National Cyber Security Awareness Month: six things you can do

This is the first of three articles Information Technology Services (ITS) will run this month to promote cyber security and good computing practices. To start Cyber Security Month, here is a list of six easy things you can do to be more cyber secure:

  1. Protect your devices with cryptic passwords that can't be easily guessed
  2. Check your passwords against UCSC’s Password Standards
  3. Restart your computer regularly – and turn on auto-updates for everything you can
  4. Secure laptop computers and mobile devices: lock them up or carry them with you at all times
  5. Set your devices to automatically lock when they’re not being used
  6. Back up/sync your important files and data, and store the backups securely

1. Protect your devices with complex passwords that can't be easily guessed

Passwords are your first line of defense against other people accessing or using your computer and mobile devices. Set your devices to require a complex password/PIN and to automatically lock when not in use.

Good, complex passwords use a mixture of upper and lower case letters, numbers, and symbols, are at least 8 characters in length (longer if they're less complex), and are difficult to guess and easy to remember (so you don't have to write them down). For additional information and tips, see UCSC's Password Standards: http://its.ucsc.edu/policies/password.html

2. Check your passwords against UCSC’s Password Standards

Cyber security month is the perfect time to change passwords that don’t meet UCSC’s Password Standards: http://its.ucsc.edu/policies/password.html

Passwords are an important part of computer security at UCSC. It is important to choose passwords that are complex and cryptic enough to prevent others from guessing them or from cracking them with “password cracker” programs.

  • At least 8 characters long
  • At least 3 of the following: upper case letters, lower case letters, numbers, special characters
  • Less complex passwords should be longer
  • Don’t use a dictionary word, your username, child's name, pet's name, birthdays, abc123, password1, etc.
  • Keep your passwords secret. Don’t share them with anyone else. ITS will never ask you for your password. Neither should any reputable service provider.

3. Restart your computer regularly – and turn on auto-updates for everything you can

Updates (also known as patches) help protect your computer from attackers and some kinds of malicious software. Some updates require you to restart your computer for them to go into effect, and you may not be notified when this is the case. Whether your computer is being patched for you* or you do it yourself, shutting down or restarting your computer regularly, e.g. weekly, helps to make sure software and security updates are properly installed and are protecting your computer and information.

For additional security:
Many operating systems and software programs can be set to automatically update. This includes anti-virus. Turn on automatic updates if that’s an available option. In some cases, you must be an administrator on your computer to be able to turn on automatic updates. But either way, still remember to restart your computer regularly.

*A special note for managed computers:

Computers managed with TEM/BigFix receive OS and application patches remotely. For more information see ITS’ Managed Computer Support web page (http://its.ucsc.edu/managed-computer-support/index.html).

4. Secure laptop computers and mobile devices: lock them up or carry them with you at all times

Every day, laptops and other mobile devices get lost and stolen from cars, homes, offices, coffee shops, etc. Secure them at all times: keep them with you or lock them up securely before you step away – even just for a second. And never leave mobile devices unattended in public locations.

5. Set your devices to automatically lock when they’re not being used

And make sure a secure password is required to start up or wake up. This reduces the opportunity for someone to use your computer or mobile device while you are away.

6. Back up/sync your important files and data, and store the backups securely

Regularly sync your mobile devices and back up copies of files or data you are not willing to lose. Store backups containing sensitive or critical data securely. Consider storing them in a separate location in case of fire or theft. Periodically test your ability to restore information from the backups.

----

Additional Information:

Additional cyber security information is available on ITS’ security web site: http://its.ucsc.edu/security/. Check out the links under “How to Stay Secure.”

For questions or assistance, contact the ITS Support Center: itrequest.ucsc.edu, help@ucsc.edu, 459-HELP, 54 Kerr Hall.