Safe Computing - Top Ten
WKU IT's Top Ten Tips to Stay Safe Online
Recognize Your RiskRecognize that everyone is a target, and even the most careful of us can make mistakes. There are others online that want your information for their own purposes, and they will try every possible angle to get it. This means that you should always be careful and vigilant with your own information and resources, and especially careful if you handle the information of others.
Update your Software and DevicesKeep your software as up-to-date as possible. This includes your operating system (turn on Windows Update or check the App Store) as well as your applications (enable Microsoft Update, Microsoft AutoUpdate, check the AppStore, check Google Update, etc). Be sure you're running the most recent version of typically vulnerable browser helpers or plug-ins, like Java or Flash.
Beware of Phishing and Other ScammersA great resource to educate yourself on phishing is available right on this site, or you may also click here. The IT Phish Bowl is another resource that lists recent phishing scams. Phishing doesn't only happen by email, though. Be wary of any request asking for personal information, access credentials, or money - whether it be by email, phone call, text, or even in person. Here is a list of common scams maintained by the FBI, and one example of a phone scammer spoofing an FBI phone number.
Use Strong and Unique PasswordsWe all have a multitude of accounts online that require passwords, and we've all probably been guilty of reusing passwords at one time or another. Problem is, to be safe online you need complex passwords that are difficult to guess, have mixed case, contain numbers and symbols, are several characters long, and are unique to every site or app you use. Password management programs are helpful for this. Several sites maintain lists of good password manager apps available for free or at a low cost. Also, don't share your passwords!
Avoid Risky or Untrusted Sites or LinksAvoid visiting websites that you don't trust. Lots of legitimate sites have ads that bait you into clicking on them by offering products you may be interested in purchasing, "shocking" health information, celebrity gossip, lists of "unbelievable" photos, etc. Following these links may take you to sites that try to install browser plugins or other harmful software, with our without your permission. Similarly, don't click links in email that you don't trust. If the links claim to point to legitimate sites like your bank, wku.edu, retailers, or other sites you typically visit, it's better to type them into your browser than to click the link.
Use Lock Screens and Good Physical Security for Your DevicesMost phones, tablets, and even computers have the ability to set up a lock screen. You can view instructions for iPhone/iPod/iPad here, instructions for Android here, instructions for Macs here, and instructions for Windows 10 here. Other instructions are just a Google search away. Configure your device to lock after some period of inactivity or at initial startup. Also, practice good physical security by locking up your devices when not in use. Don't leave devices exposed in your car, as they might attract thieves. Make use of Apple's Find My iPhone to locate Apple devices. Encrypt external storage devices like hard drives or flash drives so that they can only be read by you.
Protect Sensitive DataProtect your sensitive data, and especially protect the sensitive data of others. Don't store your credit card numbers, health information, social security or driver's license number, or any other personal info on mobile devices or on your computer. If you work with sensitive data, leave it on your employer's servers and don't download it locally. Make sure you are using encryption when you are transmitting sensitive data, such as when using a shopping cart at an online retailer. If you need to send sensitive data to someone by email, send them a link through our "Send Files Securely" application rather than attaching the data to an email.
Educate YourselfA number of resources are available for you to educate yourself on cyber security. This site offers a number of resources to help you learn safe computing. WKU IT Security also offers online training from SANS through this website. You can contact firstname.lastname@example.org for details. Many sites, like the FTC, offer security tips and training for consumers. If you're an IT pro, you can find a list of free online resources here.
Scan for Viruses and MalwareInstall an anti-virus program that also checks for spyware or other malware. Remember tip #2 and keep your anti-virus software up-to-date through automatic or scheduled updates.
Backup, Backup, BackupWhen it comes to mobile devices, you can use iTunes to backup your iPhone or other manufacturers' software to backup your Android device to your computer. Keep your personal computer backed up to the cloud. Ether use free file space like the One Drive available through Microsoft Office365, Google Drive, or DropBox to copy important files to the cloud. Or, backup your entire system with a cloud backup like CrashPlan, Carbonite, or others. A review of cloud backup providers is here.