This document provides information about a webinar on keeping nonprofits and libraries secure. The webinar covered introducing TechSoup and their security donation programs, security threats like zero-day vulnerabilities and common causes of data breaches, and basic security practices around passwords, social media, phishing, and more. It also discussed Symantec's security solutions and how to get started with free security resources.

1. Keep Your Connected Nonprofit or
Library Secure
October 1, 2015

2. Using ReadyTalk
• Chat to ask questions
• All lines are muted
• If you lose your Internet
connection, reconnect using
the link emailed to you.
• If you lose your phone
connection, re-dial
the phone number
and re-join.
• ReadyTalk support:
800-843-9166
Your audio will play through your computer’s speakers. Hear an echo? You
may be logged in twice and will need to close one instance of ReadyTalk.
2

3. You Are Being Recorded…
• This webinar will be available on the TechSoup website
along with past webinars:
www.techsoup.org/community/events-webinars
• You can also view recorded webinars and videos on our
YouTube channel:
https://www.youtube.com/TechSoupVideo
• You will receive an email with this presentation,
recording, and links within a day.
• Tweet us @TechSoup or using hashtag: #techsoup or
#TechedUp
3

4. Keep Your Connected Nonprofit or
Library Secure
October 1, 2015

5. Presenters
5
Assisting with chat: Allyson Bliss and Ale Bezdikian, TechSoup
Becky Wiegand
Webinar Program Manager
TechSoup Global
Kelley Bray
Employee Trust Lead
Symantec

6. Where Are
You?
We Are Here
6
We Are He

7. Agenda
• Introduction to TechSoup
• The Problem – Quiz Time!
• The Common Approach to Solutions
• How Symantec Does It Differently
• Simple Security
• Donated Symantec and Other Security
• Q&A
7

8. About TechSoup Global
We are a global network of 63 partner NGOs that provide the
best technology resources to over a half-million organizations in
121 countries.
8
We connect organizations and people with the resources,
support, and technology they need to change the world.
Learn more from our 2014 Year in Review.

9. 9
We are working toward a time when every social benefit
organization on the planet has the technology, resources, and
knowledge it needs to operate at its full potential.
121
countries
served
63
partner
NGOs
41
Net2 local
groups
615k
NGOs
reached
Our Reach

10. Our Impact
10
Together, we build a stronger, more resilient civil society.
$4.8B
in technology
products and grants
employed by NGOs
for the greater good
35
languages used
to provide
education and
support
100+
corporate and
foundation partners
connected with the
causes and
communities they
care about
5.9M
annual visits to
our websites
600,000
newsletter
subscribers
empowered with
actionable knowledge
79%
of NGOs have
improved organizational
efficiency with
TechSoup Global's
resource offering*
*Source: = survey conducted among TechSoup members in 2013.

11. Our Product Donation Programs
Donated technology, education, and community forum resources
for NGOs save costs, magnify impact, and extend reach.
11

12. Participant Poll
Which of the following security tools are you using? (select
any)
• Avast! Free Antivirus
• Microsoft Security Essentials
• Windows Defender
• AVG Free Anti-Virus Free Edition
• Avira Free Antivirus
• Symantec Endpoint Protection
• McAfee VirusScan
• Norton Security
• AVG Internet Security
• Kaspersky Internet Security
12

13. 13
Simple Security
Kelley Bray
Employee Trust Lead – Symantec Corporation

14. A little bit about me
• 5 years of Federal service
– Used to doing a lot with very little
• 2 years at SYMC
– Securing the company that secures the world
– Army of 1
• 3 kids growing up in the digital world
• kelley_bray@symantec.com
14

15. Agenda
• The problem
– Trivia
• The common approach to a solution
• How we do it differently at SYMC
• Simple Security
15

16. The Problem
• Rather than a lot of scary bullets, let’s play a little game
16

17. Question 1
• How many zero day vulnerabilities were reported in
2014?
– A) 18
– B) 24
– C) 12
– D) 8

18. 2006 2007 2008 2009 2010 2011 2012
0
2
4
6
8
10
12
14
16
Answer: B
24 zero-day vulnerabilities were discovered
in 2014.
18
2013 2014
14
13
15
9
12
14
8
24
23

19. Question 2
• The top 5 zero-days left companies vulnerable for how
long?
– A) 1 day
– B) 2 weeks
– C) 180 days
– D) 295 days

20. Answer: D
20

21. Question 3
What were the top three causes of data
breaches in 2014?

22. 22
49%
43%
8% Malicious Attackers
Accidentally
Exposed/ Theft
or Loss of Device
Insider Theft
Answer:

23. Question 4
In 2014, Symantec analyzed over 6 million
Android apps and found that 1 in ____
contained malware

24. Answer:
6.3 million apps for Android devices were
analyzed.
1 in 6 were classified with malware.
24

25. You get it – the cyber world is bad
• Protection strategies vary
• Funds are limited
• Tech-speak isn’t for everyone.
25

26. SYMC – Our requirements
• Secure our network and user data
• Meet our compliance requirements
• Protect our brand
• Spend our money wisely
• Show improvement and impact
• New Hire and Annual Training
• National Cyber Security Awareness Month/Other Activities
• Employee Engagement
26

27. The difference in our model
Compliance
Awareness
Talking “At”
Security
Change in Behavior
Talking “To”
27

28. Our definition of program success
• Good Security Behavior is natural… like wearing a seatbelt.
– Employees identify with the security
of the company and do the right thing
– Risk profile greatly reduced
– Full program implementation = Symantec
Human Firewall
28

29. Simple security
• Basic security
– Anti Virus, Firewalls…and that’s about all the tech I know..
• Protecting your people is easier!
– And, it’s free!
– Good behavior transcends the walls of work and home
• Believe it or not, the basics go a long way
– Everyone is a target
29

30. Passwords
• Simple rules to creating and remembering a strong password
– Complexity: create a password that includes upper and lower case letters,
numbers and special characters
– Do not use PII: A lot of people use names and important dates from their
family and friends. Most of this information can be found online, so avoid
using initials, birthdays, address information and other PII in passwords.
Never use information that can be found (like your birthday) on Facebook
or other social media sites.
– Change your password every 30 days and Never use the same password
for your work computer that you use for home or website access.
– Use a passphrase to create (and help you remember!) your password.
Example: a song lyric, with complexity added, is an easy password to
remember, but difficult to detect. Use the first letter of each word:
• “New York State of Mind” becomes NYSOM, and then NYS0M123!
30

31. Beware!
• If it’s too good to be true…
– Airports and Starbucks are a hackers amusement park
– All those free USB’s
• Physical Security: Beware of your surroundings
– Do not process sensitive data in areas that are visible by others.
– Lock your computer and phone out of sight when necessary
• Manage sensitive data correctly
– Never leave sensitive documents on your desk or in the printer
31

32. Social Media
• We love the internet, but the internet doesn’t love us back
• If you wouldn’t post it on your front door, do not post it on
Facebook
• Would you share a bottle of water with a stranger?
• Do you know what geotagging is?
32

33. Phishing
• Be aware of how to recognize a phishing attempt! Basic security
awareness can go a long way in preventing hackers from
accessing your network and data:
– Do not open emails from people or email addresses that you do not
recognize. If you must do this, verify the email address prior to clicking on
any links or opening any attachments to the message.
– Read the message carefully and consider the content. If it seems
suspicious (would the CIO be contacting you directly?) it’s probably a
phishing attempt.
– Watch out for spelling and grammatical errors and avoid any requests for
financial transactions or other inappropriate requests.
– Remember – if it seems to good to be true – it probably is!
– When in doubt, do NOT click on any links. Pick up the phone and contact
the sender directly.
33

34. 34

35. How to get started
• Free Resources!
– Use these slides and provide basic education to your coworkers and
families
– National Cyber Security Alliance: www.staysafeonline.org
• Strategies for individuals and businesses
• Training
• Free virus scans
– Baseline Training (like what you see here)
• Or – on YouTube, check out the Norton #30SecTech videos for simple explanations to a lot
of technical terms
– Baseline Policy (you have to let people know what they are/not allowed
to do
– Basic software/network protection – keep those patches up to date!
35

36. Thank you!
• Questions?
36

37. Symantec Donation Program
37
www.techsoup.org/symantec

38. 38
www.techsoup.org/symantec-catalog

39. 39
www.techsoup.org/symantec-catalog

40. Additional Donated and Discounted Security Options
40
www.techsoup.org/comodo

41. Bitdefender
41
www.techsoup.org/bitdefender

42. 42
www.techsoup.org/mailshell

43. 43
www.techsoup.org/red-earth-software

44. Q & A
Please type your
questions in the
chat window.
Continue the discussion in
our Security forum.
56

45. Additional Resources
• Symantec Internet Security Threat Report 2015
• Celebrate National Cybersecurity Month with TechSoup
• 12 Steps to Stay Safer Online Guide (PDF)
• TechSoup’s Security Category
• Security Articles and How-Tos
• Symantec’s Norton Security for Nonprofits and Libraries
(webinar archive)
45

46. Learn and Share!
• Chat in one thing that you learned in today’s webinar that
you will try to implement.
• Will you share this information with your colleagues and
within your network?
46

47. Upcoming Webinars and Events
• 10/6: #NPTechChat: Civil Society Under Threat
• 10/14: Pinterest for Libraries: Building Community Through
Social Media
• 10/15: Do You Need the New Microsoft Office 2016 for
Windows?
• 10/15: Deadline for Next Adobe Creative Cloud Submissions!
• 10/22: Microsoft Office 2016 for Mac
Explore our webinar archives for more!
47

48. Connect with Us!
www.techsoupglobal.org
www.techsoup.org
facebook.com/techsoupglobal
twitter.com/techsoup
48

49. ReadyTalk offers dedicated product demos for
TechSoup organizations 4 times per week.
For more information: www.techsoup.org/readytalk
Please complete the post-event survey that will
pop up once you close this window.
Thank You to Our Webinar Sponsor!
49