There are many new scams and exploits being released every day. Being aware of good security practices can make you less vulnerable to these scams.
Here are our top ten tips of being safe online:
Create Complex Passwords & Make sure your U of G password is never the same as any other password
Make sure the passwords you create are complex (at least 8 characters) and never share them with anyone. Change your password from the default one assigned to you as the default password can be cracked by the average desktop PC is only 15 hours. Simply adding two characters to your password takes this up to 6 years to crack. Using the full 14 characters available would keep a hacker waiting 98 million years to get in to your account! The password you were assigned is not as secure as you think, so why not secure it now? https://www.uoguelph.ca/ccs/apps/password/change/
With the recent number of compromised web services we also highly recommend that you never use your U of G password on other websites. If your account becomes compromised, change your password and do not reuse your old password.
Top Tip: Try and make your password something easy to remember but difficult to guess, include upper and lower case letters as well as numbers and never tell anyone your password.
Password Protect Everything & Never leave your devices unattended- theft happens!
An unattended device is a theft just waiting to happen. It only takes a few seconds for a thief to steal your smartphone, laptop or tablet when you leave it unattended. All these devices can contain sensitive personal information. It is important to set a login password for all your devices, so in the unfortunate event that one is stolen; the data on them is secure. On many mobile devices password protecting actually triggers encryption on the device, adding yet another layer of security, making personal information unreadable and unrecoverable by anyone who does not know the password.
For your computer a password adds a basic defense against unauthorized access, but if you are storing sensitive information a password is not enough, and a skilled thief could easily crack your password, and so encryption is recommended.
Top Tip: Don’t use the same password on multiple accounts because if one of them gets compromised all your accounts are vulnerable. Treasure especially your UofG Central Login Account and password.
Don’t Open Unknown Email Attachments or Links
If someone emails you an attachment and you were not expecting it, do not open it, as even a PDF file can hide malware inside.
Never click any unknown links in emails, they may not lead where you think. If in doubt visit the site mentioned directly (by typing the address you know to be correct into your browser), and check your account information from there.
The University will never email you to tell you that you require an account upgrade, verification or migration. As long as you are a student here, you will have an account whether you check your email or not.
Top Tip: If in doubt, hit the “Preview” button within Gryphmail to view the attachment contents without loading any potentially malicious parts.
Always Use Secure Wifi Networks
Using uog-wifi-secure on campus protects your internet connection from potential eavesdroppers.
Connecting to open, public WiFi networks, your data is not protected and can be easily snooped and viewed by others on the network.
Top Tip: If you have more questions or need help connecting to uog-wifi-secure, visit the IT Help Desk on the library's first floor or email email@example.com
Use Privacy Settings on Social Media
Make sure to use privacy settings on all your social media accounts so you don't share your private information publicly, you never know who may end up with this information. This includes where you go to school, your mother’s maiden name, your home town, etc. Your personal information is often used by criminals in theft, phone scams, or other attempts to separate you from your cash.
Top Tip: For a quick test, sign out of your social media account and Google your own name, and assess what information comes up. The information you see is available to everyone, potential employers, professors and criminals.
Always Log Out
When you are finished using an online account, simply log out. If you do not log out you may be allowing others to access your information through your own account.
Top Tip: Closing your browser does not always end your session. To be sure, always log out! If there is no obvious means to log out, close your browser and shut down or restart the computer.
Courselink Online Security Course
The IT Security office, in partnership with WISE and the Canadian University Council of Chief Information Officers, has created a short online security course designed to educate users on security awareness and good practices in order to have a safe and secure online presence, to inform you on your role and responsibilities as a user of the University infrastructure, as well as help you to understand the purpose and logic behind the security policies at the university. This course takes approximately 1 hour, and includes quizzes to test your knowledge at the end of each module.
You can access the course by logging into courselink:https://courselink.uoguelph.ca.
Always update your software
Software updates, or “patches”, are released by vendors and can contain bug fixes and product enhancements. More often than not, however, they contain fixes for security vulnerabilities. These fixes stop would be attackers from exploiting a bug in the software. It is important to allow updates to install when prompted, and where possible, have auto-updates enabled. The farther behind your device is with updates, the more likely it is that it is vulnerable.
Use Anti-Virus Software - Malware = Malicious Software
Using an Anti-virus will protect your machine from getting infected if you download malware accidentally. Anti-virus software should be considered a last line of defense, and will not protect against poor computer security practices, this is because an anti-virus can only protect against known viruses. Mac computers should also have an Anti-virus installed, as they are vulnerable to virus infection as well.
Top Tip: McAfee is offered free to University community members the CCS Software Distribution service. To read more or download the software, check here:
Download from Trusted Sources
Make sure to check the feedback from others before installing new apps or programs. When looking for mobile applications do not slide load applications or jail break your device. Always download from the official app store, and check reviews and permissions before installing applications. On computers, when possible download the software directly from a trusted source, such as an official distribution page, or a well-known software repository. Always be wary when installing and fully read all install pages to make sure extra toolbars and programs are not installed.
Top Tip: Any site offering an expensive piece of software for free is likely not legitimate, many browsers will give you a warning when visiting a problem site – heed the warning!