One of our student workers at the RIT Information Security Office shared this security awareness video from YouTube.
What do you think of it?
I’ll be speaking at the following events this winter and spring. Watch for my presentation materials on SlideShare.
January 9: HEISC (Higher Education Information Security Council), Town Hall. Recording available.
January 30: Bullet Proofing Your Career Online (with Hannah Morgan, @careersherpa), ABCPNG (Always Be Connecting Power Networking Group), First Unitarian Church, Rochester, New York
Description: What are the 10 key steps to building and securing your online reputation? A security professional and a career sherpa provide their perspectives on how to create an online presence that enhances and promotes your career safely and effectively.
April 23rd: Bullet Proofing Your Career Online (with Hannah Morgan, @careersherpa), STC Rochester Spectrum Conference, Rochester Institute of Technology, Rochester, New York
April 24th: Leadership Day, STC Rochester Spectrum Conference, Rochester Institute of Technology, Rochester, New York
Facilitating the event and the panel discussion
May 17: Engage! Creating a Meaningful Security Awareness Program (with Cherry Delaney, Purdue University), EDUCAUSE Security Professionals Conference 2012, Indianapolis, IN
Abstract: This session will help attendees identify available resources and tools and determine the steps needed to create an engaging security awareness program. We’ll share how to integrate social media, video and other resources in an effort to reach a variety of audiences. We’ll also discuss how to leverage security incidents to create opportunities for engagement with your community. We’ll conclude the session by helping you plan a series of targeted activities for a high profile event such as the National Cyber Security Awareness Month.
May 20: Communications Liftoff! Rocketing your Community to the Stars, Leadership Day progression, STC Summit, Rosemont, IL
May 21: Bullet Proofing Your Career Online (with Hannah Morgan), STC Summit, Rosemont, IL
May 23: Shockproofing Your Use of Social Media 2012, STC Summit, Rosemont, IL
Did you know you’re a target every time you go online? Did you know that cyber criminals are targeting social networking sites? Do you know how to recognize a phishing attempt? Following these tips will help make your use of social networking sites safer. (Unfortunately, there’s no way to guarantee that you can use them safely.)
It’s important to use strong passwords because automated “cracking” programs can break weak passwords in minutes. At a minimum, you should use 8 characters (preferably 15 or more), mixing upper and lower case letters and numbers. Many websites also allow the use of longer passwords and special characters. Incorporating special characters into your password will make them more difficult to crack. You’ll also want to use different passwords on different accounts. Using a password safe such as LastPass will help you manage these passwords by generating strong passwords and then supplying them when needed.
Attackers take advantage of vulnerabilities in software to place malware on your computers. Keeping up to date with patches/updates helps thwart attackers from using “exploits” to attack known vulnerabilities. It’s important to keep both your Operating System (Windows, Mac OS, linux, etc.) and your applications (Microsoft Office, Adobe, QuickTime) patched.
It’s a good practice to follow the requirements of the RIT Desktop and Portable Computer Security Standard on personally-owned computers. Among other elements, the standard requires use of a firewall, antivirus, and anti-spyware programs. Many security suites contain all of the elements needed to protect your computer. (Your Internet Service Provider may also provide security software.)
You’ve all seen phishing attacks. They’re typically emails that appear to come from a financial institution that ask you to verify information by providing your username and password. Never respond to these requests. Your financial institution should not need your password.
Don’t post personal information (contact info, class schedule, residence, etc.) A talented hacker can see this, even if you’ve restricted your privacy settings! Don’t post potentially embarrassing or compromising photos. Be aware of what photos you’re being “tagged” in—don’t hesitate to ask others to remove photographs of you from their pages.
Did you know that most employers “Google” prospective employees? Have you seen the stories of people’s homes being burglarized because they’ve posted their vacation plans online? Many people other than your friends use these sites.
You can’t really tell who’s using a social network account. If you use Facebook, you’ve certainly seen posts by your “friends” whose accounts have been compromised. Don’t feel like you have to accept every friend request, especially if you don’t know the person.
Have you ever done a “vanity search?” Put your name in a search engine and see what it finds. Did you know that Google allows you to set up an Alert that will monitor when your name appears online? Setting this up with daily notifications will help you see where your name appears.
Identity thieves can put together information you share to develop a profile to help them impersonate you. Be especially careful of Facebook applications. They may collect information that they sell to marketing companies or their databases could be compromised. Do they really need the information they’re requesting?
Default settings in most social networks are set to sharing all information. Adjust the social network’s privacy settings to help protect your identity. Show “limited friends” a cut-down version of your profile. Choose the strongest privacy settings and then “open” them only if needed.
It’s been a little less than two weeks since the Society for Technical Communication Summit in Sacramento ended. Summit was an intensive four day immersion in the multifaceted profession of technical communications. I wanted to share what I found really important about the event, before the memories fade. I’ll start unpacking my takeaways here and in future posts.
I hope you’ll take the opportunity to discuss what I’m unpacking and share what you unpacked when you got home by commenting on this post!
Here’s my Top Ten list of takeways:
[twitter-follow screen_name=’benwoelk’ show_count=’yes’]
Rob Cottingham had done an earlier cartoon on the subject as well:
I can only wonder what the next cartoon will be.