October is National Cybersecurity Awareness Month, and this year’s theme is “Own IT. Secure IT. Protect IT.”
The following are helpful tips to remember to avoid compromising your personal or work information.
Double your login protection
Enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. MFA requires more than one method of authentication (for example, both your account password and a code sent to your phone).
Use MFA for email, banking, social media and any other service that requires logging in.
Boise State will soon implement multi-factor authentication for students, faculty and staff.
Shake up your passphrase protocol
Consider using the longest password or passphrase permissible. Get creative and customize your standard passphrase for different sites, which can prevent cybercriminals from gaining access to these accounts and protect you in the event of a breach. Use password managers to generate and remember different, complex passphrase for each of your accounts.
Contact the Help Desk for assistance with password management tools for University-owned computers.
If you connect, you must protect
Whether it’s your computer, smartphone, game device or other network devices, the best defense against viruses and malware is to update to the latest security software, web browser and operating systems. Sign up for automatic updates, if you can, and protect your devices with antivirus software.
If you’re not sure your computer is configured for automatic updates, contact the Help Desk.
Play hard to get with strangers
Cybercriminals use phishing tactics, hoping to fool their victims. If you’re unsure who an email or message is from – even if the details appear accurate – or if the email looks “phishy,” do not respond and do not click on any links or attachments found in that email. When available use the “junk” or “block” option to no longer receive messages from a particular sender.
Information about how to use Gmail’s features to report spam, create filters to help you remove unwanted email from your inbox, and avoid and report phishing emails is available on Google’s website.
Never click and tell
Limit what information you post on social media – from personal addresses to where you like to grab coffee.
What many people don’t realize is that these seemingly random details are all cybercriminals need to know to target you, your loved ones and your physical belongings – online and in the physical world.
Keep Social Security numbers, account numbers and passphrases private, as well as specific information about yourself, such as your full name, address, birthday and even vacation plans.
Keep tabs on your apps
Most connected appliances, toys and devices are supported by a mobile application.
Your mobile device could be filled with suspicious apps running in the background or using default permissions you never realized you approved – gathering your personal information without your knowledge while also putting your identity and privacy at risk.
Check your app permissions, and use the “rule of least privilege” to delete what you don’t need or no longer use. Learn to just say no to privilege requests that don’t make sense. And, only download apps from trusted vendors and sources.
Contact the Help Desk for assistance with app permissions on your phone, tablet, and/or computer.
Stay protected while connected
Before you connect to any public Wi-Fi, be certain to confirm the name of the network and exact login procedures with appropriate staff to ensure the network is legitimate.
If you do use an unsecured public access point, practice good cyber hygiene by avoiding sensitive activities (e.g., banking) that require passphrases or credit card numbers. Your personal hotspot is a safer alternative to free Wi-Fi. Only use sites that begin with “https://” when shopping or banking online.
Faculty and staff are advised to use VPN when connecting to public WiFi networks. Learn how to install and use Boise State’s VPN on mobile devices.