Security Awareness

Protecting your devices, safeguarding your data and identity

Regardless of what technology you are using or where you are using it, protect yourself. Learn more at www.securingthehuman.org/ouch

YOU: The most critical part of staying secure is you. Cyber attackers have learned that the easiest way to get something is to ask for it directly. As a result, common sense is your best defense. If an email, message, or phone call seems odd, suspicious, or too good to be true, it may be an attack.

UPDATING: Ensure your computer, mobile device, and apps are updated and always running the latest version of their software. Whenever possible, enable automatic updating.

ENCRYPTION: Ensure your computer, mobile device, and apps are updated and always running the latest version of their software. Whenever possible, enable automatic updating.

BACKUPS: Make sure you do regular backups of any critical information. Often, the only way you can recover from a computer or device that has been hacked, lost, or stolen is to recover from your backups.

PASSWORDS: Secure passwords.

• Always use long, strong passwords; the more characters you have, the better. Even better, use two-step verification whenever it is possible.
• Use a unique password for every device and account. Can’t remember all of your passwords? Use a password manager for securely storing and retrieving your passwords.
• Do not share your passwords with anyone.

Source: Security Awareness Newsletter Online: (2014) OUCH!Security Awareness. Retrieved Oct 1, 2014, from http://www.securingthehuman.org/resources/newsletters/ouch/2014

Securing Mobile Devices

Securing your mobile devices and smartphones is as relevant or perhaps even more critical as securing your computer. Your smartphone contains a wealth of personal information such as pictures, passwords, email, phone numbers, and contacts. A lost or stolen or unsecured smartphone could expose personal data and lead to identity theft and fraud.

Below is a short list of some basic Smartphone safety tips to help protect your smartphone.

• Password-protect your device.
• Keep your operating system updated.
• Enable strong password protection on your device and include a timeout requiring authentication after a period of inactivity.
• Download applications from reliable resources such as the Apple Store and Google Play.
• Be cautious with public Wi-Fi, only connect to secure networks you know. Avoid unidentified Wi-Fi hotspots.
• Disable Bluetooth and Near Field Communication (NFC) capabilities when not in use.
• Review your mobile device manual to learn about the specific features of the device.
• Backup your device on a regular basis.
• Install a locator app.
• Be sure to wipe your mobile device using the built it “factory reset” function to delete your data before returning, reselling or discarding your smartphone.

Securing Desktops and Laptops

Keeping your computer safe and secure has become more difficult as computers are interconnected through the Internet and other networks.

Safety tips to help secure and protect your computer:

• Keep your firewall turned on.
• Do not buy security software in response to unexpected pop-up messages or emails.
• Use strong passwords.
• Set your operating system to update automatically.
• Use the most current version of your browser.
• Do not install plugins or add-ons into your browser unless you need them to run a particular application.
• Keep all essential browser plugins and add-ons update to date.
• Back up your files.
• Do not download unfamiliar software from the Internet. If you must, run a virus scan on the download before installing the application.
• Log off or lock your computer when leaving the device unattended.
• Do not open attachments from unknown sources.
• Do not use free public or unencrypted (unsecured) Wifi.

For additional information on staying safe and secure, visit the following websites:

• StaySafeOnline.org
• SANS Security Awareness Tips

Unless you take steps to secure your router, you are vulnerable to people accessing the information on your computer, using your Internet service for free, and potentially using your network to commit cybercrimes. Change the default factory setting of your wireless router.

Below is a list of simple tips for keeping your wireless network secure. Review the manual of your wireless network for detailed information on changing the setting.

• Change the default name (SSID – Service Set Identifier) of your router.
• Change the default password.
• Change the security level to WAP or WAP2 if available.
• Best Practices for Keeping Your Home Network Secure

Security Awareness Tip of the Day

Each day, SANS posts a new tip that focuses on and explains a specific topic and actionable steps people can take to protect themselves, their family, and their organization.

View the SANS Security Awareness Tip of The Day

Place a fraud alert to protect against identity theft.

Call the three national credit reporting organizations immediately to place a fraud alert on your name and Social Security number for a stolen wallet or credit card. The alert means any company that checks your credit has to contact you to authorize new credit.

Here are numbers you always need to contact if your wallet, etc., has been stolen:

1. Equifax: 1-800-525-6285

2. Experian (formerly TRW): 1-888-397-3742

3. Trans Union: 1-800-680-7289

4. Social Security Administration (fraud line): 1-800-269-0271

You can get a free credit report once a year from each of the three credit reporting agencies. https://www.annualcreditreport.com/index.action

If your browser questions a website’s security, stop, think, and verify

When visiting the “HTTPS” secure sites, you may see an onscreen warning, such as “There is a problem with the website’s security certificate” or “Secure Connection Failed.” Don’t just click to continue or to make an exception. The warning may only indicate a harmless, temporary problem with the site or the network. But it can also mean that the site is bogus or has been compromised by hackers.

Contact the bank or retailer by phone to determine if they know about a problem with their website or the network. Don’t be the next victim of fraud.

Four tips to help keep your computer secure

Anti-virus. A reliable, effective anti-virus program with the latest updates. Both licensed and free anti-virus software are available. Whichever you use, make sure it scans incoming and outgoing emails for malware.

Anti-spyware. Reliable, effective anti-spyware is a must for securing your computer. Both licensed and free anti-virus software, such as Windows Defender, is available.

Two-way Personal Firewall. Two-way personal firewall software monitors network traffic to and from your computer and helps block malicious communications.

Anti-Keylogger software. Anti-Keylogger software products, like AntiLogger and Keyscrambler Personal, help prevent what you type on your computer, especially sensitive information such as the usernames, passwords, and financial information used in making online transactions, from being hijacked by Bad Guys.

— Ramkumar Raghavan

Recycle your equipment

Before you get rid of electronics, be sure you delete or remove all personal files and data. Most states have banned computers and components from landfills. Look for recycling programs in your area.

Make sure your personal information is protected when you do business online.

Always read the privacy statement before you fill in the blanks. It would be best if you also verified that the site is using encryption before you submit any information – look for https in the web address and a padlock or key in the lower right corner of your browser. Don’t send your personal information (social security number, credit card number, etc.) in an email or through instant messaging.

If you are a victim of identity theft, report it immediately.

You should:

1.Contact the three major credit bureaus and have them place a fraud alert on your credit report.

2.If a credit card was involved, contact the credit card company and close the account. Contact your local law enforcement agency and file a report.

3.File a complaint with the Federal Trade Commission.

4.Document all conversations, so you know whom you spoke to and when.

Brookdale Community College takes the security of its organization, users, and data seriously. To help protect our confidential information and assets, Brookdale has implemented a Security Awareness Training program through SafeColleges. The goal of this long-term program is to not only to meet all compliance and legal requirements but also to secure employees and the organization by educating employees about the potential security threats and changing their behaviors. The required training module includes the following topics:

• Email & Messaging Safety (12 minutes)
• Browser Security Basics (15 minutes)
• Protection Against Malware (15 minutes)

Access Training from SafeColleges

• Click https://brookdalecc-nj.safecolleges.com/ to log into SafeColleges.
• Enter your NetID username
• If modules are not listed, select the Extra Training button, Information Technology category for access to the topics

If you should need assistance using SafeColleges or experience technical difficulties, please call 1-800-434-0154.

Any other question, please contact either Linda DeButts, Manager of Professional Development – HR, ldebutts@brookdalecc.edu or Crane Kanthajan, Manager – HR Services, kkanthajan@brookdalecc.edu