October is National Cybersecurity Awareness Month! This tradition started 17 year ago, and each year they have a theme. This year, the theme is “Do Your Part. #BeCyberSmart.” Okay, that’s catchy but vague. For each week of this month, they have… sub-themes, I guess you would call them. I’ve decided to cover the highlights here in this one article for you, pulled straight from the NCSAM website. I’ve taken the liberty to add some of my own web links to their tips, for further info. And at the end, I’ll give you even more resources.
If You Connect It, Protect It
- Shake up your password protocol. Change your device’s factory security settings from the default password. This is one of the most important steps to take in the protection of IoT devices. According to NIST guidance, you should consider using the longest password or passphrase permissible. Get creative and create a unique password for your IoT devices. Read the Creating a Password Tip Sheet for more information.
- Keep tabs on your apps. Many connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with apps running in the background or using default permissions you never realized you approved— gathering your personal information without your knowledge while also putting your identity and privacy at risk. Check your app permissions and learn to just say “no” to privilege requests that don’t make sense. Only download apps from trusted vendors and sources.
- Secure your network. Properly secure the wireless network you use to connect Internet-enabled devices. Consider placing these devices on a separate and dedicated network. For more information on how you can secure your network, view the National Security Agency’s Cybersecurity Information page.
- If You Connect IT, Protect IT. Whether it’s your computer, smartphone, game device, or other network devices, the best defense is to stay on top of things by updating to the latest security software, web browser, and operating systems. If you have the option to enable automatic updates to defend against the latest risks, turn it on.
Securing Devices at Home and Work
The following tips are worded for “teleworking” (working from home), but can also easily apply to remote learning, particularly for college students.
- Find out if your organization has rules or policies for telework and make sure you comply.
- Protect your computer communications from eavesdropping. If you use Wi-Fi at home, make sure your network is set up securely. Specifically, look to see if it is using “WPA2” or “WPA3” security, and make sure your password is hard to guess.
- If your organization has a VPN (virtual private network), use that on your telework device for stronger protection. If not, consider using your own VPN—you can find numerous providers online.
- If you’re using your own computer or mobile device (something not issued by your organization) for telework, make sure you’ve enabled basic security features. Simply enabling the password, PIN, fingerprint, or facial ID feature will prevent people from getting on your device should you walk away from it. Any PIN or password you use should be hard to guess.
- Keep your computers and mobile devices patched and updated. Most provide an option to check and install updates automatically. Enabling that option can be a good idea if you don’t want to check for updates periodically.
- If you’re seeing unusual or suspicious activity on any device you’re using to telework (computer, mobile device, or home network) ask for help—better safe than sorry. Contact your organization’s help desk or security operations center to report the activity.
Cybersecurity Awareness: Going Further
For more tips, check out the following excellent resources:
- The NCSAM website, as you might expect, has several interesting resources, including these handy tip sheets.
- Beware of COVID19 scams and vet any info before you forward or repost it.
- I have a dedicated web page full of other key Resources: websites, books, documentaries, podcasts, and more.
- And, of course, my book has 170 tips for increasing your cybersecurity and privacy.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!