October is National Cyber Security Awareness Month, and the Office of Information Technology (OIT) at St. Edward's University, along with many other organizations (like EDUCAUSE) across the country, are promoting the resources you need to stay safe online. To start, we've rounded up some answers to a few common questions.
Why Should I Care?
Security matters because it keeps you safe and protected — reasons you lock your apartment door or have a passcode to your smart phone; these are your personal and private space and information.
Whether you log in on your phone, use an app, or browse the Internet in our university computer labs, you use your credentials to access your personal information. In the case that your credentials have been compromised, your information is suddenly public. This can be a serious problem: your bank information, grades, personal chats, or photos are openly accessible. OK, don't panic — you can take steps to prevent this.
What Can I Do to Protect Myself?
Here are few of many things that you can do to increase your protection:
Passwords or Passphrases
- Aim to have passwords, passphrases, or PINs on all your desktop, laptop, and mobile devices.
- Make your passwords/-phrases complicated by using capital letters, special characters, and numbers.
- Have variations so that you don't use just one password/-phrase for everything.
A new process called two-factor authentication [http://stopthinkconnect.org/2stepsahead] refers to any login method that requires more than just a basic password. It is becoming increasingly important in the security community.
Browser Security
- Whether disabling pop-ups or clearing your cookies, it is important to attend to your browser settings (Firefox, Chrome, Safari, Internet Explorer, etc.).
- A great web page can help you with browser security settings.
Sharing Devices
- Whether you share your mobile device or your iPad, it is a good habit to keep track of who can use your devices.
- At St. Edward’s University, we offer iPads for loan to staff, faculty, and students, and our best practice is to wipe the data between uses. This is not an ideal option for everyone, which is why keeping track of the users is so helpful.
How Do I Protect Myself Further?
- Take part in community events that promote cybersecurity to increase your subject knowledge.
- Follow the information shared on websites like staysafeonline.org and pay attention to updates.
I hope this blog empowers you to protect your information as an educated digital citizen and to pass on the message. The following basic terms and definitions provide a base on which to begin building your cybersecurity knowledge.
What Security Terms Should I Know?
When talking about cybersecurity, it's important to understand the language. Encryption, firewall, malware — what do they all mean for you?
Cloud computing: a technology that uses the Internet and remote servers to maintain data and applications, allowing users to access applications without installation and access to their personal files from any computer
Encryption: the conversion of digital information into a format unreadable to anyone except those possessing a password or key to convert the encrypted information to its original form (decryption), making it readable again
Firewall: software or hardware that, after checking information coming into a computer from the Internet or an external network, either blocks the transmission or allows it to pass through
Keylogging: the action of tracking (or logging) the keys struck on a computer keyboard; usually runs hidden in the background and automatically records all keystrokes so that users remain unaware of its presence and the monitoring of their actions
Malware: short for malicious software, which disrupts or damages a computer’s operation, gathers sensitive or private information, or gains access to private computer systems
- Virus — has a reproductive capacity to transfer itself from one computer to another, spreading infections between online devices
- Worm — replicates itself over and over within a computer
- Trojan — gives an unauthorized user access to a computer
- Spyware — quietly sends information about a user’s browsing and computing habits back to a server that gathers and saves data
- Adware — allows pop-up ads on a computer system, ultimately taking over a user’s Internet browsing
Phishing: sending e-mails that attempt to fraudulently acquire personal information, such as usernames, passwords, social security numbers, and credit card numbers, by masquerading as a trustworthy entity
Spam: the use of electronic messaging systems to send unsolicited bulk messages
Sarah Sharif coordinates communications for the Office of Information Technology at St. Edward’s University in Austin, Texas, where she is also working on her master's of Liberal Arts with an emphasis in Communication. She creates and implements strategy that showcases OIT initiatives and services across campus to the tech hub of Austin. She holds a BS in Biological Sciences from University of California, Davis, and worked for finance and nonprofit organizations prior to moving to higher education. She is an avid reader and traveler and plans to be a lifelong student.
© 2015 Sarah Sharif. This EDUCAUSE Review blog is licensed under the Creative Commons BY-NC-SA 4.0 International license