As recent cyberattacks, including one targeting a CU vendor, capture headlines across the nation, UCCS cybersecurity experts suggest commonplace tips and tricks can help safeguard organizations and individuals from data leaks and more.
“We will never be ahead of the threats, but we need to be at as low a vulnerability level as possible,” said Gretchen Bliss, director of cybersecurity programs at UCCS. “You can be perfect and still be vulnerable but every little bit helps.”
Common tips, such as changing passwords frequently and avoiding using the same password on multiple sites are part of the solution to a security problem, Bliss said, noting being proactive, as well as mindful, can be keys to avoiding vulnerability.
“You’re responsible for the accounts you’re creating online. Track your digital presence and make sure you stay on top of it,” said Bliss. “If you don’t want an account for every site you’ve visited or shopped at, you don’t have to make one, and remember to be aware of where your professional and personal digital footprints meet.”
To help monitor individual and personal digital footprints, Bliss recommended frequent name-based internet searches to see what information is available online. Such searches may turn up old online accounts or artifacts which may be deleted or cleaned.
To help with professional footprints, Bliss advised against recording every meeting, and asking for recorded meetings to be password protected. Limiting information’s availability online can deter would-be cybercriminals, Bliss said.
The UCCS Office of Information Technology (OIT) also works to safeguard the campus and its community members, in partnership with the CU System, in an effort to ensure data is as secure as possible.
“UCCS protects against attacks by following best practices for patching and configuration management on all servers,” said Tom Conley, OIT information security officer. “The effects of any attack are mitigated by business processes that limit the amount of sensitive information on UCCS systems.”
In addition to preventative measures, OIT manages training programs and other resources, including a phishing awareness campaign to aid in the goal of general education.
“We’ve all heard these tips before, but obviously we will continue to give guidance, as online security is still a problem,” Bliss said. “It takes time to do it right, but it’s worth it. We highly recommend getting to a point where people are normally practicing all of these good habits.”
Bliss said anybody who would like to check in on their cybersecurity knowledge can take a quiz prepared by the Pew Research Center.