Ramathibodi Security & Privacy Training for Health Personnel (June 15, 2015)

  • View
    75

  • Download
    0

Embed Size (px)

Transcript

1. 1 . 15 .. 2558 http://www.slideshare.net/nawanan 2. 2 2546 ( 33) : Health IT, Social Media, Security & Privacy nawanan.the@mahidol.ac.th SlideShare.net/Nawanan Nawanan Theera-Ampornpunt Line ID: NawananT 3. 3 Outline Security & Privacy? Security/Privacy Security Privacy Security/Privacy 4. 4 Security & Privacy? 5. 5 Malware Security 6. 6 Security https://www.thaicert.or.th/downloads/files/ThaiCERT_Annual_Report_th_2013.pdf ThaiCERT (2013) 7. 7 Security https://www.thaicert.or.th/downloads/files/ThaiCERT_Annual_Report_th_2013.pdf ThaiCERT (2013) 8. 8 Security https://www.thaicert.or.th/downloads/files/ThaiCERT_Annual_Report_th_2013.pdf ThaiCERT (2013) 9. 9 Security https://www.facebook.com/longhackz 10. 10 Security (Top) http://deadline.com/2014/12/sony-hack-timeline-any-pascal-the-interview-north-korea-1201325501/ (Bottom) http://www.bloomberg.com/news/articles/2014-12-07/sony-s-darkseoul-breach-stretched-from-thai-hotel- to-hollywood 11. 11 Security http://usatoday30.usatoday.com/life/people/2007-10-10-clooney_N.htm 12. 12 Security http://news.sanook.com/1262964/ 13. 13 Confidentiality () Integrity (//) Availability ( ) : CIA Triad 14. 14 / 15. 15 Hackers Viruses & Malware / Insiders () 16. 16 http://blogs.absolute.com/blog/data-breaches-cost-6-billion-to-healthcare-industry/ 17. 17 Security/Privacy 18. 18 Security & Privacy http://en.wikipedia.org/wiki/A._S._Bradford_House 19. 19http://www.aclu.org/ordering-pizza Privacy 20. 20 JAMA JAMA. 2015 Apr 14;313(14). 21. 21 Security 22. 22 Security User Account Security (Password) Mobile Security Online Security E-mail Security PC Security 23. 23 User Account Security So, two informaticians walk into a bar... The bouncer says, "What's the password." One says, "Password?" The bouncer lets them in. Credits: @RossMartin & AMIA (2012) 24. 24 User Account Security https://www.thaicert.or.th/downloads/files/BROCHURE_security_awareness.png 25. 25 8 : 3 4 Uppercase letters Lowercase letters Numbers Symbols ( Dictionary Attacks) simple patterns (12345678, 11111111) ( ) Passwords 26. 26 Dictionary Attack: Hack USA 27. 27 Clear Desk, Clear Screen Policy http://pixabay.com/en/post-it-sticky-note-note-corner-148282/ 28. 28 Password ? 1 8 Password 29. 29 Password http://www.thedigitalshift.com/2012/05/ebooks/amazon-offers-harry-potter-for-free-through-lending-library/ 30. 30 Password : I love reading all 7 Harry Potter books! Password: Ilra7HPb! 31. 31 Password Sharing 32. 32 Password Expiration 33. 33 Keylogger Attack: 34. 34 Rogue Wi-Fi Router: Password 35. 35 Logout After Use Logout ( Lock Screen ) 36. 36 Mobile Security https://www.thaicert.or.th/downloads/files/BROCHURE_mobile_malware.png 37. 37 Mobile Security PIN Lock Screen 38. 38 Online (Shopping) Security https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Online-Shopping-Tips.jpg SMS statement 39. 39 E-mail Security https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Mail-Scam.jpg 40. 40 E-mail Security https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Mail-Scam.jpg 41. 41 E-mail & Online Security (Phishing) https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Phishing.jpg 42. 42 E-mail & Online Security (Phishing) https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Phishing.jpg 43. 43 Secure Log-in Microsoft Internet Explorer 44. 44 Secure Log-in Mozilla Firefox Google Chrome 45. 45 Phishing E-mail 46. 46 Phishing E-mail 47. 47 Phishing E-mail 48. 48 Phishing E-mail 49. 49 Phishing Web Site 50. 50 Ransomware 51. 51 Phishing Grammar link E-mail 52. 52 Phishing Attack: Minnesota 53. 53 PC Security, Virus & Malware https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Phishing_Malicious-Code.jpg 54. 54 PC Security, Virus & Malware https://www.thaicert.or.th/downloads/files/info_ThaiCERT_Phishing_Malicious-Code.jpg 55. 55 File Sharing: () 56. 56 Virus/Malware Attack & Windows Update: Chief IT Admin () 57. 57 Back-up Your Data: 58. 58 Privacy 59. 59 Privacy Autonomy (/) Beneficence () Non-maleficence () First, Do No Harm. 60. 60 Hippocratic Oath ... What I may see or hear in the course of treatment or even outside of the treatment in regard to the life of men, which on no account one must spread abroad, I will keep myself holding such things shameful to be spoken about. ... http://en.wikipedia.org/wiki/Hippocratic_Oath 61. 61 Privacy . .. 2550 7 62. 62 323 ... 63. 63 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 7. 64. 64http://www.prasong.com/// Social Media Case Study 65. 65 " OPD ... ... ... Happy -- . Follow-up " Social Media 66. 66 Privacy Informed consent Privacy culture User awareness building & education Organizational policy & regulations 67. 67 Security/Privacy 68. 68 http://intranet.mahidol/op/orla/law/index.php /announcement/146-2556/770-social-network Social Media 69. 69 Social Network MU Social Media Policy 70. 70 Social Network (Privacy) / identifiers ( , HN, ID ) ( closed groups ) Privacy Settings MU Social Media Policy 71. 71 Line Privacy ? Line group capture forward share cache mobile device ( ) network server Line hack Password 72. 72 Consult Case record include , HN, ( image) app Limit ( Line group) (Password, , malware ) 73. 73 .. 2551 .. 2554 .. 2556 .. 2556 .. 2557 Information Security 74. 74 75. 75 76. 76 77. 77 Summary of Talk Security & Privacy? Security/Privacy Security Privacy Security/Privacy 78. 78 . 15 .. 2558 http://www.slideshare.net/nawanan