Happy Data Privacy Day!

January 27th is Data Privacy Day! 

The internet has opened so many doors for us and truly is a part of our day to day lives. We don't often take the time to think about the fact that we put a lot of our personal information out there. On Data Privacy Day we are reminded that we need to be vigilant in taking care of our precious personal data and making sure it is protected. 

Some Simple Tips for Protecting Your Data:

1. Check your privacy settings. Most of your social and eCommerce accounts will have a place where you can view and change your privacy settings. Every couple weeks you should review your privacy settings and make sure that it is set to what you want. You should consider the personal data that you are willing to make public (ie: email, phone number, birthday, location). 

2. Don't use a public service to store any private data. Google Docs is a great tool and very helpful for students and businesses alike that need a central place to store their work. However, you should not store personal information such as passwords or other sensitive data on a public service. 

3. Use private browsing. Using a private browsing window like a Incognito window, is very helpful for deterring internet tracking. Normally when you open a browser, it stores the websites you visit, the items you search for, or anything you might have bought. This information can be given to marketers. When you use a private browsing setting, this information is not stored. 

4. Use strong passwords. When you create a password is should not have any personal info like your name or birthday. It is also strongly advised that you create a long password, 12 characters (letters, numbers, and symbols) long. Additionally creating unique passwords for each of your services is strongly advised. While it may seem convenient to have the same password for everything, it puts you at a larger risk and makes it easier for potential malicious users to access your accounts. 

5. Use passwords and passcodes for access to your electronic devices.  Make sure you are protecting the device or devices you have that store all your precious information! A simple passcode or password being enabled on a device can go a long way in protecting your data. 

6. Use secure WiFi. A secure WiFi connection is very important. Public WiFis do not always have data encryption and this means that anyone that has access to the WiFi can track your browsing information. Try and keep login and monetary transactions to a minimum on public WiFi to avoid your passwords and credit card data getting into the wrong hands. 

Information partially taken from: https://www.kaspersky.com/blog/privacy-ten-tips-2018/23022/. 

Please continue checking our blog for more helpful tips and posts!

Information Security To Go!

Protect your data and devices when you travel.

Almost 88 million Americans traveled abroad in 2017, and whether for business or personal use, our technology devices seem indispensable during our travels. Unfortunately, traveling with devices also means that you must take care to protect those devices—and the data contained on them—while you are away from home. That preparation begins before you leave, and you may need to restore settings when you return.

Many people love the adventure that traveling provides: meeting new people, seeing new places, and having new experiences are part of the allure. Technology makes it easier than ever to satisfy our wanderlust. We can use our connected devices to discover the exotic locales we wish to visit, book tickets on planes and trains, practice driving virtually, and seamlessly navigate once we get to our final destination. For all this ease that technology brings, we should prepare our technology for travel as carefully as we plan our travel itineraries.

Travel tips

• Back-up your data! Backing up your data ensures that you won't lose information if your device is lost or stolen. Consider encrypting your data as well, but check with your IT support staff first about how best to implement encryption.
• Protect your devices with a strong password or lengthy passcode. Sometimes devices get lost or stolen, even when we are being careful. By protecting your device with a passcode or lengthy password, you make it harder for your device to be used and data to be accessed by others.
• Make sure your devices and applications are up to date. Keep your applications and devices up to date and patched. This helps protect your device and data from security vulnerabilities and threats.
• Just say no to unsecured public Wi-Fi. Having a wireless connection is almost a necessity for the modern traveler. However, using an unsecured public Wi-Fi hotspot can allow others to view the contents of your electronic activity. Never access your sensitive financial accounts from an unsecured network. If you must access sensitive data from an unsecured network, be sure that you use a VPN service.
• Double check your MFA settings. Many of us rely on multifactor authentication (MFA) to secure both personal and work-related accounts. Be sure that you know how (or if) that will work in the countries that you are visiting. For instance, if your MFA relies on SMS, be sure that you will be able to receive that message in the destination that you are visiting. If the option is available to you, consider using a physical token option to ensure you'll be able to login to your accounts.
• Update your physical location with your password vault. Many people use password vaults to manage all of their account passwords. Don't be surprised if your password vault requires additional verification steps when logging into it from a location that is not in your home country. (After all, we count on these vaults to be secure!) Check the vendor documentation or your account settings to make sure that there are no country restrictions or settings that you need to change before your trip. Also double-check that you're able to access your recovery/secondary email address just in case there is an issue.
• Consider leaving your daily devices at home. If you are traveling to a location where you are concerned about your individual privacy rights, consider leaving your primary mobile device at home and purchasing a replacement device to take with you instead. Put only the apps, services, and data that you need for that trip on the device. Some businesses and colleges and universities offer programs where a traveler can check out a "clean laptop" when traveling for business purposes. Using these types of devices help limit any exposure of your personal data. Check your data plan as well. A "burner phone" or car GPS may be cheaper.
• Be smart about posting on social media. It is always fun to post vacation pictures in the moment, but online postings on social networks (e.g., Twitter, Facebook, Instagram, Snapchat, etc.) can let other people know that you are not at home and that your home may be empty. Posting vacation pictures on social media once you are safely home helps protect your physical belongings.
• Use hotel safes to protect your technology. Here's another place where there is an overlap between online safety and physical safety. Just like you would put your passport, jewelry, and money in a hotel safe, consider using that safe to hold your electronic devices when you are not carrying them with you. Not only are the devices themselves expensive to replace, your personal data contained in the device can be irreplaceable (especially if you skipped the first tip on this list).
• Remember your adapters! Make sure you have power adapters that will work with three-prong plugs and that they fit the country's outlets. Some travel adapters only accept two-prong plugs. (If you're attending a conference, you may be able to borrow a charging cable temporarily.) Outlets also vary, even, for example, between the UK and Ireland. Your technology gadgets are not very helpful when they run out of charge or cannot be powered on. Charge and take a portable battery pack.
• Mind your voltage! Like plug types, different parts of the world use different voltages. Make sure that your technology devices can run on the voltage used at your destination. Getting shocked with 220V is not the same as 110V.

As surely as you can reduce wrinkles in your clothing with careful packing, so too can you avoid the most common technology travel woes by preparing before you leave home.

Refer to Manhattan College's Cyber Safety Site site for additional resources.

Refer to Manhattan College's Email Signature Knowledge Base Article for instructions on how to create your own email signature.

From The Barefoot Nomad's How Not to Fry Your Smartphone Overseas: A Quick Guide

Partially reposted from Educause September 2019: Information Security To Go!

Spring Cleaning—Be Green, Not Blue

As you upgrade your personal devices to the newest options, do you recycle the old equipment? Being green shouldn't make you blue. Take steps now to remove anxiety later that forgotten sensitive files on your last laptop could become a source of embarrassment or identity theft. Trying to securely delete data at the time you decommission equipment can turn into a multihour chore and a source of stress, but it doesn't need to be that way.

Make sure saved copies of your tax filings, personal photos, and other sensitive files can't be retrieved by the next person with access to your computer's drive by making the drive unreadable to anyone else. Dragging files to the trash or recycle bin doesn't remove data—it just removes the retrieval path to the file and marks that storage space available for other data to occupy sometime in the future. Your pirate treasure is still buried, but the map is missing. "Secure file deletion" functions go a step further to overwrite the data in those locations with random bits immediately.

The introduction and growth of solid state drives in consumer electronics, however, makes overwriting the data in these spaces less dependable than in the standard hard drives of the past. Today's "delete/overwrite" protection comes most reliably from full disk encryption (aka whole disk encryption), which encrypts all data on the machine—including the operating system and temporary files you weren't even aware you created. Follow the motto of a famous infomercial to "set it [full disk encryption] and forget it [the password/key]!" Even if someone removes the drive and puts it into a different machine, the encryption remains in place.

• Plan A: Encrypt the full disk now using built-in functionality. Create a strong passphrase or password, since this becomes the decryption key! Everything will be encrypted, including the operating system, so you will have to "unlock" the encrypted drive with your personal passphrase every time you start or boot up your computer. Save the generated recovery key somewhere secure (like a password manager or printout stored in a secure office), in case you forget your password and need to access the data on that machine. Here are instructions for some of the most common built-in encryption functions: 
• FileVault2 (Mac OS) 
• BitLocker (Windows 10 and Windows 8 Professional)
• BitLocker (Windows 7 Ultimate)
• Plan B: If full disk encryption wasn't a built-in option, find a free or fee version of full disk encryption software that works with your operating system and personal capability. Check your favorite review sites or try Slant for recommendations.
• Failsafe: Remove and destroy the drive (Geek Squad offers a three-minute tutorial on hard drive disposal). Most retail stores that accept computer donations for safe recycling will remove the drive and give it to you for secure destruction—just ask them to do that. Hold onto the drive until there's a secure shredding event at work or in your community.

partially reposted from:  https://er.educause.edu/blogs/2017/9/april-2018-spring-cleaning-be-green-not-blue