Staying safe – it’s a team effort!
There’s an old adage that suggests if something is too good to be true, it probably is. With October being National Cyber Security Awareness Month, what better time than now to share with you a few tips that we have found successful in combatting identify theft, phishing attacks, and viruses.
So what’s so important about Cyber Security Awareness? It helps each of us understand our roles and responsibilities, the organizations information security practices, and empowers us with knowledge regarding the many tools, services, and controls as a part of protecting our information resources .
Your Tool Belt
Here’s what YOU can do…and the good news is, you don’t need a Computer Science degree either. Regardless of what computer, application, or browser you are using, security software is a must. The University currently provides all students, faculty and staff with the Trend Micro anti-virus product. Take a quick look to ensure the software is running and is up-to-date.
Use common sense! If you receive a message that suggests you are about to inherit millions, but you must act now…be concerned and trust your instincts. Remember…if it seems too good to be true, it probably is. As Peter Cassidy, Secretary General of the Anti-Phishing Working Group suggests, “This is not a technical issue; it all happens between your ears. ” Avoid using links embedded in an e-mail or instant messaging, and delete e-mail messages or other electronic solicitation that asks for confidential information. Last, be mindful of the web sites you visit. What may seem harmless and innocent at the time could be a minefield of viruses and/or malware just wanting to make a home on your computer and our network.
Doing Your Part
Common sense goes a long way. Avoid writing down passwords and make it a practice to change them frequently. Moreover, it is considered a best practice to not recycle or reuse passwords. A strong password should consist of at least eight characters, numbers, capital letters, and special characters.
Read and understand university policies such as the Information Security Policy (EWU 203-01) and the Information Policies and Procedures (240-040). Cindy Brodie, author of The Importance of Security Awareness Training suggests that one of the greatest threats to an organization’s network comes from within; often an employee who is unaware or uninformed . As a consumer of the university’s systems and network services, you can create awareness for information security by doing your part – reading and adhering to policy; being mindful of e-mail scams and websites that collect sensitive information or infect computers and networks; and reporting concerns or incidents to the Office of Information Security at email@example.com. NCSAM Resource Kit. (2011, September). Retrieved September 2011, from Information Security Guide: https://wiki.internet2.edu/confluence/display/itsg2/NCSAM+Resource+Kit  Brodie, C. (2008, June 30). The Importance of Security Awareness Training. Retrieved September 2, 2011, from SANS Institute: http://www.sans.org/reading_room/whitepapers/awareness/importance-security-awareness-training_33013  Fisher, S. (2010, October). Stop. Think. Connect. The Costco Connection, pp. 26-27.