SlideShare una empresa de Scribd logo

Encryption 101 for Nonprofits

Descargar como PPTX, PDF
Community IT Innovators
Community IT Innovators

We review the basics of encryption as a method for improving IT security at nonprofit organizations.

Tecnología
1 de 24
Encryption for Non-Profits Webinar Series June 2018
About Community IT Advancing mission through the effective use of technology. 100% Employee Owned
Presenter Matthew Eshleman CTO
Agenda Encryption Overview Use Cases QA
What is encryption? the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor
History of Encryption This Photo by Unknown Author is licensed under CC BY-SA This Photo by Unknown Author is licensed under CC BY-SA This Photo by Unknown Author is licensed under CC BY-SA
Why Encrypt
Why Encrypt? Compliance – you are required to encrypt some or all data due to its classification Risk management - information that you are working with is sensitive and shouldn’t be publicly disclosed. Security - encrypting our information is a Best Practice
Written & Updated Policies Predictive Intelligence Security Training & Awareness Passwords Antivirus Backups Patching Encryption Good Security Practices
Example “Protect your data with encryption” …Šb¾MuN •–¦è&Õ¤tÄZPD7Õ$ÿÇÛ²ÎzzßÓx2Ô$»•IhqÓ”,:QüïÈ8ìn¹³¡N@-Ö#âP9ÿ¡³mS ~v¾iôrô ü=¢Žy'Zø¢°ûò§ž•a0–•E}þÀØ*³zÚÝRÙmeâ–Ký¯”,Ž(C[7ë_ËOû“&g-ŠÆÎåÄÜXI¿WXc›Mj{ù54òÔâbÿ.’ Jâ‚v#Íý§wš2CÐC‘•€ÆÅ„?ÚHÒ…«^֐•0Pv𩜤ÙÁ0}ù ¹ŽQ¯b&ð.ÿ4Õ8&~úæ&dc¡ÒÀå .XGXŒÝi"/•98¾øp— Ðw(²â†·‘f6t‰ßøö÷MKÊÓ‘Âñ«*»OœÞõ~Tµ•~A<€P‘÷•§kÄñŠs¦îLh…¦z¹S¬Ã@¯û&Ñyú]ZøGÃfk2Uûÿ…]°+¿¶æØþfˆª@Û5/ks•- k‡öjŸTn§ÏÍš°ifnÁmœ÷¼¤&Źï÷Ì ïÊ+?Ùß¡µÑ€€*4ÿÑ“'îDÆbþDäéâÑ”Q?âi¢À©³ÿvŸÍDƒ—X³3´— Nÿ™n×ü”rSSéiUÑÃåÓ‡'ÕéðÑä°«4M-ØB–1H׬ ŒýhŽï$V?×@ô#¥Á>XkçùÁ¥ ÍÙhkOßxñ ÅÂkõd ,ôC¼ Äц §ä°¨Þ|ûCú¬–¸G‹E¹EwÆ ]ºᛠÒØüíi驨>ƒùêÆKžîø2'»°êЖ¦••õR!SwêÈÎþ qÍ»3šÅçz£»Êàk“l+›Ù™»0‹6” s!5ä“ôò
Ransomware This Photo by Unknown Author is licensed under CC BY
Glossary of Terms Encrypted at Rest: Data being stored on a server is encrypted. It may still be possible for the hosting company to access the data. Encrypted in Transit: Data is encrypted between the user and the server. The hosting company would have access to the data. End to End Encryption: Typically communication encryption where only the participating parties have they key. This term is sometimes used incorrectly as providers change the meaning of “end”. Zero Knowledge Encryption: Data is encrypted at all times and not even the hosting company can access the data. You do not have to trust that the service would not give out your information since they do not have access to it. This is especially important in the event of a subpoena or data breach.
What to encrypt? • In Transit • By Service Provider • By end user Email Chat Programs Full Disk Encryption Within Applications
Email Encryption • TLS - Enabling TLS or using a TLS compliant email service such as Office 365, or Gmail ensures that no one can read your email as it is in transit between another TLS compliant provider. In the example below, we can see that I have received a message that was protected by TLSv1.2 Received: from mail-lf0-f48.google.com (mail-lf0- f48.google.com [209.85.215.48]) by mx1423.ess.rzc.cudaops.com (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 03 May 2018 13:20:40 +0000 Received: by mail-lf0-f48.google.com with SMTP id v85- v6so25907237lfa.13for <MEshleman@communityit.com>; Thu, 03 May 2018 06:20:41 -0700 (PDT)
Inbound TLS Report
Email Encryption • Service Provider • Office 365 • Google Mail Encryption • Barracuda • Zix • Virtu • The easiest type of encryption to implement. It is email encryption that is performed by the service provider
Email Encryption • PGP - This form of encryption is performed on the sender’s computer which uses a public/private key pair to encrypt the message. • Sender encrypts (or locks) the contents of a message using the Public Key of the intended recipient and their own Private Key • Both the sender and receiver to have PGP configured. Based on “web of trust” model.
Chat Programs Signal WhatsApp iMessage Keybase Skype4Business….
Disk Encryption • Window Pro • Combine with InTune or MBAM for administration Bitlocker (Windows) • Can be centrally managed with Casper FileVault (Mac)
Applications • Thinking mostly of databases • Systems like Blackbaud and SalesForce • Check custom / legacy systems
Upcoming Webinar Building an Effective IT Function Wednesday July 18 4:00 – 5:00 PM EST
Follow Up Review your organization’s requirements for encryption 1 Explore how you could use one technology described here 2 Find a buddy and send them an encrypted message 3
Questions?

Recomendados

The path to most GRC requirements
The path to most GRC requirementsThe path to most GRC requirements
The path to most GRC requirementsWatchful Software
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
Security and the cloud
Security and the cloudSecurity and the cloud
Security and the cloudFREVVO
 
How to Knock Out Threats from Crypto-Style Viruses
How to Knock Out Threats from Crypto-Style VirusesHow to Knock Out Threats from Crypto-Style Viruses
How to Knock Out Threats from Crypto-Style VirusesCarbonite
 
Check your network security
Check your network securityCheck your network security
Check your network securityYour Virtual CTO
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security OfferingGianandrea Daverio
 
Petya Ransomware
Petya RansomwarePetya Ransomware
Petya RansomwareSiemplify
 
Barracuda Web Filter Cipa Presentation
Barracuda Web Filter Cipa PresentationBarracuda Web Filter Cipa Presentation
Barracuda Web Filter Cipa PresentationCarolynrahn
 

Recomendados

The path to most GRC requirements
The path to most GRC requirementsThe path to most GRC requirements
The path to most GRC requirementsWatchful Software
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
Security and the cloud
Security and the cloudSecurity and the cloud
Security and the cloudFREVVO
 
How to Knock Out Threats from Crypto-Style Viruses
How to Knock Out Threats from Crypto-Style VirusesHow to Knock Out Threats from Crypto-Style Viruses
How to Knock Out Threats from Crypto-Style VirusesCarbonite
 
Check your network security
Check your network securityCheck your network security
Check your network securityYour Virtual CTO
 
Azlan Security Offering
Azlan Security OfferingAzlan Security Offering
Azlan Security OfferingGianandrea Daverio
 
Petya Ransomware
Petya RansomwarePetya Ransomware
Petya RansomwareSiemplify
 
Barracuda Web Filter Cipa Presentation
Barracuda Web Filter Cipa PresentationBarracuda Web Filter Cipa Presentation
Barracuda Web Filter Cipa PresentationCarolynrahn
 
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" InfographicDavid McHale
 
10 Tips to Keep Criminals Out
10 Tips to Keep Criminals Out10 Tips to Keep Criminals Out
10 Tips to Keep Criminals OutNeil Kemp
 
Watch guard reputation enabled defense
Watch guard reputation enabled defenseWatch guard reputation enabled defense
Watch guard reputation enabled defenseMedley India Infosolution Pvt Ltd
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
Best Cloud Security Training in Bangalore by myTectra
Best Cloud Security Training in Bangalore by myTectraBest Cloud Security Training in Bangalore by myTectra
Best Cloud Security Training in Bangalore by myTectramyTectra Learning Solutions Private Ltd
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application FirewallChandrapal Badshah
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesSlideTeam
 
Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...NetSquared Vancouver
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
The Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityThe Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityHTS Hosting
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
The Benefits of a Network Security Plan
The Benefits of a Network Security PlanThe Benefits of a Network Security Plan
The Benefits of a Network Security PlanSwiftTech Solutions, Inc.
 
Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23Patrícia Alves
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
Ways to protect your data from hacking
Ways to protect your data from hackingWays to protect your data from hacking
Ways to protect your data from hackingWebspiders Interweb Pvt. Ltd.
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 
assign3.docx
assign3.docxassign3.docx
assign3.docxCaptain898
 
Balancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecurityBalancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecuritySymantec
 

Más contenido relacionado

La actualidad más candente

Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Storage Switzerland
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomwareRaghavendra P.V
 
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" InfographicDavid McHale
 
10 Tips to Keep Criminals Out
10 Tips to Keep Criminals Out10 Tips to Keep Criminals Out
10 Tips to Keep Criminals OutNeil Kemp
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous MalwareHTS Hosting
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against RansomwareSymantec
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Osirium Limited
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesSlideTeam
 
Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...NetSquared Vancouver
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessStorage Switzerland
 
The Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityThe Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityHTS Hosting
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomwareJawhar Ali
 
Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23Patrícia Alves
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An AttackCisco Canada
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Marco Balduzzi
 

La actualidad más candente (20)

Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
Webinar: Ransomware Checklist – Are You Ready For Ransomware’s Next Wave?
 
Wannacry & Petya ransomware
Wannacry & Petya ransomwareWannacry & Petya ransomware
Wannacry & Petya ransomware
 
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
"10 Tips To Keep Cybercriminals Out While Coronavirus Keeps You In" Infographic
 
10 Tips to Keep Criminals Out
10 Tips to Keep Criminals Out10 Tips to Keep Criminals Out
10 Tips to Keep Criminals Out
 
Watch guard reputation enabled defense
Watch guard reputation enabled defenseWatch guard reputation enabled defense
Watch guard reputation enabled defense
 
Ransomware: A Perilous Malware
Ransomware: A Perilous MalwareRansomware: A Perilous Malware
Ransomware: A Perilous Malware
 
Protecting Against Ransomware
Protecting Against RansomwareProtecting Against Ransomware
Protecting Against Ransomware
 
Best Cloud Security Training in Bangalore by myTectra
Best Cloud Security Training in Bangalore by myTectraBest Cloud Security Training in Bangalore by myTectra
Best Cloud Security Training in Bangalore by myTectra
 
Web Application Firewall
Web Application FirewallWeb Application Firewall
Web Application Firewall
 
Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?Ransomware: Can you protect against attacks?
Ransomware: Can you protect against attacks?
 
Cybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation SlidesCybersecurity Powerpoint Presentation Slides
Cybersecurity Powerpoint Presentation Slides
 
Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...Mack Hardy: Five practical things you can do to secure your online self. Poli...
Mack Hardy: Five practical things you can do to secure your online self. Poli...
 
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup SuccessWebinar: Backup vs. Ransomware - 5 Requirements for Backup Success
Webinar: Backup vs. Ransomware - 5 Requirements for Backup Success
 
The Nitty Gritty of Website Security
The Nitty Gritty of Website SecurityThe Nitty Gritty of Website Security
The Nitty Gritty of Website Security
 
seminar report on What is ransomware
seminar report on What is ransomwareseminar report on What is ransomware
seminar report on What is ransomware
 
The Benefits of a Network Security Plan
The Benefits of a Network Security PlanThe Benefits of a Network Security Plan
The Benefits of a Network Security Plan
 
Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23Global Thought Leadership Webcast, March 23
Global Thought Leadership Webcast, March 23
 
Anatomy Of An Attack
Anatomy Of An AttackAnatomy Of An Attack
Anatomy Of An Attack
 
Ways to protect your data from hacking
Ways to protect your data from hackingWays to protect your data from hacking
Ways to protect your data from hacking
 
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...Behind the scene of malware operators. Insights and countermeasures. CONFiden...
Behind the scene of malware operators. Insights and countermeasures. CONFiden...
 

Similar a Encryption 101 for Nonprofits

Balancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecurityBalancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecuritySymantec
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayDATAVERSITY
 
Encryption-Decryption of Email
Encryption-Decryption of EmailEncryption-Decryption of Email
Encryption-Decryption of EmailShashank Singhal
 
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerSecure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerIRJET Journal
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptxRushikeshChikane2
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosJenniferMete1
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-PracticesOctogence
 
Migrating PGP to the Cloud
Migrating PGP to the CloudMigrating PGP to the Cloud
Migrating PGP to the CloudEchoworx
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersRishabh Gupta
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyClickSSL
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryptionPrancer Io
 
TLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
TLS 1.3: Expert Advice to Modernize Your Security and Decryption PracticesTLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
TLS 1.3: Expert Advice to Modernize Your Security and Decryption PracticesEnterprise Management Associates
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
Paper id 27201446
Paper id 27201446Paper id 27201446
Paper id 27201446IJRAT
 
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
 
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...Webinar Mastery Series: How Security & Compliance become easier with SkyConne...
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...Mithi SkyConnect
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and CryptographyManjunath G
 

Similar a Encryption 101 for Nonprofits (20)

assign3.docx
assign3.docxassign3.docx
assign3.docx
 
Balancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With SecurityBalancing Cloud-Based Email Benefits With Security
Balancing Cloud-Based Email Benefits With Security
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement Today
 
Encryption-Decryption of Email
Encryption-Decryption of EmailEncryption-Decryption of Email
Encryption-Decryption of Email
 
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/ServerSecure Data Sharing in Cloud through Limiting Trust in Third Party/Server
Secure Data Sharing in Cloud through Limiting Trust in Third Party/Server
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Chapter 2 System Security.pptx
Chapter 2 System Security.pptxChapter 2 System Security.pptx
Chapter 2 System Security.pptx
 
Webinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von BaggenstosWebinar Mastering Microsoft Security von Baggenstos
Webinar Mastering Microsoft Security von Baggenstos
 
PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)PACE-IT: Network Hardening Techniques (part 2)
PACE-IT: Network Hardening Techniques (part 2)
 
Elementary-Information-Security-Practices
Elementary-Information-Security-PracticesElementary-Information-Security-Practices
Elementary-Information-Security-Practices
 
Migrating PGP to the Cloud
Migrating PGP to the CloudMigrating PGP to the Cloud
Migrating PGP to the Cloud
 
Implementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommutersImplementing an improved security for collin’s database and telecommuters
Implementing an improved security for collin’s database and telecommuters
 
How To Plan Successful Encryption Strategy
How To Plan Successful Encryption StrategyHow To Plan Successful Encryption Strategy
How To Plan Successful Encryption Strategy
 
What is cloud encryption
What is cloud encryptionWhat is cloud encryption
What is cloud encryption
 
TLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
TLS 1.3: Expert Advice to Modernize Your Security and Decryption PracticesTLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
TLS 1.3: Expert Advice to Modernize Your Security and Decryption Practices
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMask
 
Paper id 27201446
Paper id 27201446Paper id 27201446
Paper id 27201446
 
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
 
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...Webinar Mastery Series: How Security & Compliance become easier with SkyConne...
Webinar Mastery Series: How Security & Compliance become easier with SkyConne...
 
Network Security and Cryptography
Network Security and CryptographyNetwork Security and Cryptography
Network Security and Cryptography
 

Más de Community IT Innovators

Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Community IT Innovators
 
2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident ReportCommunity IT Innovators
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Community IT Innovators
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsCommunity IT Innovators
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Community IT Innovators
 
2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends RoundtableCommunity IT Innovators
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and MoreCommunity IT Innovators
 
How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019Community IT Innovators
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarCommunity IT Innovators
 
5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your OrganizationCommunity IT Innovators
 
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowServer 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowCommunity IT Innovators
 
What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?Community IT Innovators
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Innovators
 
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Community IT Innovators
 
Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators
 
Selecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastSelecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastCommunity IT Innovators
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsCommunity IT Innovators
 

Más de Community IT Innovators (20)

Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
Slack, Microsoft Teams, Zoom: What Works Best for Nonprofits?
 
2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report2021 Nonprofit Cybersecurity Incident Report
2021 Nonprofit Cybersecurity Incident Report
 
Cybersecurity Training for Nonprofits
Cybersecurity Training for NonprofitsCybersecurity Training for Nonprofits
Cybersecurity Training for Nonprofits
 
SharePoint Online for Nonprofits
SharePoint Online for NonprofitsSharePoint Online for Nonprofits
SharePoint Online for Nonprofits
 
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
Microsoft Dynamics and Salesforce: What You Need To Know Before Choosing a Pl...
 
Nonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment BasicsNonprofit Cybersecurity Risk Assessment Basics
Nonprofit Cybersecurity Risk Assessment Basics
 
Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?Does Your Organization Need a Better Technology Roadmap?
Does Your Organization Need a Better Technology Roadmap?
 
2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable2020 Nonprofit Technology Trends Roundtable
2020 Nonprofit Technology Trends Roundtable
 
5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More5 Security Tips to Protect Your Login Credentials and More
5 Security Tips to Protect Your Login Credentials and More
 
How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019How Data Quality Defines Your Organization Webinar November 2019
How Data Quality Defines Your Organization Webinar November 2019
 
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators WebinarNonprofit Cybersecurity Readiness - Community IT Innovators Webinar
Nonprofit Cybersecurity Readiness - Community IT Innovators Webinar
 
5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization5 Steps to Create an Information Strategy for Your Organization
5 Steps to Create an Information Strategy for Your Organization
 
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to KnowServer 2008 and Windows 7 End of Life: 3 Things You Need to Know
Server 2008 and Windows 7 End of Life: 3 Things You Need to Know
 
What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?What Makes Nonprofit Tech Projects Succeed?
What Makes Nonprofit Tech Projects Succeed?
 
Community IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT ManagerCommunity IT Webinar: Working with an Outsourced IT Manager
Community IT Webinar: Working with an Outsourced IT Manager
 
Nonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident ReportNonprofit Cybersecurity Incident Report
Nonprofit Cybersecurity Incident Report
 
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
Improving Nonprofit CRM Data Management in 2019 - Build Consulting and Commun...
 
Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019Community IT Innovators Technology Trends Round Table 2019
Community IT Innovators Technology Trends Round Table 2019
 
Selecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes LastSelecting Nonprofit Software: Technology Comes Last
Selecting Nonprofit Software: Technology Comes Last
 
IT Security Incident Response for Nonprofits
IT Security Incident Response for NonprofitsIT Security Incident Response for Nonprofits
IT Security Incident Response for Nonprofits
 

Último

Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfSrushith Repakula
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyUXDXConf
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomCzechDreamin
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaCzechDreamin
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?Mark Billinghurst
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceSamy Fodil
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Julian Hyde
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureFemke de Vroome
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101vincent683379
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Patrick Viafore
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...CzechDreamin
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxDavid Michel
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FIDO Alliance
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxJennifer Lim
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfFIDO Alliance
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeCzechDreamin
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCzechDreamin
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...FIDO Alliance
 

Último (20)

Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
How we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdfHow we scaled to 80K users by doing nothing!.pdf
How we scaled to 80K users by doing nothing!.pdf
 
A Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System StrategyA Business-Centric Approach to Design System Strategy
A Business-Centric Approach to Design System Strategy
 
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone KomSalesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom
 
Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?The Metaverse: Are We There Yet?
The Metaverse: Are We There Yet?
 
WebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM PerformanceWebAssembly is Key to Better LLM Performance
WebAssembly is Key to Better LLM Performance
 
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
Measures in SQL (a talk at SF Distributed Systems meetup, 2024-05-22)
 
ECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty SecureECS 2024 Teams Premium - Pretty Secure
ECS 2024 Teams Premium - Pretty Secure
 
AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101AI presentation and introduction - Retrieval Augmented Generation RAG 101
AI presentation and introduction - Retrieval Augmented Generation RAG 101
 
Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024Extensible Python: Robustness through Addition - PyCon 2024
Extensible Python: Robustness through Addition - PyCon 2024
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
FDO for Camera, Sensor and Networking Device – Commercial Solutions from VinC...
 
Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptxWSO2CONMay2024OpenSourceConferenceDebrief.pptx
WSO2CONMay2024OpenSourceConferenceDebrief.pptx
 
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdfWhere to Learn More About FDO _ Richard at FIDO Alliance.pdf
Where to Learn More About FDO _ Richard at FIDO Alliance.pdf
 
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi IbrahimzadeFree and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
Secure Zero Touch enabled Edge compute with Dell NativeEdge via FDO _ Brad at...
 

Encryption 101 for Nonprofits

  • 2. About Community IT Advancing mission through the effective use of technology. 100% Employee Owned
  • 5. What is encryption? the process of encoding a message or information in such a way that only authorized parties can access it and those who are not authorized cannot. Encryption does not itself prevent interference, but denies the intelligible content to a would-be interceptor
  • 6. History of Encryption This Photo by Unknown Author is licensed under CC BY-SA This Photo by Unknown Author is licensed under CC BY-SA This Photo by Unknown Author is licensed under CC BY-SA
  • 8. Why Encrypt? Compliance – you are required to encrypt some or all data due to its classification Risk management - information that you are working with is sensitive and shouldn’t be publicly disclosed. Security - encrypting our information is a Best Practice
  • 9. Written & Updated Policies Predictive Intelligence Security Training & Awareness Passwords Antivirus Backups Patching Encryption Good Security Practices
  • 10. Example “Protect your data with encryption” …Šb¾MuN •–¦è&Õ¤tÄZPD7Õ$ÿÇÛ²ÎzzßÓx2Ô$»•IhqÓ”,:QüïÈ8ìn¹³¡N@-Ö#âP9ÿ¡³mS ~v¾iôrô ü=¢Žy'Zø¢°ûò§ž•a0–•E}þÀØ*³zÚÝRÙmeâ–Ký¯”,Ž(C[7ë_ËOû“&g-ŠÆÎåÄÜXI¿WXc›Mj{ù54òÔâbÿ.’ Jâ‚v#Íý§wš2CÐC‘•€ÆÅ„?ÚHÒ…«^֐•0Pv𩜤ÙÁ0}ù ¹ŽQ¯b&ð.ÿ4Õ8&~úæ&dc¡ÒÀå .XGXŒÝi"/•98¾øp— Ðw(²â†·‘f6t‰ßøö÷MKÊÓ‘Âñ«*»OœÞõ~Tµ•~A<€P‘÷•§kÄñŠs¦îLh…¦z¹S¬Ã@¯û&Ñyú]ZøGÃfk2Uûÿ…]°+¿¶æØþfˆª@Û5/ks•- k‡öjŸTn§ÏÍš°ifnÁmœ÷¼¤&Źï÷Ì ïÊ+?Ùß¡µÑ€€*4ÿÑ“'îDÆbþDäéâÑ”Q?âi¢À©³ÿvŸÍDƒ—X³3´— Nÿ™n×ü”rSSéiUÑÃåÓ‡'ÕéðÑä°«4M-ØB–1H׬ ŒýhŽï$V?×@ô#¥Á>XkçùÁ¥ ÍÙhkOßxñ ÅÂkõd ,ôC¼ Äц §ä°¨Þ|ûCú¬–¸G‹E¹EwÆ ]ºᛠÒØüíi驨>ƒùêÆKžîø2'»°êЖ¦••õR!SwêÈÎþ qÍ»3šÅçz£»Êàk“l+›Ù™»0‹6” s!5ä“ôò
  • 11. Ransomware This Photo by Unknown Author is licensed under CC BY
  • 12. Glossary of Terms Encrypted at Rest: Data being stored on a server is encrypted. It may still be possible for the hosting company to access the data. Encrypted in Transit: Data is encrypted between the user and the server. The hosting company would have access to the data. End to End Encryption: Typically communication encryption where only the participating parties have they key. This term is sometimes used incorrectly as providers change the meaning of “end”. Zero Knowledge Encryption: Data is encrypted at all times and not even the hosting company can access the data. You do not have to trust that the service would not give out your information since they do not have access to it. This is especially important in the event of a subpoena or data breach.
  • 13.
  • 14. What to encrypt? • In Transit • By Service Provider • By end user Email Chat Programs Full Disk Encryption Within Applications
  • 15. Email Encryption • TLS - Enabling TLS or using a TLS compliant email service such as Office 365, or Gmail ensures that no one can read your email as it is in transit between another TLS compliant provider. In the example below, we can see that I have received a message that was protected by TLSv1.2 Received: from mail-lf0-f48.google.com (mail-lf0- f48.google.com [209.85.215.48]) by mx1423.ess.rzc.cudaops.com (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 03 May 2018 13:20:40 +0000 Received: by mail-lf0-f48.google.com with SMTP id v85- v6so25907237lfa.13for <MEshleman@communityit.com>; Thu, 03 May 2018 06:20:41 -0700 (PDT)
  • 17. Email Encryption • Service Provider • Office 365 • Google Mail Encryption • Barracuda • Zix • Virtu • The easiest type of encryption to implement. It is email encryption that is performed by the service provider
  • 18. Email Encryption • PGP - This form of encryption is performed on the sender’s computer which uses a public/private key pair to encrypt the message. • Sender encrypts (or locks) the contents of a message using the Public Key of the intended recipient and their own Private Key • Both the sender and receiver to have PGP configured. Based on “web of trust” model.
  • 20. Disk Encryption • Window Pro • Combine with InTune or MBAM for administration Bitlocker (Windows) • Can be centrally managed with Casper FileVault (Mac)
  • 21. Applications • Thinking mostly of databases • Systems like Blackbaud and SalesForce • Check custom / legacy systems
  • 22. Upcoming Webinar Building an Effective IT Function Wednesday July 18 4:00 – 5:00 PM EST
  • 23. Follow Up Review your organization’s requirements for encryption 1 Explore how you could use one technology described here 2 Find a buddy and send them an encrypted message 3