Virginia Tech® home

Cyber Security Awareness Month

Cyber Security Awareness Month

 

Basics of Online Security

October is Cybersecurity Awareness month! Improve your online experience and increase your security by practicing good online safety habits with these tips and advice.

Personal information is like money; value it and protect it - Pay attention to what information is collected about you through apps and websites. Adjust your privacy and security settings to match your comfort level. Also, check your credit report regularly for unauthorized activity.

Connect with Care - Protect all devices and accounts that connect to the internet with strong passphrases, multi-factor authentication, and/or biometric tools. Limit the use of Wi-Fi hotspots that may not be secure and adjust your security settings for automatic connection features. Use the Virtual Private Network (VPN) if you will be connecting to university resources to keep your communication secure.

Keep a Clean Machine – Making sure you have the latest updates to your software and operating system can be the best protection against online threats. Setting your devices and applications to automatically check for updates is a great way to keep your devices protected.

For more tips and advice check out StopThinkConnect.org. Also, feel free to save and share the Online Security Basics tip sheet available in the sidebar!

Password Management

Managing your passwords can be a daunting task; there's so many different ones to remember!  Here are a few tips to help make the whole process easier AND safer.

  • Use a passphrase instead of a password. A 20+ character combination of words or short sentence along with the name of the site you are visiting is an easy way to have easy to remember, but complex and different passphrases for all of your login needs. Here is an example:
    • My base passphrase is: RosesareRed&VioletsareBlue#
    • My Gmail passphrase is: RosesareRed&VioletsareBlue#Gmail
    • My Amazon passphrase is: RosesareRed&VioletsareBlue#Amazon
  • Use a fingerprint or biometric scan to sign in when available. This provides an extra layer of protection for devices and apps.
  • Use a password manager or password vault software to help keep track of all your passwords and avoid password reuse. Writing them down and keeping them with you is ok too (in your wallet, for example).
  • Use multi-factor authentication when it is available, especially on important accounts like your email, bank, and password manager accounts. An example of this is Google's 2-Step Verification for gmail accounts.

What to do when you’ve been hacked: quick steps to re-secure your accounts.

First: Change your affected passwords using an unaffected device.

Next, update everything! Update your software plug-ins, apps, and antivirus programs. Run a full scan of your device; quarantine and delete any infected files. If you think any of your identifiable information may have been shared, report the breach to your bank and credit agencies. To be on the safe side, put fraud alerts on your primary accounts.

Remember to back up your files frequently. Consider setting up two separate backups – one on an external drive and one in the cloud. Also, make sure to your Personally Identifiable Information (PII) files are encrypted before backing up.

Finally, get ahead of the hackers – periodically check the Have I been Pwned (haveibeenpwned.com) website to see if your accounts were hacked in a known attack. Identity theft is increasingly common, so it's important to stay vigilant – watch your bank and credit accounts for unauthorized charges, and be proactive in looking into any suspicious charges.