UNH Campus Journal
UNH  |  Calendar  |  Storm/Emergency
Home | Archive | Subscribe/Unsubscribe Contact

Cyber Security Tips for All of Us

By Scott Valcourt, CIS
October 17, 2007

[ed. Note: October is Cyber Security Awareness Month. For a list of related events taking place Thursday, Oct. 18, go to http://cis.unh.edu/index.cfm?id=F94A7FA5-0066-404F-03E5F10176DF2B88 ]

As a longtime fan of the former NBC situation comedy “Cheers” I often long for the face recognition that the character Norm received every time he entered Cheers. In today’s fixed and mobile computing world, to be as well-recognized as Norm may not be such a good thing, especially if personal data is unknowingly being readily broadcast by your trusty computer. With so much of our everyday world interfacing with computers, there are many things that we can do to protect ourselves from personal data loss.

First, understand the risks involved in computer usage. I recall learning to drive a car and watching the scary videos of accidents that were the result of improper driving habits. For both a bit of humor and good lessons on cyber security in everyday computer usage, check out the winners of the 2007 EDUCAUSE Security Video Contest at URL: http://www.educause.edu/SecurityVideoContest2007/13549.

A variety of issues are presented such as dealing with passwords, Web site and e-mail scams, and virus protection. Knowing that some things are easily and safely done online while other tasks are best done in person will go a long way to protecting yourself from attack.

Second, take steps to ensure a secure visit on the Internet. When asked for contact information from a Web site, such as an online retailer or an online marketing page, examine the privacy policy, usually found on a link on the bottom of the Web site.

Know how the retailer will be using your information. Avoid providing your birth date and social security number on Web sites to minimize an attacker from easily acquiring data about you and hijacking your identity.

Check to see that the online transaction is being encrypted. Many Web sites use secure sockets layer (SSL) encryption to transfer sensitive data, and a small padlock icon on the bottom right side of your browser or the header in the address text box (Figure 1) of https:// is a good indication that SSL certificates are being used to encrypt your transaction. Those transactions that are not encrypted can be viewed by attackers using sniffing software on the network, making your personal data vulnerable.

Third, pay attention to e-mail senders and recipients in your e-mail client. Any address in an e-mail summary listing that is unknown to you may, in fact, be an e-mail containing a virus or spyware and merely opening the message using Microsoft Outlook, Eudora or Thunderbird will cause that message to infect your system.

While some of the e-mail jokes that get forwarded can be really humorous, a Trojan horse may be attached, waiting to wreak havoc on your computer. And even if you do receive an e-mail message from an account that looks somewhat familiar to you, never e-mail critical personal data in a message, such as birth date, social security number, account passwords, bank account numbers and other identifying information. These e-mail messages are designed to trick you into revealing this information in the hopes that you will tell all, a practice known as social engineering.

Finally, use your computer in a safe environment. Install anti-virus software and turn it on. UNH students, faculty, and staff have free access to McAfee Viruscan at http://virus.unh.edu .

If you are connecting to the Internet, be sure that you are behind some kind of firewall on the network. UNH campus networks are firewalled from the Internet to keep out many attackers. However, when at home or traveling, be sure that the network is secure.

Disconnect your computer from the network when you are not using it and turn on the personal firewall that many operating systems, such as Microsoft XP and Vista, offer as part of the standard software distribution.

The United States Computer Emergency Readiness Team (US-CERT) routinely reminds users on its Web site and via a regular e-mail update list about common computer security exploits that are discovered. A good source for a wealth of cyber security tips beyond the tips suggested here can be found on the US-CERT web site at URL: http://www.us-cert.gov/cas/tips/.

By following these few simple steps and being aware of your Internet surroundings, your personal information can stay as personal as you can keep it. And when someone recognizes you, it will be because everyone knows your name and not all of your personal data associated with it.

Scott Valcourt is the director of IT project management and consulting services at Computing & Information Services.


email this page!

We welcome your story ideas, letters, photos, notable events, achievements, obituaries and/or memorium.

If you would like to submit an item, please contact the Editor at 862-1567.

Deadline for submissions is Tuesdays at 4 pm.

SHARE
Print this article Print
Email this
Subscribe
 Facebook

UNH Home | UNH News | Manage Your Subscription | follow UNH News on Twitter!
Campus Journal is produced by
UNH Media Relations
8 Garrison Ave., Durham, NH 03824
University of New Hampshire