'Online Security' Need Not Be an Oxymoron

min read

Raechelle Clemmons is vice president and chief information officer at St. Norbert College.

[Thanks to Raechelle Clemmons and the Green Bay Press Gazette for allowing EDUCAUSE to republish this column for National Cyber Security Awareness Month. —Editor]

October is right around the corner, and with it comes fall (or is fall here already?) and National Cyber Security Awareness Month (NCSAM), a month dedicated to raising awareness about online security.

Now in its 11th year, NCSAM was created by the U.S. Department of Homeland Security and the National Cyber Security Alliance to “ensure every American has the resources they need to stay safer and more secure online.”

Cyber security awareness is needed now more than ever. Consider how many data breaches have been in the news recently.

Forty million debit and credit card numbers were exposed through Target’s point-of-sale system last December, and earlier this month, Home Depot acknowledged a similar breach in over 2,000 of its stores.

While neither of these were online, you don’t have to look far to find examples that are. From the HeartBleed vulnerability—a security flaw that enabled data in a server’s memory to potentially be exposed—to the recent hacking of celebrities’ Apple accounts, online security is starting to feel a bit like an oxymoron.

So what can you do to protect yourself online? Ensuring that you, your family, and friends are well-educated about cyber security is a good place to start. A couple of months ago I wrote about the importance of a good password in this column, and provided some tips for creating strong and secure passwords. While I won’t repeat that here, creating passwords that are “long and strong”—with combinations of letters, numbers, special characters, and upper/lowercase—is important.

Even more important is using a unique password for different types of sites—one for sites that have sensitive data (e.g., banking), one for social media sites, one for e-commerce, and so on—or ideally, a unique password for EACH site that you visit.

This way, if one site does get compromised, your password cannot be used to gain access to your bank, credit cards, and other financial or personal information. As mentioned in the previous column, password-management tools can be a great help here.

Aside from passwords, there are a fair number of other things that you can do to protect yourself online. You know those pesky software updates that pop up on your computer, requesting that you update your software? Do it. Maintaining up-to-date security software, browsers, operating systems and other software can help keep your computer free of viruses and malware. These updates often include security patches or other fixes for known vulnerabilities.

When engaging online—and particularly via social media—look closely at your privacy settings and think carefully about what information you share there. Consider some of the information social network sites like Facebook ask you to complete as part of your profile—hometown, high school, relatives. Many of these same pieces of information are regularly used as password-recovery hints on other websites, like your bank. Manage your networks diligently and consider that less may be more when sharing personal information.

Finally, when thinking about cyber security, let’s not forget about mobile devices. More and more business transactions—banking, online purchases—are being done from mobile devices, and yet many people still do not have any type of password set to access their device.

If that’s you, I would encourage you to set a lock screen on your device now, and make sure it locks itself after a relatively short period of time: one to two minutes, tops. Also avoid saving passwords for sensitive sites on your mobile device—manually log into each app/site each time you need to access it.

There are a great many things that we all can do to be more safe and secure online. The National Cyber Security Alliance provides tips for being cyber-secure, as well as resources for educators and others looking to teach online security. There are also resources for businesses seeking to enhance their own cyber security. For all these cyber security tips and resources, visit StaySafeOnline.org.

Republished with permission. All rights reserved.