Privacy on the Internet is a growing concern, mainly as more people use it for their professional and personal business, socializing, and entertainment.
Strong Passwords
Strong passwords are critical in keeping your system credentials safe. Below are a few suggestions that can help you create strong passwords.
- Length: Make sure the length of your passwords is eight or more characters
- Complexity: Include special characters such as punctuation, symbols, and numbers. Use the entire keyboard, not just the letters and characters you often see. The greater the variety of characters in your password, the better. Example: Fw8!vZ#pP4*
- Variation: To keep strong passwords effective, change them often. Set an automatic reminder for yourself to change your passwords every three months.
- Variety: Don't use the same password for everything. Cybercriminals steal passwords on websites with very little security and use that same password in more secure environments, such as banking websites.
- Never write down your password and store it in a non-secure location. Have you ever wondered how strong your password is? Test the strength of your password on Microsoft's Safety and Security Center.
Social Networking and Blogs
Social networking sites (such as Facebook and Twitter), personal web pages, and blogs are notorious as public sources of personal information and uncensored opinions.
Do not reveal personal details or confidential info online. Assume that anything you post on these websites is public and could be used against you.
A good rule of thumb is only to post information you would be willing to write on a banner displayed in a public place.
Seemingly innocent information about your interests, family, or history could be used by hackers for identity theft or by stalkers or social engineers.
Also, remember that once you post something online, it can be tough to take it back. Copies can still exist on other computers, websites, or search engines, even if you delete the information.
Internet Privacy Cautions
Always remember: The Internet is not private.
Don't give private information to anyone you don't know or who doesn't have a legitimate need for it.
Don't provide personal, sensitive, or confidential information to Internet sites, surveys, or forms unless you use a trusted, secure web page.
Get to these websites by typing the web address in directly. Don't click on links in unsolicited emails or cut and paste links from these emails.
Remember that links and websites that look legitimate can be bogus sites designed to steal information.
At a minimum, look for "https" in the URL and the little padlock that appears in the URL bar or the corner of the browser windows to indicate a secure connection. Also, see slide 15 for special cautions about wireless.
Don't put sensitive information in locations that are accessible from the Internet. Even unlinked web pages can be found by search engines.
Internet Security
The Internet can be a hazardous place. Without up-to-date systems and security software, any computer is vulnerable to takeover and corruption. How many computer attacks on campus do you think occur daily?
Thousands of attacks per minute bombard our campus network.
An unprotected computer can become infected or compromised within a few seconds after it is connected to the network.
A compromised computer is also a hazard to everyone, not just to you. A hacked computer can be used to:
- Send spam and phishing emails.
- Harvest and sell email addresses and passwords.
- Illegally distribute music, movies, and software.
- Infect other systems.
- Hide programs that launch attacks on other computers.
- Record keystrokes and steal passwords.
- Access restricted or personal information on your computer or other systems that you have access to.
- Generate large volumes of traffic, slowing down the entire system.
"Malware" is a harmful software, usually installed without your knowledge. Here is one example of what malware can do if it gets on your computer:
- The malware reads email addresses on your computer...
- It sends its malicious emails using those addresses...
- And the emails look like they were sent from the people whose addresses you have on your computer.
- "Spyware" (a type of malware) can slow computer processing, hijack web browsers, spy on keystrokes, and cripple computers. It is usually downloaded via the Internet without the user's knowledge while using the web.
Internet Security Cautions
Just opening a malicious web page can infect a poorly protected computer. Make sure you know where you're going before clicking on a link.
Use only known, trusted, secure websites when you enter sensitive or personal information online.
Instead of clicking on a link, look up the company (e.g., Google it) and go there alone. This includes "tiny URLs."
Beware of scams, even on well-known sites such as eBay and Craigslist.
How about Instant Messaging?
Exercise caution when using Instant Messaging (IM), file sharing (P2P) applications, or social networking sites like Facebook, MySpace, or Twitter.
This area of the Internet is not private.
Do not reveal personal details or sensitive information via IM or social networking sites.
Use separate passwords for IM since it is generally insecure.
Don't open files sent to you via IM or P2P rooms. Many anti-virus programs cannot detect viruses in IM/P2P/chat files, so viruses and other malicious code can be spread this way.
Wireless Networks
Information sent via standard wireless is straightforward to intercept.
Only use known, encrypted networks when working with sensitive information.
Most coffee shop/hotel/airport-type wireless is not encrypted.
UIW Employees' and Student's SSIDs are encrypted.
If you're not sure, assume it's not encrypted.
Do not connect to unknown wireless hot spots/access points if you're concerned about security, privacy (or passwords).
Set devices to "ask" before joining networks so you don't unknowingly connect to insecure wireless networks.