Security Tip of the Month

Protecting sensitive data is everyone's responsibility. To increase awareness of careless online habits and to assist in creating good practices, the InfoSec Team offers these security tips. Please contact the team at infosec@hawaii.edu for more information or if you have any questions regarding the security of your personal information.

 

A Short Primer on Online Security (August 2013)

Learn more about Cyber Security and how to secure your personal information and data online with this month's security tip from Wired:

How Not to Become Mat Honan: A Short Primer on Online Security


Overview:

1. Use Two-Factor Authentication with Gmail and Other Accounts
Gmail and other services offer two-factor authentication that help secure your account even if your password is stolen or cracked. When you set up two-factor authentication, you get verification codes delivered to your phone, which you then enter, in addition to your username and password, when you sign into Gmail. Other websites have also adopted Google's two-factor authentication (Amazon, Rackspace, etc).
Click here to learn more about Google's two-step verification.

2. Use SSL or a VPN with Public Wifi
When logging into accounts from public WiFis, make sure to use SSL login pages (https). You can also use a virtual private network (VPN) to protect your data so that your login credentials can't be sniffed by someone on the network.
Visit our AskUs article for more information on the UH VPN Service.

3. Use Unique Passwords
Pick unique passwords for different accounts: personal e-mail, work e-mail, banking, social networking sites and shopping. If one site gets hacked and your username and password are exposed, hackers will attempt to use the exposed password with multiple accounts you might have.

4. Use Complex Passwords for Important Accounts
Having strong passwords for your accounts are only a part of having good online security habits. Passwords should be longer than eight characters and include letters, numbers and characters.
Avoid creating passwords that are easily guessed or can easily be discovered, such as your birthdate, anniversary, names, etc.
Check out our article, Password Guidelines, for more details.

5. Don't Link Accounts
Keep log-ins separate for different accounts and don't link multiple accounts.

6. Get Creative With Security Questions
Skip the standard security questions like "What's your mother's maiden name?" or "Where did you go to high school?" Or you can answer these questions by swapping answers to various questions or giving a random answer.

7. Back Up Your System
Storage is so cheap these days and automated backups are so easy to set up that there's no excuse not to keep copies of your important data.

8. Encrypt and Password-Protect Devices
To prevent someone from accessing your data and the password storage tool you have on your devices, encrypt the data on your devices and password-protect them.
To set up encryption on your computer, check out our articles (Windows/Mac).

9. Use Single-Use Credit Cards
Use a single-use, or disposable, credit card number for online shopping to reduce the number of services that are stored in your real credit card number. Citibank, Bank of America and Discover all offer disposable card numbers that are tied to your real card number, but prevent that number from being exposed if a site is hacked. Always use a credit card, rather than your debit card, when shopping online.


Related Articles:


Original Source

 

For more security-related tips, visit the Security Tip of the Month Archive.