Practical data security for the connected student.
Every September thousands of new and returning students just like you are arrive back on campus at McMaster ready for another year of learning and fun. You’re ready for the excitement of a new year, courses are selected, residence has been sorted out, and even your cell phone is fully charged! You are ready! Or are you? In all the excitement of planning for a new school year did you remember to renew your virus scanner on your computer? What about your passwords – when was the last time you changed one of those? Data security is not sexy, but it is important. Here are five easy tips that will help you get set for a safe computing semester:
- Update that virus scanner and spam detector. Let’s face it your buddies are going to send you files, links and all sorts of mail you should not open. Since they are your buddies, you’re going to open that mail and if you don’t have good protection it’s going to take a lot more than a shot of penicillin to make things right.
- Free Wi-Fi can be expensive. But you just moved in to your new apartment and wow there’s like a gazillion open Wi-Fi networks! Forget paying the phone or cable guy, you’ve struck gold. You’ve probably already learned the lesson before you started university that nothing in life is free. If you use an open Wi-Fi network, you have no idea what you are connecting to or who is watching. Free or open Wi-Fi risks people stealing your e-mails, watching the websites you visit, or even recording your chats and stealing your photos. Pay the money and lock down your own private Wi-Fi network.
- Don’t share your passwords. There is no need to. You need to share data with a classmate? Use dropbox or some other cloud storage and give those people access to only the things they need. Since we’re already talking about passwords, make them unique. Imagine you borrow a buddy’s tablet to check your social media. Unfortunately your friend didn’t follow rule one, and there is a password sniffer on his tablet. Now some bad guy has your name and your favourite password. A quick web search or two and he’ll find your e-mail and all sorts of other stuff. If you have one password, bad news for you, you just ordered a metric boat load of fake Pokémon cards out of Cincinnati.
- You know that e-mail from the “cousin” of your neighbour’s long lost aunt offering you a billion dollars? Don’t open it! Instead, you should listen to your inner Admiral Ackbar… “It’s a trap!” Phishing attempts are getting really convincing. The RCMP, all the major Canadian banks, and even Canada Post, have all been forged in very well designed fake emails and websites intent on ruining your day. Always verify the links you click on go to the places you think they are taking you. Watch for weird and long addresses, or anything funky. If in doubt, go to the website in question directly without using the link in the email and then navigate to where you were expecting to go on your own. Phishers will create elaborate fake sites that will skim your logins and then forward you to where you expected to go. If you’re not watching the addresses you are clicking on, you might never know you’ve been duped.
- Finally feed your inner narcissist. Google yourself every so often and see what the web says about you. Keep an eye out for social media sites that you don’t remember using. Watch for message postings with your name in them. Look for anything that might suggest someone else is using your identity. Be vigilant.
As the new school year gets underway, don’t get caught unprepared for life as a connected student. Be aware of your electronic surroundings, back-up those files, and remember no professor will believe your dog deleted your cloud storage.
Ken Owen is a DeGroote PhD student who studies information security and the role of hackers in our society.