March 23, 2021

16 March 2021 / 7:00 PM / Webex

ATTENDEES#

Members and Eboard

AGENDA#

Last Meeting Follow-up#

  • Class Picktime

New Business#

  • Password Security - Kevin Brown

NOTES#

  • Kevin Brown
    • A full-time employee for ITS in the Identity and Access Management Group
      • Previously Server Admin
    • Adjunct faculty for OPIM
      • OPIM3220, OPIM3103
    • MIS Student
      • Graduated May 2016
  • Role of IT in Modern Business
    • IT has become a fundamental part of every modern business
    • Everything is stored digitally now
    • Communication is done over email and chat
    • Telecommuting
    • VPNs, gateways, BYOD
  • Authentication and Authorization
    • Authentication - netid
    • Authorization - correct employees access correct data
  • Phishing
    • Social engineering attempts to get into a company’s internal network
    • 32% of all breaches originate with phishing emails
    • Most common n financial institutions
  • Passwords
    • Computers get faster, passwords get easier to guess
  • Password Storing
    • Database with passwords
      • Most simple no hashing
    • Database with passwords and hashing algorithm
      • Hashing Algorithm encodes the passwords - one input one output
    • Hashing and Salting
      • Hashing combined with Salting (sprinkling more unique company established passwords within the user password while hashing)
  • Password Guessing
    • Dictionary
    • Rainbow Table
    • Brute-force
  • Password Criteria
    • Length
    • Do not reuse
    • Change (when needed)
    • User a password manager
    • Turn on multifactor authentication

ACTION ITEMS#

NEXT WEEK’S AGENDA#

  • The Hartford