1

00:00:00,777  -->  00:00:03,473
We’ve just talked about
behavioral security controls,

2

00:00:03,474  -->  00:00:04,752
now we’re going to move onto

3

00:00:04,816  -->  00:00:06,640
technical security controls,

4

00:00:07,040  -->  00:00:09,614
and again, many of the social
threats we face

5

00:00:09,615  -->  00:00:10,808
can be mitigated by

6

00:00:10,809  -->  00:00:14,228
the same type of technical
security controls.

7

00:00:14,697  -->  00:00:16,901
And again, the threats
we’re referring to here

8

00:00:16,902  -->  00:00:18,661
that we can mitigate
are things like

9

00:00:18,662  -->  00:00:22,443
identity theft, social engineering,
like phishing, vishing,

10

00:00:22,444  -->  00:00:27,440
smishing, scams, cons, doxing,
spam, those sorts of threats.

11

00:00:28,160  -->  00:00:30,148
In order to mitigate these
sorts of threats,

12

00:00:30,217  -->  00:00:32,411
consider using these sorts of

13

00:00:32,480  -->  00:00:34,514
technical security controls.

14

00:00:35,108  -->  00:00:37,542
The first is use an email
provider

15

00:00:37,702  -->  00:00:41,645
with security controls
to mitigate these attacks.

16

00:00:41,897  -->  00:00:43,748
When you’re selecting
an email provider,

17

00:00:43,817  -->  00:00:45,691
consider how well
they protect you

18

00:00:45,692  -->  00:00:49,408
from spam, phishing, malware,
and those sorts of things.

19

00:00:49,712  -->  00:00:53,709
Almost all email providers
scan the email content

20

00:00:53,710  -->  00:00:55,207
for these types of attacks.

21

00:00:55,469  -->  00:01:00,800
This is a privacy concern,
but is also a security control.

22

00:01:01,060  -->  00:01:04,159
Sometimes security and privacy
aren't compatible,

23

00:01:04,160  -->  00:01:06,600
and you have to choose
how to deal with that.

24

00:01:07,180  -->  00:01:10,580
What is more important for you?
Privacy or security?

25

00:01:10,680  -->  00:01:12,700
You have to make the risk
based decision.

26

00:01:13,000  -->  00:01:15,079
But you can chooseto have

27

00:01:15,080  -->  00:01:17,680
separate accounts
for separate purposes.

28

00:01:18,248  -->  00:01:20,816
So for example, for a more
private conversation,

29

00:01:21,112  -->  00:01:23,056
you could have a dedicated email

30

00:01:23,057  -->  00:01:24,744
where you use GPG

31

00:01:25,088  -->  00:01:27,360
which will give you the privacy
that you need,

32

00:01:27,760  -->  00:01:30,570
which we discuss
later in full detail,

33

00:01:30,770  -->  00:01:32,929
and for general emails,
where you have

34

00:01:32,930  -->  00:01:34,790
less of a need for privacy,

35

00:01:34,970  -->  00:01:36,459
you could go for a provider

36

00:01:36,460  -->  00:01:39,950
that offers security by scanning
the email contents.

37

00:01:40,460  -->  00:01:43,280
The big email providers
are good with spam,

38

00:01:43,410  -->  00:01:45,520
phishing and malware
protection, as they have

39

00:01:45,810  -->  00:01:48,160
lots of resources to throw
at the problem,

40

00:01:48,370  -->  00:01:51,939
Apple, Google, Microsoft,
Yahoo, etc.

41

00:01:51,940  -->  00:01:53,409
They are good for protecting you

42

00:01:53,410  -->  00:01:54,890
from phishing and malware,

43

00:01:54,970  -->  00:01:56,930
but they are not good privacy.

44

00:01:57,320  -->  00:01:59,030
So you need to choose
your provider

45

00:01:59,430  -->  00:02:01,390
by weighing up these options

46

00:02:01,410  -->  00:02:03,440
between privacy and security.

47

00:02:04,180  -->  00:02:06,440
For security, you want
a provider that

48

00:02:06,510  -->  00:02:09,560
provides some filtering against
these social attacks,

49

00:02:09,960  -->  00:02:11,819
and we cover selecting
an email provider

50

00:02:11,820  -->  00:02:15,270
in more detail in the section
on email security.

51

00:02:15,850  -->  00:02:17,239
Another control to protect you

52

00:02:17,240  -->  00:02:18,689
against these social threats

53

00:02:18,690  -->  00:02:20,799
is to use a credit
monitoring service

54

00:02:20,800  -->  00:02:23,569
that notifies you
of credit searches

55

00:02:23,570  -->  00:02:25,760
and applications
that will help you

56

00:02:25,800  -->  00:02:28,010
particularly against
identity theft.

57

00:02:28,280  -->  00:02:29,819
In the US and other locations,

58

00:02:29,820  -->  00:02:31,789
you can freeze credit checks.

59

00:02:31,790  -->  00:02:33,889
This stops anyone
from being able

60

00:02:33,890  -->  00:02:36,600
to take out loans or credit
cards in your name.

61

00:02:36,770  -->  00:02:38,788
This is useful if you know
you don't need

62

00:02:38,789  -->  00:02:40,400
any loans or credit,

63

00:02:40,490  -->  00:02:42,100
so you can freeze your credit.

64

00:02:42,450  -->  00:02:44,660
You want to monitor the accounts
you care about

65

00:02:44,830  -->  00:02:45,862
where they provide this

66

00:02:45,881  -->  00:02:48,536
monitoring and alerting
functionality.

67

00:02:48,704  -->  00:02:51,624
Enable the security notifications
on your accounts

68

00:02:51,712  -->  00:02:53,062
where they are available.

69

00:02:53,063  -->  00:02:55,424
For example, when someone
logs into your account,

70

00:02:55,488  -->  00:02:57,424
and where, and on what device,

71

00:02:57,544  -->  00:02:59,333
when money transfers are made,

72

00:02:59,334  -->  00:03:01,213
when passwords are changed
and so on.

73

00:03:01,214  -->  00:03:03,592
You want alerts for those
sorts of things.

74

00:03:03,816  -->  00:03:04,816
As an example,

75

00:03:05,080  -->  00:03:08,848
Gmail provides information like that
on your devices that you log in,

76

00:03:09,136  -->  00:03:11,293
many banks will send you
notifications

77

00:03:11,294  -->  00:03:12,679
when there are money transfers,

78

00:03:12,680  -->  00:03:14,992
or where your account
reaches a certain level.

79

00:03:15,112  -->  00:03:16,280
You should enable those.

80

00:03:16,768  -->  00:03:19,592
Now the rest of the technical
security controls,

81

00:03:19,640  -->  00:03:20,824
we’re going to discuss

82

00:03:20,936  -->  00:03:23,048
throughout the course in detail.

83

00:03:23,112  -->  00:03:26,000
You will learn more about
them in their own sections.

84

00:03:26,320  -->  00:03:27,896
But a quick summary here

85

00:03:27,976  -->  00:03:31,072
of what will protect you against
these social attacks.

86

00:03:31,176  -->  00:03:34,448
So first is changing
the email viewer

87

00:03:34,752  -->  00:03:36,880
to be text instead of html.

88

00:03:37,616  -->  00:03:41,919
Using the built-in
Google Safe Browsing

89

00:03:41,920  -->  00:03:46,440
used in Mozilla Firefox, Apple Safari,
and Google Chrome.

90

00:03:47,344  -->  00:03:49,632
Ublock origin for filtering,

91

00:03:50,328  -->  00:03:53,248
using isolation and
compartmentalization,

92

00:03:53,712  -->  00:03:55,669
using a virtual machine

93

00:03:55,670  -->  00:03:58,232
to open attachments
and click links.

94

00:03:58,720  -->  00:04:01,784
Using application and
execution control,

95

00:04:02,186  -->  00:04:05,729
sandboxes, opening
attachments online

96

00:04:05,730  -->  00:04:08,773
using tools like Google Docs
and Etherpad,

97

00:04:09,466  -->  00:04:11,279
using Live operating systems

98

00:04:11,280  -->  00:04:13,484
to open attachments
and click links.

99

00:04:14,026  -->  00:04:16,613
Using OpenPGP signatures

100

00:04:16,640  -->  00:04:18,610
to validate the sender
is genuine,

101

00:04:19,154  -->  00:04:22,491
and if you frequently send
and receive files via email,

102

00:04:22,617  -->  00:04:25,314
changing that to hosting
these files

103

00:04:25,382  -->  00:04:29,040
and sending links to these files
instead of attachments.

104

00:04:29,565  -->  00:04:32,080
And you can use services
like SpiderOak,

105

00:04:32,297  -->  00:04:34,274
Owncloud or Seafile,

106

00:04:34,754  -->  00:04:37,496
enabling antivirus and
endpoint protection.

107

00:04:37,497  -->  00:04:39,489
But all of those things,

108

00:04:39,490  -->  00:04:41,490
we go through on the course,

109

00:04:41,622  -->  00:04:43,622
but they particularly
do protect you

110

00:04:43,680  -->  00:04:46,102
against these social attacks.

111

00:04:46,971  -->  00:04:48,817
For useful information
on protecting you

112

00:04:48,818  -->  00:04:51,342
against phishing,
vishing, smishing,

113

00:04:51,431  -->  00:04:53,128
spam, scams and cons,

114

00:04:53,564  -->  00:04:55,234
then have a look at this
website here,

115

00:04:55,235  -->  00:04:57,100
this is quite good, ActionFraud.

116

00:04:57,668  -->  00:05:01,313
And also Scambusters.org
is quite good as well.