|
Eight
ways to secure your computer and online identity – Part 2
From Information Resources and Technologies Continuing
from last week’s article, here are the next four
tips on how to secure your personal computer and your online identity.
Tip 5. Use strong passwords
Passwords are the most common means in the computing world to
identify you are who say you are and give you access to your files.
You should always use strong passwords to protect access to your
computer and your online accounts. Hackers and viruses often attempt
to access accounts by using programs that guess passwords until
they get it right. The longer your password is and the harder it
is to guess the more difficult it is for programs to crack your
password.
At
a minimum your passwords should contain the following, which
are also the minimum requirements for your UST Net ID password:
- Be
at least six characters in length.
- Contain
upper and lower case letters.
- Contain
numbers or symbols (both is better).
In
addition, you should avoid using:
- words
that can be found in a dictionary as this makes your passwords
easier to guess.
- obvious
facts about yourself that would be easy to guess, such as your
name, kids’ names
or birth dates.
Password
security is a balance. The longer and more complex your password
is the harder it will be to guess by another person or
program; however, if you make your password so complex that you
need to write it down, then you have lost a considerable degree
of your security. So as a rule of thumb choose the longest password
that meets the criteria above and that you can remember without
having to write it down.
Tip 6. Be wary of suspicious e-mail
Originally,
computer viruses were largely spread by e-mail attachments. These
viruses were often hidden in cute little games or documents
that were attached to the message. Most people are now aware of
these dangers and are cautious to not open suspicious e-mail
attachments.
Also, e-mail providers, including our system here at UST, are designed
to remove or block known virus infected e-mails.
Even
though these types of attacks are well-known, it is important
to remember that you should never open attachments from unknown
or unexpected senders. Viruses can be hidden in nearly any type
of file, and run automatically when you open the file.
A
newer trend is e-mail phishing. Phishing e-mails attempt to trick
you into
providing confidential information by posing as
legitimate business e-mails. Common phishing schemes arrive as
false messages from vendors such as banks, eBay, and PayPal requesting
that you update your information with them. The information that
is requested could include items such as your password, bank account
numbers and Social Security number. If you click on the link in
the e-mail you are taken to a web page that looks like the service
provider’s Web page but is actually another site that is
being used to collect personal information from unsuspecting people.
If
you are unsure whether an e-mail you received from your bank
or provider,
such as eBay, is legitimate your best advice is to
call the provider or go to that provider’s web page directly
(not through the link provided in the e-mail).
In general use common sense. If an offer seems too good to be
true, it probably is. If you suddenly get a request to update your
private information online, be wary just as you would be if someone
called you out of the blue or knocked on your door!
Tip
7. Don’t
forget physical security
The previous six tips cover ways that you can protect your computer
from online threats. It is important to remember that the physical
security of your computer is still critical. Computer theft, especially
for laptops, is extremely common.
- Always
lock your room or office when you are away.
- Don’t
leave your computer where it can be seen from the doorway or
window
if possible.
- Lock
up your laptop with a cable lock that is secured to a solid
piece of furniture.
If you must store confidential or private information on your
personal computer you should strongly consider using a disk encryption
program that will prevent others from reading your data.
UST
faculty and staff should never store private or confidential
UST data
on any local computer. UST private or confidential data
should always be stored on UST’s central systems, and secured
so that only those who need access to view the information.
Keep in mind that if thieves steal your laptop they will have
all of the time they need to break into your operating system.
They can use cracking tools that are readily available on the Internet.
It may take them minutes, or it may take weeks, but once they have
physical access you have to assume they can eventually gain access
to everything on your laptop unless the drive is encrypted. If
your computer is stolen or lost, you should consider all of the
data on it to be compromised unless it was encrypted.
Tip 8. Backup your files on a regular basis
While we generally think of security as methods of prevention,
it always wise to be prepared in case something does happen to
your computer or account. You should always back up your data to
a second source to protect yourself against hardware failure as
well as viruses and hackers.
These
days storage is relatively cheap. Depending on how much data
you need
to protect you can use CDs, USB thumb drives,
or external USB hard drives to backup your data. CDs are
extremely cheap, and external hard drives can be purchased for
less than $100.
UST students, faculty and staff also have 500 MB of network storage
available to them. This storage can be accessed from anywhere that
you have Internet access, is backed up regularly, and is scanned
for viruses. View more information on using your MyStorage
space here.
Always
use passwords to secure your backup data, and ideally store these
backups in a separate location from your computer. If your
laptop gets stolen and the backup data is in the computer bag with
it, then your backup will not help you!
Remember,
there are really no "silver bullets" in computer
security. The best way to keep your personal computer and your
online accounts secure is a defense in depth. Each of the eight
items described
in this series provides a layer of defense for your computer and
online identity. Used together they should greatly reduce the risk
of your computer being infected by a virus or compromised by a
hacker. Part of that prevention is that using these tips will make
your computer
look less inviting to an attacker who will move on to other easier
targets. And lastly, you will have backups of your files as an
insurance policy in case something does go wrong.
For more
information on these security tips, contact the IRT
Tech Desk, (651) 962-6230, or check out IRT on the Web.
|
