One Step Ahead: 2014 Security & Privacy Tips “Year in Review” |
|
, |
Another tip in a series provided by the
Offices of Information Systems & Computing and Audit, Compliance & Privacy
2014 may well be remembered as “The Year of the Breach.” There was a notable increase of information security and privacy risks for Higher Education, with every month bringing new stories of security breaches, computer vulnerabilities and data compromise. Higher Ed was not alone of course—the private sector reported a number of problems as well, with publicized intrusions at Home Depot, Staples, JP Morgan and Sony, just to name a few.
A single event can involve tens or hundreds of thousands of lost records and drive costs, either through incident response or fines, in the millions of dollars. And it’s not just businesses that are affected, but the individuals whose records or systems were breached as well. So what should you do? Here are three tips to help keep you safe in 2015:
Enroll in multi-factor authentication (i.e., “Two Factor). Two Factor adds an extra layer of security when you log in to a system. In addition to providing your username and password you are required to have or do something else (e.g., provide a one-time code from your smartphone, respond to a text or be in a physical location) to get access.
• PennKey holders can enroll in the optional Penn Two Factor solution here www.upenn.edu/computing/weblogin/two-step/
• Many popular services, like Facebook, Google and Twitter, enable multi-factor authentication as well.
2. Configure all software on your computers and phones to “auto-update.” Out of date, vulnerable software is still the easiest way for hackers to gain a foothold on our systems. The best way to stay patched is to set your systems and programs to do so automatically.
3. Check your financial statements every month. In particular, monitor any credit card statements to make sure there is no unusual activity. Also, make sure to use credit cards instead of debit cards if possible. The maximum liability for unauthorized charges on a credit card is $50. The liability for unauthorized use of a debit card can drain your bank account, leading to bounced checks or missed payments.
Have any questions?
Contact security@isc.upenn.edu or privacy@upenn.edu
Have a safe and happy 2015!
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/ |
