Top Security Practices for Students (and Fac/Staff)

  1. Antivirus. Antivirus has been around for a long time and although no antivirus provides absolute protection against all malware, running any reputable antivirus program is better than nothing. This is true even for Macs. Microsoft Defender is available for free with all current versions of Microsoft Windows. There are several good free, freemium, or low-cost antivirus services available. St. Olaf uses and can recommend Malwarebytes. It can be run full-featured for 30 days for free. To use it beyond 30 days requires a low-cost subscription at your expense. The college does not provide this software to students yet. If you require further recommendations, particularly for free options, consider AVG or AVAST. Legacy vendors like Norton, McAfee, Symantec, and Trend are all still worthy of consideration. And although traditionally antivirus has had a bad reputation, vendors have generally improved their products dramatically over the years.
  2. Keep Your Browser Locked Down. So much of our time online is spent in a web browser, and because the browser stands between you and the sites and services you consume, you should keep your browser as secure as possible.        
    1. Keep your browser up to date. Turn on automatic updates whenever possible.
    2. Do not install untrustworthy plug-ins and uninstall browser plug-ins that you no longer use or need.
    3. Do install a security plug-in that will protect you from online threats. Malwarebytes offers a free plugin for Chrome, Edge, and Firefox browsers that protects against threats specifically coming your way via the browser.
  3. Keep Your Software Up to Date. Software updates don't only provide new features, they often also supply performance improvements, and importantly, security fixes. Update the operating system for your computers and phones as often as updates are released. This is true also for the applications that run on your devices and also your other electronic devices like game consoles, wireless routers, smart speakers, WiFi light bulbs, etc. Turn on automatic updates whenever possible.
  4. Identify and report phishing.  If you suspect an email message is phishing--attempting to steal your username and password or attempting to defraud you in some way, report it. The best and easiest way to phishing is to use the “Report phishing” menu item in Gmail. This will immediately notify the information security officer and email administrators. It will include all the information they need to investigate and take any appropriate actions--actions like deleting the messages, blocking the sender, and notifying any other recipients who may have been duped by the phishing message.
  5. Don't torrent, just don't. There are legitimate uses for BitTorrent, like downloading open-source software. If this is how you use BitTorrent, fine. However, most use BitTorrent to illegally share or download copyrighted materials like music, movies, television shows, and software. Illegally sharing or downloading copyrighted material is a violation of the college's acceptable use of technology policy. Violations can result in disciplinary action and loss of network access privileges. It is especially important not to torrent software. Installing software from a disreputable source is exceptionally unwise. Torrented software is a well-known vector for Trojans, viruses, and malware.
  6. Use Eduroam. For a variety of reasons, Eduroam is the most secure option for users with a St. Olaf login.
  7. Use MFA everywhere. St. Olaf requires multi-factor authentication for accessing most sites and services. It is a good idea to turn on multi-factor authentication for your personal accounts whenever possible, particularly your financial and shopping accounts, but also your email accounts, and your social accounts. MFA will keep your personal data safe and protect your bank accounts even if your password is compromised.
  8. Exercise good password management.          
    1. Don’t share passwords between apps. Use a unique password for each application, website, or service. If you share passwords between sites and services, your password, and therefore your data, is only as safe as the weakest site.
    2. Use long, strong passwords or passphrases. Long passwords are mathematically more secure than short complex passwords.
    3. Use a password manager. Security professionals agree that the benefits of using a password manager outweigh the risks. St. Olaf uses and can strongly recommend LastPass. However, there are other reputable vendors in this space including Dashlane, 1Password, and Keypass. 
  9. Back up files and data regularly. Set up automatic backups of your device and store the backup to a cloud service or external hard drive. A reliable backup is your best defense against ransomware.
  10. Use Care with Social Networks. Social networks can be a useful and fun way to connect with and stay in touch with friends and family. However, they also present risks to your privacy. Ensure that your privacy settings are set in the way that you desire. Consider viewing your online profiles, unauthenticated from a browser window in incognito mode to make sure that only the information you want is available to the general public. Avoid games, quizzes, and surveys that are often designed merely to mine you for personal data or harvest information from your profile. Similarly, only connect with people you want to have access to the information you share privately. For more tips, check out the StaySafeOnline Social Networks page and the Privacy Rights Clearinghouse fact sheet on Social Networking Privacy.

Details

Article ID: 137394
Created
Tue 8/31/21 11:53 AM
Modified
Tue 10/4/22 2:56 PM