October is National Cybersecurity Awareness Month – a federal initiative to increase attention to, understanding of, and action regarding personal security. UCCS is all in on reinforcing the collective need to “Secure Our World,” the 2023 theme of NCSAM. From this initiative, you can learn about cybersecurity, what it is, and how best to protect yourself online.
Often times, sussing out the bad guys is a process of “death by a thousand cuts.” If you’re willing to take a few extra seconds with every online transaction or activity, you can meaningfully reduce the risk to both yourself and UCCS.
There are four key things that you can do to increase not only your personal security, but also to protect the online assets of UCCS or other organizations behind your online accounts.
Enable Multi-factor Authentication (MFA). While this sounds complicated, you’re probably doing this already in some ways. Enabling MFA simply means setting up a second means of verification for key accounts where personal or business information is stored or accessed. A great example of MFA is that annoying little message you get to enter your authentication password, verify your account through a text message, use your thumbprint or facial recognition, answer security questions, or “click on all the pictures that contain traffic lights.” All of these are ways to ensure that you are a legitimate and rightful human who is authorized to access your account, and while many of us allow or enable MFA on our bank accounts, we might bypass this option for other accounts. Please don’t! The innocuous bit of information you use to log in to your Instagram or shopping account may give the bad guys that one piece of data they’re missing to access a different key organizational or personal account or system.
Use Strong Passwords. Repetitive, short, old, or simple-to-guess passwords are the easiest form of entry to your personal information – and bad guys like “easy.” The number one way to address these shortcomings in your passwords is to use a password manager like LastPass, Keeper, or BitWarden. All of these tools provide a free account to get you started. They also provide complex and unique passwords so you don’t have to think about it – and then they remember them for you and can often even automatically fill them in as you are logging in to your accounts. They are quite reliable and can be installed to work on all your devices – phones, laptops, and tablets. So please sign up today!
Recognize and Report Phishing. Phishing is the practice of sending bogus emails that trick you into giving up personal information or access to accounts. These used to be super-simple to spot: misspellings, bad grammar, an email you’d never, ever get in your life. Not so any longer. The hacker is getting smarter and more subtle as time goes on. Now you must be on the lookout:
- Anytime you’re asked to click on a link that you did not know was coming, that is slightly misspelled (“amazn” vs. “amazon”), or that you have not verified directly with the sender, it could be a scam. Be suspicious of inflammatory or “urgent” requests for information or assistance. Don’t feel pressured to take action before verifying.
- Any requests to send personal information that you are not expecting are suspect. No financial institution or federal government agency (e.g., the IRS) will call you out of the blue. You should always hang up and call them back at the appropriate published and verified number to ensure you’re talking to the organization that you intend.
- Anything that’s too good to be true probably is – don’t pursue an offer for anything until you are sure you know the source. Strange or abrupt offers or requests for information are probably not legit.
Update your Software. Hackers work fast, so software companies must work faster to stay ahead of ever-evolving threats. Your application providers are often releasing bug fixes that will close security loopholes. Always, ALWAYS update your personal software so that you can ensure you have the latest and greatest security updates on your devices. And always follow the recommendations of UCCS OIT; they will put out emails when they want you to upgrade or take action – follow those recommendations promptly.
As you can see, each of these key four ways to protect yourself is not a monumental effort in and of itself but can add up to heaps of protection for you and your personal information. So take the first “cut” at bad actors – and follow these four ways to protect yourself online.
To find out more about NCSAM at UCCS, visit OIT’s page for great information and further tips: https://oit.uccs.edu/security/ncsam
To find out more about cybersecurity education and programming opportunities at UCCS, visit the UCCS Cybersecurity Programs Office: https://cybersecurity.uccs.edu/
About Cybersecurity at UCCS
UCCS is a recognized cybersecurity education leader in the region, awarding hundreds of degrees each year in cybersecurity fields at the bachelor’s, master’s and doctoral levels. UCCS cybersecurity programs train security professionals who work to ensure the nation’s security and support faculty research and strategic cybersecurity partnerships with industry, government, military and academic institutions, including the U.S. Space Force and the National Cybersecurity Center. Due to generous Colorado state funding of cybersecurity education, UCCS students are eligible for significant financial aid towards security degree scholarships. Learn more about Cybersecurity Programs at UCCS.