Written by Christopher Abbey, DCSD Information Technology Security Analyst
October is National Cyber Security Awareness Month. Knowing that technology is a part of everyday life, the Douglas County School District (DCSD) would like to take this opportunity to provide our community with tips on how to be more secure while online.
While the internet provides an enormous amount of convenience, entertainment and connection opportunities, there is also risk of identify theft, fraud, hacking or your private information getting out without you knowing about it.
Many of us focus on our home network when it comes to cyber security; we know to make sure that it is password protected. If you want to make sure you are as informed as possible on keeping your home network secure, here is a great resource by the SANS Institute.
We would like to go a few steps further, though, and cover some tips you may not be aware of. Let’s learn how to protect your devices and keep you and your family safe online and protect your information.
Security in the Wild
Rarely are we only online at home.
You set out for your normal “cup o’ joe” at the local coffee shop. While there you plan on getting some work done; send a few emails, pay a few bills and maybe buy that flannel shirt on Amazon (come on, it’s Colorado...we know). How secure is that free WiFi connection?
Be aware that free (unprotected) WiFi connections are a big concern when it comes to protecting your information and your device. Have you ever gone to the airport and seen how many “free WiFi” options are available?
So why are there so many options? That’s because hackers utilize a technique called a “man-in-the-middle attack”; using free tools, criminals can intercept your keystrokes, and information once you connect to their fake wireless access point.
Be aware of which WiFi access points are “trusted.” Check in with the barista (or trusted individual) to see which is the official WiFi.
Don’t stop there, unless you are running a Virtual Private Network or VPN, handling sensitive online transactions could be risky over a free and open WiFi connection. Here is a great infographic by VeraCode on the risks of Free WiFi and some basic steps to secure your connection; which include using encrypted websites, turning on your computer’s firewall, and avoiding online banking while in public.
Making Security Social
Social Media is ubiquitous in our society nowadays. From sharing family photos (or memes), to liking your favorite movies, products and other people’s opinions, social media is alive and well in our schools, stores and even doctor’s offices. This means there is a high likelihood hackers are lurking just around the corner to take advantage of our always on, always sharing nature.
-
Tightening your Privacy
Sites like Twitter, Facebook and Google+ give users control of who sees what on their public (or private) profile. Reviewing each sites privacy settings and making the necessary adjustments is good practice especially if you are guilty of the next step below.
-
Too Much Information
We have all been guilty of this one, letting folks know we are really looking forward to that trip up to the mountains this weekend (or beach, lucky you) or taking pictures of our new TV and surround sound system (again, lucky you). But this is the information hackers and soon to be new owners of your TV and surround sound system need to electronically “case the joint”. Here is a great infographic shared on the Prince William County Police, Virginia, showing ways Burglars use Social Media to select homes as targets and steps you can take to secure your home.
Securing your Device
Apple’s slogan is that there is an “app for that” and that could not be any closer to the truth. So much so that in addition to your network, social and physical security, it is a good bet that your device could compromise everything if not properly maintained, monitored and used.
-
“There’s no such thing as a free ….. App”
A common practice of “old timey” saloons of yesteryear, offering something for free was often a ploy to entice customers to participate, or partake of a product or service. App Developers have proven to be no different, in most (not all) cases. Most of the time, your information is the what they are looking for. This can be in most cases collecting location and usage data for advertisements and marketing purposes, but sometimes it can be a bit more nefarious.
Reviewing the app devices privacy policy usually on the app market, or on the developer’s website is a great way to identify and potentially limit how much data you are sharing with third parties. Also selecting apps based upon their privacy policy and information they collect is a good way to minimize who has your data.
-
Location, Location, Location
Did you know that when you take a photo with most modern Smartphones (and cameras), the GPS location of where you took the photo is embedded into the photo’s metadata. This means when you snapped that picture of your family at the campsite or even when you took that photo of the lawn chair you were selling on craigslist, anyone can pull that info and with relative certainty identify where you live, work or play.
You can disable normally through the device’s security, privacy and/or camera settings. You can see if your photo is geotagged normally by viewing the photo’s properties or info on Mac or Windows.
-
Keep it lean, keep it clean, keep it up to date
Finally, another way to keep your device safe from viruses, hacks and more is simply keeping it clean of any unused/unwanted applications, files and folders and keeping the Operating System (OS) up to date. That means don’t put off that update for too long, it may mean the difference of being secure or being exploited.
Other Resources
There are a ton of great resources that are available that discuss everything from home security all the way to ways you can secure your family online.
StaySafeOnline: Protect your Personal Information Online: Offers information from Cyber Bullying all the way to the Data Privacy law, statutes and governance that School Districts are required to be aligned with, like the Family Educational Rights and Privacy Act or FERPA
Microsoft’s YouthSpark Online Safety for Families: This site provides a variety of resources on ways families can plan and implement changes at their home to protect their data and devices from attack.
RSA Conference Talk: Lance Spitzner Securing the Human: Great talk from Lance Spitzner, about how to understand how students/children use devices. He talks about security, control and trust when using devices in the household.