SDSU Security Awareness Month
Held every October, National Cybersecurity Awareness Month is a collaborative effort between the National Cyber Security Alliance and industry partners to raise awareness about the importance of cybersecurity. The campaign is designed to ensure that all Americans have the resources they need to be safer and more secure online.
As part of this collaboration, SDSU is launching a month-long program to create awareness about cybersecurity. Each week in October, we will send you an e-mail with information and tips from leading cybersecurity organizations on protecting you, your family and coworkers online. Our goal is to help you make the most of today's technology... safely and securely.
Our weekly themes are as follows:
- Week 1 — B4U... Login: Protect your username and passwords
- Week 2 — B4U... Post: Beware of what you share online
- Week 3 — B4U... Click: Be alert to phishing attempts
- Week 4 — B4U... Go: Consider a career in cybersecurity
Cybersecurity requires vigilance on behalf of all of us. No one is immune to threats from cyber-villains, but with proper precautions and a bit of advance effort, we can all protect ourselves from online dangers.
B4U... Login: Protect your username and passwords
B4U Login... Don't Get Tricked: Treat Your Password with Care.
It may be the season of spine-tingling surprises, but when it comes to digital disguises, there's nothing scarier than discovering someone has been masquerading as you.
Protecting your online credentials is paramount for keeping your identity secure and preventing villains from potentially sucking your financial accounts dry. This is especially true of your SDSUid credentials, which provide access to a wide variety of services for students, faculty and staff.
When it comes to fending off cyber-vampires, the most important weapon in your arsenal is a strong password. Follow these tips when you create a password, each and every time.
- Consider using a passphrase instead of a password. A passphrase is three or more words grouped together and used as a password. Your passphrase should be simple, memorable, and use as many characters as the system will allow. Try to also incorporate symbols to make it harder to guess. Example: #Tran$ylvanianPr!de4Ever.
- Create a unique and strong passphrase for each account and each device.
- Use a password manager program to keep track of your passwords.
- Take advantage of two-factor authentication, if available. An example of two-factor authentication is a system that requires you to enter both a password or PIN and a biometric fingerprint.
- Use a password or passphrase that can be easily guessed. Example: password, 1234, etc.
- Answer security questions in a way that can be easily guessed by looking through your social media or other online information about you.
- Reveal your passphrase to anyone.
- Enter your passphrase while using someone else's computer.
B4U Post... Beware of What You Share Online
The best time to lose your head? Halloween night, obviously (lots of spare Jack O'Lanterns lying around).
The worst time to lose your head? Any time you're about to post or share personally identifiable information.
Your personal information is any information that an online thief could use to steal your identity or gain access to your financial information. You'd have to be out of your gourd to post your social security number online, but thieves are clever and know how to carve up information to use it in ways you might not suspect. It's important that you take the following safety precautions to protect yourself — before it's too late.
- Ask questions before you share information at your school, workplace, a business, or a doctor's office. Why is the information needed? How will the information be used? How and where will it be stored and safeguarded? Who will have access to it? What are the consequences of not sharing?
- Safely store your personal information — especially your Social Security Number — on all devices, only share your devices with people you trust and store your devices in locked areas when you're not using them.
- Securely erase data or destroy devices when they are no longer in use.
- Keep your browser secure. To guard your online transactions, use encryption software that scrambles information you send over the internet.
- Look for the "lock" icon on the status bar of your internet browser before you send personal or financial information online. The lock means your information will be safe when it's transmitted.
- Choose security questions with hard-to-guess answers, or use answers that don't match the question.
- Avoid sharing too much about yourself online. An identity thief can use this information to find out about your life, answer "challenge" questions on your accounts, and gain access to your money and personal information.
- Never share personal information on the phone, through the mail or over the Internet unless you've initiated the contact or know who you're dealing with.
Don't be a pumpkin-head: take precautions with what you share online, today and every day.
B4U Click... Don't Take the Bait: Think Twice Before You Get Hooked by Phishing
We commonly refer to it as "cyberspace" but a more apt term might be "cyberswamp."
The online world is full of criminals dangling enticing bait in the form of legitimate-looking e-mails, links and attachments, just waiting for unsuspecting victims to click and fall for their ruse. These denizens of the Deep Web are after one thing: your sensitive personal information. Universities in particular are often the victims of sophisticated cyber attacks geared toward extracting information or installing malware onto the computers of faculty, staff and students, where it can spread like black mold across the system.
These e-mails are sent to the masses, with the hope that just a few of the thousands or millions of recipients will fall victim. These targeted attacks take advantage of personal and professional relationships, organizational hierarchies and human curiosities. They pose a unique threat, as their high level of customization can lead them past even the best technical controls.
Here's what you can do to keep criminals from sinking your credit — and your credibility.
- Think before you click. Be cautious about opening attachments, even from trusted senders.
- Report suspicious e-mails to [email protected]. Don't just delete or ignore them — if you've been targeted by a phisher, chances are others you know have been as well.
- Provide your contact information in e-mails you send so that you can be contacted if your recipients have questions.
- Visit Phishing to learn more.
- Send passwords or sensitive information over e-mail.
- Click on "verify your account" or "login" links in any e-mail.
- Click on links and attachments in suspicious e-mails, texts, or social media messages.
- Reply to suspicious e-mails.
- Be embarrassed if you get snared, and don't try to fix it yourself. Alert the appropriate IT personnel immediately and they will help you.
B4U... Go Consider Suiting Up for a Job in Cybersecurity
Every horror story has a hero, but when it comes to quashing cyber-criminals and conquering the denizens of the dark Web, who will the world turn to?
The answer is, quite possibly, you.
With incidences of cyber-attacks on the rise worldwide, careers in cybersecurity are exploding faster than (you guessed it) a speeding bullet. In San Diego alone there are more than 150 firms focused on cybersecurity, with more than 58,000 technology specialists calling San Diego home. Nearly half of these companies do business internationally, and 75% of the firms recently surveyed expect to grow their cyber employment over the next 12 months.
Even better: SDSU offers a graduate program in Homeland Security, including a number of courses in cybersecurity. More than 3,200 cyber-related degrees are conferred by San Diego's academic institutions each year.
There has been no better time to fight for truth, justice and the Internet way. You, too, can bask in the glory of a career that lets you be the hero from the comfort of your own computer chair (just don't muss up your superhero cape). See Cybersecurity in the San Diego Region for more information.