Hi, I’m Ben Woelk. I’m the Policy and Awareness Analyst in the RIT information Security Office. Part of my role is to build a culture of security awareness. Today we’re going to learn about Shockproofing Your Use of Social Media. In other words, how to stay safe online.
Does anybody see anything wrong with this picture? Here’s the problem, Everyone is a Target. Identity theft is big business. It’s not done by hackers sitting in their basements. Well maybe some of the people committing identity theft are hackers in their basements, but they’re funded by organized crime.
Here’s the big problem: You can’t rely on others to protect you. You need to learn to protect yourself. That’s what this presentation is all about—giving you ten tips to stay safe online.
Tip #1: Use a Passphrase. We’ve all heard about passwords. I want you to start using passphrases. Passphrases are long, but easier to remember than a password. Length is more important than complexity. Throw in some numbers and capital letters and the phrase on the screen becomes ItwasaDark215andStormyNight. Easy to remember.
You may want to use a Password Safe or Vault. Two good ones are Password Gorilla and LastPass, a browser plug in. The vault generates long complex passwords and stores them. You protect your password safe or vault with a long passphrase. When you visit a website, LastPass will supply the password you need to log in.
Tip # 2: Stay up to date. Attackers exploit vulnerabilities in software. Software vendors release patches to address these vulnerabilities. We all know that we need to keep our operating systems up to date. You also need to keep your applications up to date. Make sure you’ve turned on auto update.
Tip #3: Use Protection. No, there’s no such thing as an iCondom. However, one of the best ways to protect your computer is to use layers of security. Use anti-virus, a firewall, and anti-spyware. Mac users need antivirus and need to make sure your firewall is enabled. And don’t forget about your mobile devices. They’re starting to become more and more of a target.
Tip #4: Recognize Phishing and scams. Many of you met Phishy at move in. Phishy is here to help raise our awareness about phishing. It’s pretty basic. Never respond to email requests for your password. (Or over the phone)
You want to keep your private things private! Don’t post private things online, especially on social media. This poster was created by a student at RIT. Like it?
Tip #5: Use Social Networks Safely. Don’t post information about where you live or where you’re going to be on Facebook or Twitter. Yes, it’s rare, but if you have an open profile on Facebook or you’re using FourSquare and tweeting your whereabouts publicly, you’re putting yourself at risk.
Watch out for phishing on social networking sites. How many of you have a friend whose profile has been compromised because their password was hacked? Have you revealed enough information about yourself that someone could steal your identity? Can they figure out your mother’s maiden name?
Tip #6: Remember who else is there. Employers will try to find out as much about you as they can online. They may try to access your social media profiles. There was a court case this month, where the court decided that what you post online is not protected. Think before you post about the image you’re portraying.
Don’t post inappropriate photos. Untag inappropriate photos of you your friends post. Would you hire this guy? People WILL judge you by what you post online. Think before you post! Clean up your profiles now.
Tip #7: Be wary of others. How do you know the person claiming to be 19 years old isn’t a 40 something who’s masquerading as someone else? How do you know he or she isn’t a wolf in sheep’s clothing? Be careful.
Tip #8: Search for your name. Set up a Google Alert in Google Dashboard to let you know every day how your name is appearing online. You can set up a search for anything. So if there’s something you want to track online, set up the alert.
Tip #9: Guard your personal information. Wouldn’t you like to have a guard dog like this protecting your information? Hmm. Maybe not. Protecting your personal information hasn’t been a big deal for you so far. It will be as you develop a credit history.
Tip #10: Don’t assume privacy. In fact, assume that anything you post online is going to stay private. Think before you post about how information can be used. Do you want Facebook or anyone else tracking everything you do?
Remember. You’re the first line of defense. You’re the one that will notice if things aren’t right. Maybe your computer is running slowly. Maybe you’re receiving strange communications from somewhere. Do something about it. Run a scan. Call the Help Desk.
Finally, practice Digital Self Defense. Follow up on Facebook and Twitter. Like us on Facebook before the end of September and you’ll be entered in a drawing for a $100 Barnes and Noble gift card. Thanks for listening. I’m Ben Woelk and I hope you have a great time at RIT.
Shockproofing Your Use of Social Media (professional development progression)
Everyone is a target Organized crime funds the attacksAwareness isthe key
TIP #1 It was a dark andUse a stormy nightPassphras becomese ItwasaDark215andStormyNight Length > complexity