The Office for Information Technology at Williams provides protection for many digital concerns, from anti-virus to backup to disk and device encryption, but there are still many things we all do either at home or at work which require attention.
For your own digital protection take these steps: First, take control of your credit reports. You get one free report from each credit bureau once per year. You can request them by going to AnnualCreditReport.com. Make sure there’s nothing inaccurate in those reports, and file for correction if needed. If needed initiate a credit freeze at each of those plus two other smaller ones. Instructions can be found at Krebs on Security. To keep an eye on your credit report all year, space out your credit bureau requests by requesting a report from a different credit bureau every four months.
Next, practice good digital hygiene. Just as you lock your front door when you leave home and your car when you park it, make sure your digital world is secured. This means:
- Turn on 2-step: As of March 2019 all staff have 2-step on and all students will have it by mid-April. Faculty are currently signing up and are about one third done. http://google.com/2step
- Keep your operating system patched. Security updates and patches are important to protect your computer while online. Major operating system changes (say from Windows 7 to 10, or from Mac High Sierra to Mojave) are less critical – check with OIT if you should proceed with those.
- Do the same for the application software you use. Web browsers, plug-ins, email clients, office software, antivirus/antimalware, and every other type of software has flaws. When those flaws are fixed, it is important to install that fix before someone uses the flaw against you. Web browsers like IE, Safari, Chrome and Firefox are being updated constantly (usually in the background) so if you see a request to restart your browser, please do so. The vast majority of hacks leverage vulnerabilities that have a fix already available.
- Engage your brain. Think before you click. Think before you disclose personal information in a web form or over the phone.
- Think before you share on social media sites. Some of those fun-to-share-with-your-friends quizzes and games ask questions that have a disturbing similarity to “security questions” that can be used to recover your account. Do you want the answers to your security questions to be published to the world?
- Use a password manager and keep a strong, unique password for every site or service you use. That way a breach on one site won’t open you up to fraud at other sites. Lastpass for computers and Valt for ios devices and macs are good options.
- Back. It. Up. College computers have Atempo LiveNavigator and Time Machine backups, and our unlimited Google Drive is also a good place to keep non-protected information.
- Full disk encryption is your friend. College computers are encrypted to prevent data loss if a laptop is lost or stolen, but you still need to secure any smartphones or tablets with a good passcode or biometric lock.
- Check all your accounts statements regularly. Paperless statements are convenient in the digital age. But it is easy to forget to check infrequently used accounts such as a health savings account. Make a recurring calendar reminder to check every account for activity that you don’t recognize.