October is the annual Cyber Security Awareness month. Your immediate question may be, why do I care again? To this I say, imagine if you will, a world in which there is no internet, no smart phones, no computers, and three channels on the television.
That’s right, it would be the Twilight Zone, even though I am old enough (cough…cough…) to have lived a life like this. Many of you are not, however, and this pervasiveness of the internet shapes all our lives to an incredible degree now. That’s why this month is all about being aware of your information and how you access the broader internet world.
The first week theme of Cyber Security Awareness Month is Make Your Home a Safe Haven for online activity. I offer to you the following pieces of advice, brought to you by StaySafeOnline.org
Keep a Clean Machine → Having the latest security software, web browser and operating system is the best defense against viruses, malware and other online threats.
Did you know? Your cell phone and tablet need to be kept up to date with the latest security software, browsers and operating system, just like your PC or laptop at home.
Smart appliances and connected devices – such as thermostats, toys and home assistants – should be kept up to date with the latest security software. If not, you’re at greater risk of hackers accessing your network and information.
#LockDownURlogin → User names and passwords are not enough to protect key accounts like email, bank and social media. Improve account security by enabling strong authentication tools such as biometrics or unique one-time codes. #CyberAware
Share with Care → Think before posting about yourself and others online. Consider what a post reveals, who might see it and how it might affect you and others now and in the future. #CyberAware
Boo! Old tweets, posts and photos may come back to haunt you. Think before you post and consider how it might be perceived now and in the future. #CyberAware
Back it Up → Protect your valuable work, music, photos and other digital information by making an electronic copy and storing it safely.
Back up regularly! Having a recent copy of your files means you can retrieve them if you fall victim to #ransomware. #CyberAware
Personal Information is Like Money. Value it. Protect it. → Info about you, such as your purchase history or location, has value – just like $$$. Be thoughtful about who gets that info and how it’s collected through devices, apps and websites. #CyberAware
The connected devices and appliances in your home run on the data about YOU. Be mindful of how your info is being collected and stored. #CyberAware
Secure Your WiFi Router → Set a strong passphrase (at least 12 characters long) for your Wi-Fi network. Keep it positive and easy to remember like “Ilovecountrymusic!” #CyberAware
Have you changed your Wi-Fi router’s default name and passphrase? Set a strong passphrase (at least 12 characters long and name your network in a way that doesn’t let people know it’s in your house.) #CyberAware
Given our recent spate of phishing emails, I thought I would take a few moments to talk about the wonderful sport of phishing.
Well, not that kind of phishing. I am referring to phishing, a concerted effort by an attacker to get some type of information from you in order to do bad things. Bad things like take your money, your identity, hack into your college accounts, take student information, and steal your puppy.
Just kidding about that last part, they probably will not steal your puppy. That being said, phishing is bad news. That’s why I am going to offer some quick tips on how to spot a phishing email.
It just doesn’t look right: Too good to be true? I know that someone in Nigeria wants to send you money, but they already sent it to me. Trust your instincts.
Generic salutations: Phishing emails use generic salutations like “Dear customer”. This saves the criminals time. I recently received an email directed to “Dear null”, so it appears someone had a hard time with programs (Note: geek humor)
Links to official looking sites: These sites are spoofed to make them look like your bank, for example. Take a good look at the site URL. It will not be the official banking site.
Unexpected specific emails: Phishers use social media sites like LinkedIn to insert specific info about you to make you more likely to take the bait. If you not recognize the sender, it is probably phishing.
Scary phrases: YOUR ACCOUNT HAS BEEN HACKED!!!! PLEASE LOG IN IMMEDIATELY AND CHANGE YOUR PASSWORD!!! Do not react to this, because this is a tactic to get you to willingly give up your credentials.
Poor grammar and spelling: Phishing emails are often poorly constructed, and odd grammar and spelling is a dead giveaway.
Sense of urgency: Like the scary phrases, the phishers try to get you to act in an urgent manner, but saying things like “your credit card will be charged unless you contact us immediately” or other phrases similar to this.
Grand Prize Winner!!!!: This is immediately a giveaway. Don’t take the bait, and also remember there could be a survey you can take with the promise of a reward afterwards. Do not take the bait.
Verify your account: Phishers want you to log into something and give away your credentials. Always question why you would need to verify an account.
Cybersquatting: Attackers use domains that are similar to real sites to get you to unknowingly enter your information (think g00gle.com versus google.com). Always take a look at the address to make sure you are where you want to be.
Remember to always check with your friendly IT staff if you have a suspicion something is wrong. Also, check out the Sophos phishing site, which gives you a lot more info about phishing as well as a handy flowchart you can use to help identify phishing emails: https://www.sophos.com/en-us/lp/anti-phishing/prevention.aspx
The Fall semester of 2018 is upon us. A hearty welcome back to students who are beginning or continuing their academic journey.
For the staff who have worked all summer long, well…
As we kick off this semester, I wanted to take a brief moment to talk about the importance of backing up your data. We back up extensively in our data centers, but in this case I am not referring to our backups. I am referring to the documents, images, videos, etc. that are sitting on your computer’s hard drive. Often, that can be years and years of documents you have carefully kept (because you NEEDED to, am I right???). Computer hard drives have been known to fail for a variety of reasons, including pure spite, and if that happens to you and you have no backup, that can lead to crying. Lots and lots of crying.
No one wants to see that.
Good news, however! Vol State has provided services of Microsoft’s Office 365, including OneDrive for Business. OneDrive can be used, among many things, as a personal, secure cloud backup solution. Your files will be stored in your OneDrive and you have a safe and secure way to access them from home, work, and on the go. More importantly, you can be assured your files are backed up in case hard drive tragedy strikes.
We will be doing some training on this later in the year, but in the meantime you can talk to one of our friendly IT staff or put a ticket in for a “Software Request” from our catalog.