National Cybersecurity Awareness Month (NCSAM) was created as a collaborative effort between government and industry encouraging personal accountability, securing behaviors, and maintaining digital privacy in the cybersecurity landscape. The theme for this year is “Own IT. Secure IT. Protect IT.”
We constantly hear how important it is to keep our personal information safe, and it’s just as important to keep Boise State information secure.
Creating a culture of cybersecurity is an essential and a shared responsibility among all employees. Cybersecurity in the workplace is everyone’s business.
Courtesy of the National Initiative for Cybersecurity Careers and Studies, here are 5 simple tips to be cybersecure at work:
- Treat business information as personal information. Business information typically includes a mix of personal and proprietary data. While you may think of trade secrets and company credit accounts, it also includes employee personally identifiable information (PII) through tax forms and payroll accounts. Do not share PII with unknown parties or over unsecured networks.
- Technology has its limits. As “smart” or data-driven technology evolves, it is important to remember that security measures only work if used correctly by employees. Smart technology runs on data, meaning devices such as smartphones, laptop computers, wireless printers, and other devices are constantly exchanging data to complete tasks. Take proper security precautions and ensure correct configuration to wireless devices in order to prevent data breaches. (Are you using eduroam to connect wirelessly? VPN when connecting to public WiFi networks? Both are encrypted and secure!)
- Be up to date. Keep your software updated to the latest version available. Maintain your security settings to keep your information safe by turning on automatic updates so you don’t have to think about it, and set your security software to run regular scans.
- Social media is part of the fraud toolset. By searching Google and scanning your organization’s social media sites, cybercriminals can gather information about your partners and vendors, as well as human resources and financial departments. Employees should avoid oversharing on social media and should not conduct official business, exchange payment, or share personal identifying information on social media platforms.
- It only takes one time. Data breaches do not typically happen when a cybercriminal has hacked into an organization’s infrastructure. Many data breaches can be traced back to a single security vulnerability, phishing attempt, or instance of accidental exposure. Be wary of unusual sources, do not click on unknown links, and delete suspicious messages immediately.