January 2017: Keep What's Private, Private

Campus Security Awareness Campaign 2017
This post is part of a larger campaign designed to support security professionals and IT communicators as they develop or enhance their security awareness plans. View all 12 monthly blog posts with ready-made content by visiting www.educause.edu/securityawareness.

Data Privacy Day January 28 - Respecting Privacy, Safeguarding Data, Enabling Trust

Trust takes effort to build, yet it readily crumbles. When privacy and information security are compromised, trust is lost and everyone loses: the victims, surely, but also the institutions tasked with protecting their data. People can and should take specific steps to guard their information and maintain their privacy online. To ensure they do this, you can increase awareness on campus — and help your end users protect their privacy — by customizing and sharing the following content

Get the Word Out

Newsletter or Website Content

You exist in digital form all over the Internet. It is thus important to ensure that the digital you matches what you are intending to share. It is also critical to guard your privacy — not only to avoid embarrassment, but also to protect your identity and finances!

Following are specific steps you can take to protect your online information, identity, and privacy.

  • Use a unique password for each site. Hackers often use previously coampromised information to access other sites. Choosing unique passwords keeps that risk to a minimum.
  • Use a password manager. Using an encrypted password manager to store your passwords makes it easy to access and use a unique password for each site.
  • Know what you are sharing. Check the privacy settings on all of your social media accounts; some even include a wizard to walk you through the settings. Always be cautious about what you post publicly.
  • Guard your date of birth and telephone number. These are key pieces of information used for verification, and you should not share them publicly. If an online service or site asks you to share this critical information, consider whether it is important enough to warrant it.
  • Keep your work and personal presences separate. Your employer has the right to access your e-mail account, so you should use an outside service for private e-mails. This also helps you ensure uninterrupted access to your private e-mail and other services if you switch employers.
  • There are no true secrets online. Use the postcard or billboard test: Would you be comfortable with everyone reading a message or post? If not, don't share it.
Privacy graphic

Source: STOP. THINK. CONNECT. infographic on Personal Information

Figure 1. Use this image to support your message.

 

Social Posts

Note: The following are Twitter-ready, meeting the 140-character length restriction.

  • Guard your #privacy — monitor your accounts for suspicious activity. #PrivacyAware #CyberAware
  • Worried about your #privacy online? Browse in incognito/private mode or use Tor. #PrivacyAware #CyberAware
  • Stay safe, guard your #privacy — encrypt connections with HTTPS and e-mail with PGP. #PrivacyAware #CyberAware
  • Would you say it on a postcard? If not, don’t post it online! #Privacy Be #PrivacyAware #CyberAware
  • Be smart with passwords: keep them unique & use a password manager. #Privacy #PrivacyAware #CyberAware
  • Public #WiFi is not private! Use #VPN or secured networks for banking & other sensitive transactions. #PrivacyAware #CyberAware
  • Keep your online accounts safe — use 2-factor authentication & #LockDownURlogin. http://www.lockdownyourlogin.com/ #PrivacyAware #CyberAware
  • Maintain #privacy — search for yourself with 2 search engines & request removal from sites if needed. #PrivacyAware #CyberAware

E-Mail Signature

Ask staff members to add a tip to their e-mail signature block and a link to your institution’s information security page.

Example:

Jane Doe
Chief Information Security Office
XYZ College

Protect your data and your presence online. Learn more. [Link “Learn more” to your institution’s privacy page or link to these tips from the National Cyber Security Alliance.]

Embed or Share Videos

Three tips for protecting your online privacy (0:59 sec)

Key privacy settings and online practices (1:01 min)

Five ways to lower your risk of identity theft (1:25 min)

A short PBS film on privacy and technology, and how our expectations of both have evolved over time (8:10 min)

Resources

Share these resources with end users or use them to inform your awareness strategy.


Brought to you by the Awareness and Training Working Group of the EDUCAUSE Higher Education Information Security Council (HEISC).

© 2017 EDUCAUSE. This EDUCAUSE Review blog is licensed under Creative Commons BY-NC-SA 4.0.