Recommended alternatives

Drive Encryption buttonif you really want to protect your data, consider the following methods or a combination thereof instead.

  • Password protect Windows.
  • Lock your computer or log off when you are away (the keyboard shortcut to lock your computer is: Windows Logo Key + L).
  • Encrypt your entire disk via BitLocker or a 3rd party tool.

These methods will also protect all your other locally stored data and not just Outlook.

**********************

Windows 10 Creators Update advances security and best-in-class modern IT tools

The Windows 10 Creators Update will continue to bring new security capabilities to IT administrators to better protect, defend and respond to threats on their networks and devices

A few weeks ago, we announced new features coming in the Windows 10 Creators Update bringing innovation in mixed reality and 3D for everyone. We shared our view of empowering the creators in all of us as we build Windows for each of us. This rings just as true for business professionals as it does for artists and students.

We built Windows 10 for modern IT to be safer, more secure and more productive for business with access to powerful new devices and experiences for their employees. In response, our customers are upgrading to Windows 10 at an incredible pace, with a 3X increase in Windows 10 enterprise deployments over the last six months. But we’ve just begun.

Today, I’m excited to share that the Windows 10 Creators Update will deliver new features and capabilities for modern IT and bring even more security advancements to our enterprise customers as IT administrators drive digital transformation to optimize operations, enhance productivity and maintain the most secure environment possible.

Security intelligence across devices, networks and cloud

The cyber threat landscape today requires an ongoing and relentless focus on security. The Creators Update will continue to bring new security capabilities to IT administrators to better protect, defend and respond to threats on their networks and devices.

To start, we will make it easier to monitor, track and act by creating one view of Windows 10 security events in the centralized portal called the Windows Security Center. First released in the Anniversary Update, the Windows Security Center will link to Office 365 Advanced Threat Protection, via the Microsoft Intelligent Security Graph, to allow IT administrators to easily follow an attack across endpoints and email in a seamless and integrated way.

In the Creators Update we’re also adding new actions and insights in Windows Defender Advanced Threat Protection (ATP) to investigate and respond to network attacks, including sensors in memory, enriched intelligence and new remediation actions.

  • Enriched Detection. As I’ve said before, methods and means attackers use are increasingly varied, complex and well-funded. The sensors we have today across the network traffic channeled through end points and the cloud are powerful. However, cyber threats won’t stop, and neither will we. With the Creators Update we will expand Windows Defender ATP sensors to detect threats that persist only in memory or kernel level exploits. This will enable IT administrators to monitor loaded drivers and in-memory activities, and to detect various patterns of injection, reflective loading, and in-memory modifications indicating potential kernel exploits.
  • Enriched Intelligence. We already add on to our Microsoft Threat Intelligence (TI) with industry partners like FireEye iSIGHT Threat Intelligence. In the Creators Update, we’ll enable IT administrators to feed their own intelligence into the Windows Security Center for alerts on activities based on their own indicators of compromise. This added level of insight will enrich machine learning models to identify and block malware more quickly and better protect their unique environment.
  • Enhanced Remediation. We will also deliver new remediation actions in Windows Defender ATP that will give IT administrators the tools to isolate machines, collect forensics, kill and clean running processes and quarantine or block files with a single click in the Windows Security Center and further reduce response time.

Best-in-class modern IT to streamline management

It’s an exciting time to be in IT, yet we also understand that for many organizations the digital transformation can be overwhelming. That’s why we built Windows 10 with best-in-class modern IT capabilities through the power of the cloud. Already, IT administrators estimate a 15% improvement in IT management time with Windows 10. The Creators Update will further shift resources and time-intensive tasks to the cloud, allowing our customers to acquire, provision, support and secure devices more easily than ever.

Today, we’re announcing the Creators Update will bring simplified IT with new insights coming in the Windows Analytics dashboard, in-place UEFI conversion, a new mobile application management feature and continued improvements to Windows as a service.

Cloud-based insights with Windows Analytics.

We released Windows Upgrade Analytics to help customers move to Windows 10 more quickly by analyzing their environment to identify app compatibility, device and driver readiness. In the coming months, we’ll be delivering additional resources to the Windows Analytics dashboard that will help IT administrators better manage and support Windows 10 devices. The additions to the dashboard will enable organizations to use their own telemetry to provide new insights and ensure compliance on the upgrade, update and device health processes within their organizations.

In-place UEFI conversion

We’ve heard from our customers that they want to take advantage of new Windows 10 security investments like Device Guard on their existing modern hardware, but many of these new features require UEFI-enabled devices. For those customers who have already provisioned modern Windows PCs that support UEFI but installed Windows 7 using legacy BIOS, converting a device to UEFI required an IT manager to repartition the disc and reconfigure the firmware. This meant they would need to physically touch each device in their enterprise. With the Creators Update, we will introduce a simple conversion tool that automates this previously manual work. This conversion tool can be integrated with management tools such as System Center Configuration Manager (ConfigMgr)* as part of the Windows 7 to Windows 10 in-place upgrade process.

Mobile application management

With the Creators Update we’re introducing mobile application management, a new feature that will protect data on personal devices without requiring the device to be enrolled in a Mobile Device Management solution. As employees use their own devices at work more and more, we are providing IT with oversight to apply policies to the applications employees use to be productive. This helps keep corporate data more secure without taking on the added responsibility of managing employees’ personal devices.

Continued improvements for Windows as a service

Finally, our enterprise customers have told us they want to better manage the size of downloads. Soon we’ll enable differential downloads for both mobile and PC devices. This means updates after the Creators Update will only include the changes that have been made since the last update, decreasing the download size by approximately 35%. We’re also working to improve System Center Configuration Manager express updates to help reduce the monthly update size by up to 90%.

We’re building Windows for each of us and for our enterprise customers that means supporting their digital transformation. Over the next few weeks, some of the Creators Update features will start to show up in Windows Insider builds. If you are not already a Windows Insider, please join us in providing feedback to help shape the final experience and empower the creators in all of us.


Basic concepts in computer security

  1. 1. BASIC CONCEPTS IN COMPUTER SECURITY ARZATH AREEFF
  2. 2. WHAT IS COMPUTER SECURITY? •Computer security is refers to techniques for ensuring that data stored in a computer cannot be read or compromised by any individuals without authorization. •Most computer security measures involve data encryption and passwords. •The purpose of computer security is to device ways to prevent the weaknesses from being
  3. 3. WHAT IS COMPUTER SECURITY? •We are addressing three important aspects of any computer-related system such as confidentiality, integrity, and availability.
  4. 4. WHAT IS COMPUTER SECURITY? •These are the three goals in computing Security. 1.Confidentiality 2.Integrity 3.Availability
  5. 5. THREE GOALS IN COMPUTING SECURITY •Confidentiality: ensures that computer-related assets are accessed only by authorized parties. Confidentiality is sometimes called secrecy or privacy. •Integrity: it means that assets can be modified only by authorized parties or only in authorized ways. •Availability: it means that assets are accessible
  6. 6. THREE GOALS IN COMPUTING SECURITY •One of the challenges in building a secure system is finding the right balance among the goals, which often conflict.
  7. 7. VULNERABILITY •Vulnerability is a weakness in the security system. •Weaknesses can appear in any element of a computer, both in the hardware, operating system, and the software. The types of vulnerabilities we might find as they apply to the assets of hardware, software, and data. •These three assets and the connections among
  8. 8. HARDWARE VULNERABILITY •Hardware is more visible than software, largely because it is composed of physical objects. •it is rather simple to attack by adding devices, changing them, removing them, intercepting the traffic to them, or flooding them with traffic until they can no longer function.
  9. 9. HARDWARE VULNERABILITY •other ways that computer hardware can be attacked physically. •Computers have been drenched with water, burned, frozen, gassed, and electrocuted with power surges.
  10. 10. SOFTWARE VULNERABILITIES •Software can be replaced, changed, or destroyed maliciously, or it can be modified, deleted, or misplaced accidentally. Whether intentional or not, these attacks exploit the software’s vulnerabilities.
  11. 11. SOFTWARE VULNERABILITIES •Sometimes, the attacks are obvious, as when the software no longer runs. More subtle are attacks in which the software has been altered but seems to run normally.
  12. 12. DATA VULNERABILITY •a data attack is a more widespread and serious problem than either a hardware or software attack. •data items have greater public value than hardware and software because more people know how to use or interpret data.
  13. 13. THREATS •A threat to a computing system is a set of circumstances that has the potential to cause loss or harm. •There are many threats to a computer system, including human-initiated and computer- initiated ones. •A threat is blocked by control of a vulnerability. •We can view any threat as being one of four
  14. 14. THREATS •An interception means that some unauthorized party has gained access to an asset. The outside party can be a person, a program, or a computing system.
  15. 15. THREATS •In an interruption is an asset of the system becomes lost, unavailable, or unusable.
  16. 16. THREATS •If an unauthorized party not only accesses but tampers with an asset, is called as a modification.
  17. 17. THREATS •An unauthorized party might create a fabrication of counterfeit objects on a computing system. •The intruder may insert spurious transactions to a network communication system or add records to an existing database.
  18. 18. ATTACKS •A human who exploits a vulnerability perpetrates an attack on the system. An attack can also be launched by another system, as when one •system sends an overwhelming set of messages to another, virtually shutting down the second system’s ability to function.
  19. 19. ATTACKS •Unfortunately, we have seen this type of attack frequently, as denial-of-service attacks flood servers with more messages than they can handle.
  20. 20. CONTROL •The control is an action, device, procedure or technique that removes or reduces a vulnerability. •We use a control as a protective measure. •There are so many ways to controle.
  21. 21. HOW TO SECURE THE COMPUTER •There are two ways 1.Physical secure 2.Other secure methods
  22. 22. PHYSICALLY SECURE COMPUTERS •Obtain physical computer locks for all your computers
  23. 23. PHYSICALLY SECURE COMPUTERS •Attach mobile proximity alarms to your computers.
  24. 24. PHYSICALLY SECURE COMPUTERS •Store computers in an area with secure access. •Or place the computers in a locked room
  25. 25. PHYSICALLY SECURE COMPUTERS IN YOUR COLLEGE •Station security guards at entry points to the college building.
  26. 26. PHYSICALLY SECURE COMPUTERS IN YOUR COLLEGE •Verify windows and doors are properly locked after office hours.
  27. 27. SECURE THE COMPUTER •Choose a good secured operating system
  28. 28. SECURE THE COMPUTER •Choose a web browser based on its security and vulnerabilities because most malware will come through via your web browser
  29. 29. SECURE THE COMPUTER •When setting up, use strong passwords in your user account, router account etc. Hackers may use dictionary attacks and brute force attacks.
  30. 30. SECURE THE COMPUTER •When downloading software (including antivirus software), get it from a trusted source
  31. 31. SECURE THE COMPUTER •Install good antivirus software because Antivirus software is designed to deal with modern malware including viruses, Trojans, key loggers, rootkits, and worms.
  32. 32. SECURE THE COMPUTER •Download and install a firewall
  33. 33. SECURE THE COMPUTER •Close all ports. Hackers use port scanning (Ubuntu Linux has all ports closed by default)
  34. 34. SOURCES AND CITATIONS • Security in Computing, Fourth EditionBy Charles P. Pfleeger • http://lifehacker.com/5848296/how-do-i-keep-my-computer-secure-at-the-office • http://it.ojp.gov/documents/asp/disciplines/section1-2.htm • http://www.pcpro.co.uk/blogs/2011/01/21/how-to-physically-secure-your-business- hardware/ • http://www.us-cert.gov/nav/nt01/ • http://blog.chromium.org/2008/10/new-approach-to-browser-security-google.html • http://www.avast.com • http://www.trendsecure.com • http://www.lavasoft.com • http://www.zonealarm.com • http://www.personalfirewall.comodo.com/ • http://www.remote-exploit.org/backtrack.html • http://www.grc.com/securitynow.htm • http://www.hackerhighschool.org/ • http://www.symantec.com/norton/products/library/article.jsp?aid=internet_iq
  35. 35. THANK YOU HAVE A SECURED WORLD 

__________