Protect Yourself Online
As part of SU’s celebration of National Cyber Security Awareness Month we encourage faculty, staff and students to join ITS in working together to protect not only SU’s resources, but our personal data, devices and online identities. Smart management by each of us of our internet privacy and behavior are essential to keeping personal and University data safe and secure, and actions made on the internet can increase our vulnerability to many threats.
The things you post and share online can be used to gather information about yourself and others. Your public posts and profile information, in much the same way as a successful phishing attempt, may lead attackers to your private information or credentials. Your careful choices about what to publish online, and your understanding of the privacy settings and policies for each site you visit, can defend against theft and misuse of your information, as well as protect your online reputation.
Understand how sites work
Manage your privacy settings
Once you understand how a site works, actively manage your account and privacy settings, especially on social networking sites. Many of these sites by default make public email addresses, phone numbers, birthdates and other personal information you provide. Attackers can harvest this information and use it to answer security questions, hack passwords and gain unauthorized access to your accounts. Information included in profiles or posts is routinely used to target people who work for specific organizations, including SU. Phishing attacks often depend on this type of public information, and use it to target institutions through their employees, students and online communities.
Your location is your business
Be wary of “location enabled” applications and online services. GPS-capable applications pinpoint your location and can include that information in your social media posts, or otherwise display it publicly. Many smart phones automatically enable geo-location updates. Disable these location settings when you’re not using GPS. Not only does this keep your location private, it will extend battery life. When using geo-location apps, like Foursquare, don’t check in or out at your dorm room or home. Only let people you know see your check-ins. Know that revealing your location can have negative consequences.
Keep it real
Make sure those you friend, like, follow or add to your network via social media are real people or organizations. The safest approach is to stick to only those you know personally. It’s a good idea to organize your friends and network members into lists or groups so you can share information only with those you want. Malicious users and unethical marketing companies often create fake profiles, also called “sock puppets.” Sock puppets appear genuine, but try to lure people into online relationships with the goal of tricking them into giving out personal information. Even if you don’t communicate with the sock puppet, they can still access and use the information you post on your profile.
Watch what you post
In addition to understanding how sites work, and who to associate with online, it’s essential to post carefully. Don’t post anything online you wouldn’t want your family to see. Assume everything you post is public and will stay on the Internet forever. Facebook does not let you control who sees what you “like.” Do not “like” anything that you would not want to be associated with, or that appears to discriminate against individuals or groups, or condones unsavory or illegal activity.
Studies consistently show that most employers check the online presence of their applicants. Similarly, some employers check their employees’ social media accounts. Check your online presence often to ensure there’s nothing that will cause you problems.
Take a look at yourself
Take a minute every so often to search for yourself on the major sites and search engines to see what others will see. Assume that acquaintances, friends and prospective employers will search for you, as will potential future in-laws and business partners. Make sure there is good information at the top of your Google results. Try services like Brand-Yourself.com or set up a Google Alert in your name. You can control whether certain social media sites show up when your name is searched. For example, in Facebook’s privacy settings uncheck “create a public search listing for me.”
To receive timely notification from ITS of current information security updates and news follow SecurecUse on Twitter and Facebook. For more about information security, visit SecurecUse.syr.edu.
Find out more!
As part of SU’s observance of National Cyber Security Awareness Month, please join ITS’s Information Security team at a live workshop on Oct. 29. The workshop will feature a talk by Director of Information Security Christopher Croad, and demonstrations of security threats and ways you can counter them. The hour-long workshop will be held in room 304 in the Schine Student Center at 11:30 a.m., and includes pizza and great giveaways for all attendees.
Ashley Graves contributed to this article.