Digital Security Basics
Table of Contents
It is important to keep your computer and information as safe as possible while using the internet. Secure passwords will reduce the chance of someone can hacking your accounts, backup storage will make you less vulnerable to ransomware, and being aware of malware and phishing threats will help prevent personal information from being leaked.
Passwords
Good passwords that you change over time are important. If you reuse passwords that are easy to guess, past hackers of your previously used accounts can still compromise your other accounts. Some general tips for password creation are:
- Don’t use dictionary words, pets’ names, birthdays.
- Include capital and lowercase letters, numbers, and symbols.
- Change your passwords often.
- Avoid having your browser save your password.
- Use different passwords for different sites, especially sites that are important to you.
In addition, don't forget to be cautious about security questions. If a website asks you for security questions, do not provide answers that would be easy for someone to determine by looking at your social media (such as pet or family names, birth dates, former schools, etc.)
Password Managers
Having a different password for every account that you change at least once a year can be difficult, especially if they are strong passwords that don't use words. One of the best ways to have password security is to use a password manager. Password managers are programs that store your passwords in a secure place and can be opened with one master password. They can make it easier to manage a large number of complicated passwords and harder for others to hack into your online accounts.
KeePass
Because KeePass stores passwords in a secure database instead of the cloud, it is the only password manager UIUC programs are allowed to use. It is available for free for other users as well. If you only want to access your password manager on a computer, KeePass is a good option.
Other Password Managers
There are many other password managers that use the cloud, which is not as secure but allows you to access your passwords on multiple devices. These managers often have free and paid versions. Which password managers are easiest to use and most secure can change over time. To get the most up to date recommendations, search for "password managers" in Tom's Guide or PC Magazine.
Backups
It is important to have your information available in more than one place to avoid computer accidents, ransomware or problems with an account. You can back up your information physically or to the cloud. Using both methods will ensure that your information is as secure and accessible as possible.
Physical Backup
You can also use flash drives or external hard drives to back up your information to a secure location. This gives you complete control over the devices and you will not lose access to information if a large company's servers go down. They are generally quite sturdy, but can be corrupted if the drives are physically damaged. They are also less accessible than cloud backup, which means that it may be harder for you to get the information if you don't have the devices handy. However, that also means it's harder for others to access that information as well. External hard drives are a good option for long term information storage. It is good practice to take time at the end of each semester to up copy important files onto external hard drives.
Cloud Backup
Cloud backup stores your information to an outside server, allowing you to access your information from any device with an internet connection. It is important to note that cloud servers may be more vulnerable to hackers, but they are better than having no backup. In addition, if you use a cloud server associated with your work or school you may lose access to those files if you leave the organization. Stored files are easy to access, update and share. There are multiple storage options; our students, faculty, and staff have automatic access to Box at Illinois. For more information on file storage, please visit File Storage 101 to learn about your options.
Malware
Malware is intrusive software that enters the computer without the user’s permission, often by masquerading as a legitimate source. Malware silently gathers information like passwords and credit card information. Particularly malicious malware can take over and crash your computer or even an entire network. Common types of malware include viruses, worms, adware, spyware, and trojans.
Update your computer
Companies send security updates with software updates, so keep your computer and programs up to date. Keeping your operating system updated will help to protect you against malwayre. If you have a Windows machine, make sure your anti-virus program remains updated as well.
Be cautious about links and downloads
Whether you are installing new software or downloading files, make sure to check website URLs and ensure that you only download from trusted sources. Even if you are downloading a program from a website you trust, be sure to click the right link because some websites have ads with links to other programs you may not want. If you aren't sure about a link in an email, do not click it. You can always contact the iSchool Help Desk if you have questions about downloading programs for classes, suspicious emails, or links you are not sure.
Use a malware scanner regularly (Windows)
If you use a Windows machine, you should be updating your anti-virus program and scanning your computer with it regularly (we do it about once a month.) If you have Windows 8 or higher, you should have the anti-virus program Windows Defender automatically installed on your machine. If you are running Windows 7, you can download Microsoft Security Essentials for free.
Phishing
Phishing is when someone sends fake communications in an attempt to steal your password, username, or credit card numbers. Phishing tactics include sending an email that looks like it’s from a legitimate source asking you to renew your password, calling from fake charities to solicit donations, and more. Be cautious anytime someone asks for your personal information online and never hesitate to run suspicious emails by the Help Desk.
University Technology Services has some good resources on spotting and reporting phishing emails.
Here you can view an archived list of recent phishing attempts reported by faculty and staff.