Written by Hannah Harrison, Student Digital Champion
In this digital age, where our lives are intertwined with technology, it’s crucial to arm yourself with the knowledge and skills to safeguard your online presence. From browsing securely and using multifactor authentication, to spicing up your passwords and staying updated, the tips in this blog post will empower you to navigate the digital landscape with confidence. So, without further ado, let’s get to it.
Keep tabs on your browsing
Whether researching for an assignment, browsing news articles, or just looking for a recipe to make for dinner, most of us visit many websites every day, but how often do you check the search bar?
The content you look at on the web, the links you click and even the order in which you visit websites can provide information about you, and your interests, that is best not shared. To ensure that all your communications are protected from eavesdropping as they travel between your browser and the websites you visit, it is important to check that all of the sites you are using use ‘HTTPS’ (secure HTTP) rather than just plain ‘HTTP’. Many browsers indicate that a site is secure by displaying a padlock on the left hand side of the search bar, and so quickly checking for this when you enter a new website can really help to keep your information safe. Luckily, most browsers (such as Google Chrome and Safari) will warn you not to enter an insecure web page which asks for personal information such as passwords, as data in unsecured web traffic can be easily nosed into. Of course, using HTTPS only ensures that your web communications are encrypted and so doesn’t provide you with complete protection, but it does make your information much harder to decipher.
Use MFA (Multi-factor authentication)
I’m sure we’ve all experienced the groan after you’ve sat down at your desk, opened up some work only to be prompted to use the authenticator on your phone which is inconveniently on the other side of the room. Maybe this has you wondering whether it’s really worth having at all. However, data provided by Microsoft and Statista indicates that MFA has the power to prevent up to 99.9% of automated cyber-attacks, decrease the number of phishing attempts by 75%, and reduce rates of unauthorized access by 56%1 – so it’s definitely worth the extra bit of time and effort to keep your details safe! You can find more information on setting up MFA on the University website.
Spice up your passwords
I’m sure many of us are guilty of using the same, or variations of the same passwords for different accounts to save forgetting them. However, the foundation of your cybersecurity relies on having strong and unique passwords. In particular, making sure that your passwords aren’t made up of information that can be found online such as pets names and birthdates can make your passwords less guess-able. If you’re worried about forgetting passwords if they are all different, then it’s definitely worth considering using a password manager such as NordPass, which securely stores all of your passwords in one place.
Lock up when you go
Taking a break from work to grab a snack from the vending machine or take a quick stroll can be great for your mental health and productivity, but leaving your computer unlocked whilst you’re away can be dangerous. Although it’s unlikely that someone is lying in wait for you to leave your account open, leaving your device unlocked can give anyone the chance to snoop on your files, mess with your settings or even install malicious software to spy on you, and so it is always better safe than sorry! Even if the result is just one of your friends using your account to post on social media as a joke, there can sometimes be undesirable consequences to having something that you wouldn’t have said under your name online, and it can be difficult to truly delete something once it’s been posted. Locking your laptop or computer whilst you’re away can be done in a few seconds using the shortcut Windows+L on Windows or Control+Command+Q on a Mac, and stops anyone from entering your account without a password.
Keep an eye on your emails
One of the most common types of cyber-crime is phishing. This is where an attacker poses as a legitimate organisation and attempts to persuade the victim to divulge personal information. This type of attack is so common because it is one of the cheapest and easiest attacks for criminals to deploy, and with so much information available about individuals on social media, it is possible to make phishing attempts highly targeted (sometimes known as spear phishing). To keep yourself safe, it is important to trust your instincts regarding suspicious emails; would your lecturer really have sent you a link to a textbook in the middle of the night? Would your bank really ask you to suddenly verify your information via email? According to Proofpoint’s Annual Human Factor Report2 (a paper based on 18 months of their customers’ data), up to 99% of phishing attacks rely on the victim clicking on a link, and so the number one thing you should keep in mind when considering a suspicious email is; don’t click anything! You can also look out for spelling mistakes, check that the sender address matches the one listed on their website and be sceptical of surprising offers. As the common saying goes, if it sounds too good to be true, it probably is.
Social Media Privacy
Having personal information available online gives criminals the opportunity to make much more sophisticated and compelling attacks, as putting you at risk of identity theft. Although sharing online can be fun, it is important to take control of your social media privacy settings to limit the amount of personal information visible to others, and consider only sharing personal posts with friends and family. It can even be a good idea to have separate accounts or profiles for sharing your life, engaging with strangers, and sharing thoughts publicly so that you can still do everything you want to on the internet without giving away too much information.
Back up your data
Regularly backing up your important files and documents to an external hard drive or cloud storage provider such as OneDrive protects your data from unexpected events like hardware failures or accidental deletion, as well as ransomware attacks. A ransomware attack is a type of malicious software that threatens to publish the victim’s data or permanently block access to it unless a ransom is paid off. These attacks are often targeted at universities, and it is estimated that around a third of UK universities have been targeted with ransomware within the last 10 years3. Therefore having additional copies of your files can be a lifeline if you become a target.
Stay up to date
One cybersecurity tip that is often overlooked is regularly updating your software, web browsers and operating systems. Updates often patch over security concerns and vulnerabilities identified by the developers, and attackers can exploit these weaknesses. These kinds of attacks have affected companies as large as Facebook and Amazon, and so allowing update notifications and installing them as soon as you can is vital for keeping your information safe.
Digital practices and software are ever evolving and so there are always new avenues for attackers to exploit. While you can never be 100% safe from cybercrime, keeping these 8 tips in mind can significantly decrease your risk, while you navigate the digital landscape with confidence and peace of mind.
Useful links
- There is Cyber Aware guidance from the University’s Information Security team.
- Information on password managers.
- More information on Phishing and Scams.
- The IT self-service site, where you can report suspicious or strange messages.
- Read our Appinions blog post that focuses on security.
References
Gitnux. (n.d.). The Most Surprising Multifactor Authentication Statistics And Trends in 2023. Retrieved from Gitnux: https://blog.gitnux.com/multifactor-authentication-statistics/#:~:text=The%20statistics%20presented%20in%20this,unauthorized%20access%20rates%20by%2056%25.
Network, U. (2023). A Third of UK Unis Hit By Ransomware In Last 10 Years. Retrieved from Urban Network: https://www.urbannetwork.co.uk/a-third-of-uk-unis-hit-by-ransomware-in-last-10-years/
Proofpoint. (2023). Human factor report 2023. Retrieved from Proofpoint: https://www.proofpoint.com/us/resources/threat-reports/human-factor