Welcome to week 2 of National Cyber Security Awareness Month!
This week we will again explore all three aspects of this year’s theme – “Own IT, Secure IT, Protect IT”. Remember, the “IT” stands for “information technology”, and, just like we have to do regular maintenance on our cars or bikes, we have to do regular maintenance on our digital presence.
We talked about safe social media posting last week in relation to “owning” our IT. Let’s continue to talk about social media, but this week we’ll focus on making sure you have checked the privacy settings of all your social media accounts. There are a lot of resources to help you with this; the best ones should be on the specific sites themselves. Go to the support section of all your social media sites and look for information on default privacy settings and make sure you are comfortable with them. If not, change them to suit your comfort level. Beyond the support section of your social media sites, here are a couple of links to more privacy resources:
10 Ways to Protect Your Privacy on Social Media
How To Manage Your Social Media Privacy Settings
Realize that social media sites are continually updating their systems and therefore, some of these tips may no longer be applicable or accurate.
We buy more and more things online these days, from electronics to cars to tonight’s dinner. As part of “securing” our IT, let’s talk about staying safe while using e-commerce sites. Any time you make purchases online, be very careful to only provide as much information as is needed to complete your purchase. Unless you use a particular site almost daily, don’t allow sites to save your credit or debit card info. Data breaches happen every week. The fewer places your financial information is stored, the better. Always make sure any page you submit credit or debit card info on (or any sensitive or private info) is secured via HTTPS. Browsers have changed how they display this now. Until recently there was a green padlock in the address bar of the browser; now the padlock is either gray or missing entirely if the page is secured. If it is NOT secured, the browser should clearly indicate this and how this is done varies from browser to browser. Finally, make sure the sites you purchase on are reputable. If you’re not sure, open another tab in your browser and look for reviews. The Internet is great for that! Click here for a resource with more details about shopping securely from the folks at the SANS (SysAdmin, Audit, Network and Security) Institute. This is an OUCH! newsletter, a free resource from SANS you can subscribe to on their site, sans.org.
Finally, to “protect” our IT, go hunting for yourself online sometime. You can do a simple Google search, or use some of the many available resources to see how much of your information is out there. One great resource is Troy Hunt’s Have I Been Pwned website. Here you can input your email address(es) into a search form and the site will tell you if your information has been a part of any of hundreds of data breaches, spanning back for years. If you are really curious about what exactly is out there, you can use one of a number of people search engines like Spokeo or Pipl. To get details requires a purchase of some kind on either site, but they can be spookily accurate and precise about who knows what about you.
Now that you have some idea what is out there, how do you get rid of it? Or fix it, if it is inaccurate? If you can pinpoint the source of inaccurate information, you can usually go directly to the site and get help remediating the issue. If not, there are other resources out there to help you with this. Here are a couple:
I hope you found this article informative. If you have any questions about any of this information, please either email me directly at infosec@berry.edu or, if your question is not about sensitive information and you think others might benefit from the answer, you can post your question to the Q&A page of this site. Just click on the “Q&A” in the top menu.
Check the table in Krannert on Thursday for info and goodies and another chance to put your name in the pot for a prize to be awarded on Halloween. Also, please take a moment to read each week’s article as they post.
Here is this week’s video, a funny clip about over-sharing on social media, which would have been more appropriate last week, but I couldn’t not share it with you:
Social Media Privacy by Habitu8, The Security Awareness Video Company
Tune in next week when we talk about data and phishing!