Keeping Secure Everywhere

Owned by Sam Kardasz
Last updated: Sept 30, 2024
2 min read

At Home

When possible, use separate devices for work and personal use.

Separate devices reduce the risk of work-related data loss or compromise.

Wireless router

At a minimum, use WPA2 (Wi-Fi Protected Access 2) to keep wireless traffic secure

  • Secure wireless connections prevent others from unauthorized use of your wireless network.

Keep wireless router and modem firmware up-to-date

  • Out of date wireless routers or modems expose them to online takeovers or compromise

Firewalls and Anti-Virus

Use the Microsoft firewall & anti-virus (or purchase a 3rd party anti-virus)

  1. Firewalls prevent internet-based attacks from hacking into your computer

  2. Anti-Virus prevents malware infections of your computer (Note: Ransomware can evade AV detection)

Secure IoT devices

(Smart speakers, doorbell camera, etc)

  • Use strong, unique passwords

  • IoT devices ship with weak passwords (admin/password, etc) that are widely known by hackers.

Traveling

Caution with free Wi-Fi when accessing email/bank accounts in public spaces (airports, coffee shops)

Fake public Wi-Fi access points will intercept wireless traffic and collect email/bank IDs/passwords.

In public spaces, use a VPN (Virtual Private Network) to access email/bank accounts.

VPN encrypts wireless network traffic and prevents interception of network traffic.

Keep devices secure and accounted for at all times.

Small devices (cell phones/tablets) are targets for thieves for reselling or extracting data.

Don’t use borrowed chargers or public charging stations. Use your own charger.

Unknown chargers may contain malware installed to collect email/bank IDs and passwords.

Online

  1. Practice good password hygiene

    1. Do not share your password or write it down.

    2. Where possible, use 8-16 characters; mix of upper-lower case letters, numbers, and symbols.

  2. Do not save passwords in your browser.

    1. Browsers will autofill a password, which is a financial risk for online bank accounts.

  3. Ransomware (Think before you click!)

    1. Email is the major source of ransomware infection and compromise (90% of infections)

    2. Tricks user to click on a malicious link or attachment (known as social engineering)

    3. Ransomware is embedded in a link or attachment and infects your computer.

    4. Encrypt/exfiltrate data, cripple computer, ransom demand (Bitcoin) displayed on monitor screen

    5. Hackers: lucrative income, Bitcoin is untraceable, low entry cost, prosecution rate low, black market

  4. Scams

    1. Emails/phone calls are sources of scams (Fake virus infections, blackmail, unpaid bills, repairs)

    2. Scare tactics used to cause a user to comply with payment demand (social engineering)

    3. Causes a user to click on a link or call a number to make payment (typically credit/debit card)

    4. Impacted users must contact their financial institutions to protect their bank/credit/debit accounts.

ID Theft

Unauthorized access to personal financial information (ransomware, scams, hacking, dumpster diving)

Use of financial information: bank account withdrawals, loans, purchases, mortgages, illegal activity

Financial institutions & credit reporting agencies contacted right away to prevent further damage

Change logins, passwords, and PINs for financial accounts immediately.

Adapted from sources: FBI, FTC, KnowBe4, Infragard, American Bankers Association (ABA)
Resource: FTC - ID Theft Recovery Guide - https://www.consumer.ftc.gov/articles/pdf-0009_identitytheft_a_recovery_plan.pdf

 

Department of Information Technology - Kirk Kerkorian School of Medicine at UNLV

 

https://tinyurl.com/somhelp | help@medicine.unlv.edu | 702-895-0451