Client privacy and security (Operational network security) – new for 2020 – virtual learning with experts

Client privacy and security – module overview

This module forms part of the “Operational network security” training programme delivered by GEANT WP8 Task 1.

Client software, like web-browsers, office programs, instant messenger applications, etc., are tools which are used daily to communicate with colleagues or work on documents locally or online.

While we usually interact only with the user interface, the underlying software architecture and implementation are primary targets for attackers, on the campus or the Internet.

This module will show how to configure securely commonly used client software to protect it against the most popular attacks and how to safeguard personal information processed within these applications.

Eligibility

The training is open to all GÉANT members.

Who will benefit from attending this training programme?

  • System/network administrators at NRENs or NREN member organisations
  • System administrators at computing centres or NOCs
  • Broader categories of professionals with the interest in these subjects

Pre-requisites

Basic administration knowledge about operating systems and networking should be present.

Client privacy and security – sessions (live online) schedule

To register to attend all or selected sessions in this module please click here.

Session titleDate/timePresenter
Web browsers Security & Privacy – secure surfing with less traces

To access the playlist for this and other recordings of this training programme please click here.
To view the copy of the presentation – click here.

Web-browsers have long become ubiquitous being the window to the Internet with their being versatility the key success factor. Web browsers can also be (mis)used for tracking the activities of their users. Not surprisingly, security of browsers and privacy of those who use them have become one of the most important topics in information security.

For Firefox and Chrome based browsers, we will give an introduction on how to secure them and how to avoid providing unnecessary personal data to websites or browser vendors. We will also show how to avoid being tracked on your personal trail across the Internet.
21/09/2020 2 pm CESTKlaus Möller
Email Security & Privacy – how to handle the most common issues

To access the playlist for this and other recordings of this training programme please click here.


e-mail is one of the oldest practical uses of the Internet. We all use e-mail on a daily basis, and e-mail has become one of the most important tools of business. E-mail has also become one of the most universal and persistent sources of privacy and security headaches. This session will give an overview of the many challenges that e-mail introduces and will outline approaches of how to deal with some of the more common issues effectively.
23/09/2020 2 pm CESTTobias Dussa
Instant Messaging Security & Privacy – Chat and more while safeguarding personal data

To access the playlist for this and other recordings of this training programme please click here.
To view a copy of the presentation please click here.

From the Microsoft Messenger and Internet Relay Chat of the nineties, to WhatsApp and Discord of current, instant messengers pre-date the world wide web, and while the client programs have changed and gained functionality, their usage shows no sign of decline.

We will show how to secure instant messenger clients and how to avoid common privacy pitfalls.
24/09/2020 2 pm CESTKlaus Möller
An Overview of Best Practices for Videoconferencing Security & Privacy

To access the playlist for this and other recordings of this training programme please click here.
To view a copy of the presentation please click here.

Videoconferencing has been around for some time and its use has increased manifold during the COVID-19 pandemic. With employees being locked down in home office, videoconferences have replaced business meetings and entire business trips, allowing an illusion of face-to-face interaction. This ease of such way to communicate comes with the burden of an unknown impact on the privacy and confidentiality of the conversations as well as the security of the client applications.

This session will provide an overview of security and privacy issues associated with popular videoconferencing clients and services, and will show how to address them.
28/09/2020 2 pm CESTKlaus Möller
Office Suites – Understanding Privacy and Security Risks
To access the playlist for this and other recordings of this training programme please click here.
To view a copy of the presentation please click here.

Everyone regularly uses programs like MS Office. Having started as simple text-editing programs modern Office suites have turned into highly complex applications. They are available on every operating system, including mobile OSs, and are quickly evolving into cloud-based applications, allowing for convenient collaboration. However, the growing complexity has introduced a number of problems related to both privacy and security.

This session will give you an insight into common privacy issues, security risks and will provide some practical tips.”
30/09/2020 2 pm CESTStefan Kelm

Meet the experts

The training programme is delivered by a team of experts in the field:

Klaus Möller, DFN-CERT – Klaus has been working with DFN-CERT since 1999 as an incident responder, advisory writer, and security consultant. He has developed and carried out numerous trainings in  network security.

Stefan Kelm, DFN-CERT – Stefan has been working in the filed of computer security all his professional life, starting back in the early 1990s. He currently is involved in forensics, malware analysis, threat intelligence, and log file analysis.

Tobias (Toby) Dussa, DFN-CERT – Toby has been involved with IT security during his whole entire career.  After fifteen years at KIT, managing KIT-CERT and taking on IT security issues of all kinds, he has joined DFN-CERT in 2020.

The DFN-CERT is the security provider for the German National Research and Education Network, DFN

If you just joined us the section below provides the information about the training programme, its outline and the listing of the next two modules.

Training programme Overview

There is no need to stress the importance of security, and as a more recent addition: privacy, in NREN networks. But while the importance of security and privacy is widely recognized, training in these areas has often been aimed at the security personell tasked with handling incidents, while the system and network administration seems to have been neglected.

The “Operational network security” training programme has been created as a result of collating experiences and conducting discussions with security offices and network operators.

Its aim is to address a number of common security risks that NRENs face in their day-to-day operations: authentication, logging, audit, privacy, 1st Hop security, DNS security and protection from Distributed Denial-of-Service attack.

Programme outline

The training programme consists of a number of live online, instructor-led sessions covering a wide range of subjects (sub-modules):

Sub-module titleDates
1. Operating system privacy and security
03 to 13 August 2020 – completed. To access session
recordings and accompanying presentations click here.
2. Client Privacy and Security 21 September to 30 September 2020
3. Domain Name System (DNS) protection30 November to 11 December 2020
4. Distributed Denial of Service (DDoS) protection08 February to 19 February 2021

We will add further details as soon as all the arrangements for the following module are finalised.

In the meantime if you have any queries about the programme and/or registration please get in touch with glad@geant.org

Look forward to seeing you soon!