antivirus at Web Level
• Protecting INBOUND and OUTBOUND

42. Unified Threat Management
• Single Device Security
• All traffic is routed through a unified
threat management device.

43. Inner Defenses (Switches/Server Configs)
• Protecting Internal Traffic,
Outbound Traffic, and Inbound
Traffic
• Internal Traffic = device to device
• Servers
• Printers
• Computers
• Protected By:
• Software Configurations
• Group Policy
• Password Policy
• Hardware Configurations
• Routing Rules

46. Updates, Patches, Firmware
• Keeping your system updated is important.
• Being on the latest and greatest
[software/update/firmware] isn’t always
good.
• Need to test and vet all updates before
implementation
• If you can – build a dev environment to
test and validate.

47. Casper Suite / JAMF - https://www.jamf.com/products/jamf-pro/

48. SCCM tools

49. Protecting End Devices
• Protecting Assets
• Business Assets
• Thefts
• Hacking
• Personal Devices
• Security Risk
• Usually pose an INBOUND threat
to your network

51. Your Security is as Strong As the Weakest Link

52. Passwords
• Let’s talk about Passwords
• Length of Password
• Complexity of password
requirements
• DO NOT USE POST IT
NOTES
• A person’s “every day
account” should never
have admin rights to
machines.
• That includes your IT
Folks!

53. Tools To Train
• Knowbe4

56. Backups (Personal or Work)
• Acronis True Image
https://www.acronis.com/en-us/products/true-image/

57. Questions?
• Brian Pichman:
• bpichman@evolveproject.org
• Twitter: @BPichman