Campus Security Awareness Campaign 2017
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting www.educause.edu/securityawareness.
Trust takes effort to build, yet it readily crumbles. When privacy and information security are compromised, trust is lost and everyone loses: the victims, surely, but also the institutions tasked with protecting their data. People can and should take specific steps to guard their information and maintain their privacy online. To ensure they do this, you can increase awareness on campus — and help your end users protect their privacy — by customizing and sharing the following content
Get the Word Out
Newsletter or Website Content
You exist in digital form all over the Internet. It is thus important to ensure that the digital you matches what you are intending to share. It is also critical to guard your privacy — not only to avoid embarrassment, but also to protect your identity and finances!
Following are specific steps you can take to protect your online information, identity, and privacy.
- Use a unique password for each site. Hackers often use previously coampromised information to access other sites. Choosing unique passwords keeps that risk to a minimum.
- Use a password manager. Using an encrypted password manager to store your passwords makes it easy to access and use a unique password for each site.
- Know what you are sharing. Check the privacy settings on all of your social media accounts; some even include a wizard to walk you through the settings. Always be cautious about what you post publicly.
- Guard your date of birth and telephone number. These are key pieces of information used for verification, and you should not share them publicly. If an online service or site asks you to share this critical information, consider whether it is important enough to warrant it.
- Keep your work and personal presences separate. Your employer has the right to access your e-mail account, so you should use an outside service for private e-mails. This also helps you ensure uninterrupted access to your private e-mail and other services if you switch employers.
- There are no true secrets online. Use the postcard or billboard test: Would you be comfortable with everyone reading a message or post? If not, don't share it.
Source: STOP. THINK. CONNECT. infographic on Personal Information
Figure 1. Use this image to support your message.
Note: The following are Twitter-ready, meeting the 140-character length restriction.
- Guard your #privacy — monitor your accounts for suspicious activity. #PrivacyAware #CyberAware
- Worried about your #privacy online? Browse in incognito/private mode or use Tor. #PrivacyAware #CyberAware
- Stay safe, guard your #privacy — encrypt connections with HTTPS and e-mail with PGP. #PrivacyAware #CyberAware
- Would you say it on a postcard? If not, don’t post it online! #Privacy Be #PrivacyAware #CyberAware
- Be smart with passwords: keep them unique & use a password manager. #Privacy #PrivacyAware #CyberAware
- Public #WiFi is not private! Use #VPN or secured networks for banking & other sensitive transactions. #PrivacyAware #CyberAware
- Maintain #privacy — search for yourself with 2 search engines & request removal from sites if needed. #PrivacyAware #CyberAware
Ask staff members to add a tip to their e-mail signature block and a link to your institution’s information security page.
Chief Information Security Office
Protect your data and your presence online. Learn more. [Link “Learn more” to your institution’s privacy page or link to these tips from the National Cyber Security Alliance.]
Embed or Share Videos
Three tips for protecting your online privacy (0:59 sec)
Key privacy settings and online practices (1:01 min)
Five ways to lower your risk of identity theft (1:25 min)
A short PBS film on privacy and technology, and how our expectations of both have evolved over time (8:10 min)
Share these resources with end users or use them to inform your awareness strategy.
- Use the free STOP. THINK. CONNECT. infographic on Personal Information (see figure 1) or the National Cyber Security Alliance’s free, downloadable Data Privacy Day social media graphics.
- Share the short educational videos described above.
- Explore the US Federal Trade Commission’s privacy, identity, and online security website.
- Download the STOP. THINK. CONNECT. Tip Sheet on Using Public Computers & Wireless Networks.
- Share the Microsoft Safety & Security Center’s information on ways to protect your privacy on the Internet.
- Read the EDUCAUSE Review guest blog, “You’re an Important Piece of the Puzzle!”
- Take time for Consumer Reports’ 10-Minute Digital Privacy Tuneup.
- Follow the Personal Privacy Tips from TRUSTe.
Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).
© 2017 EDUCAUSE. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.