Monday, October 2, 2023

October is Cybersecurity Awareness Month, a government-industry partnership that aims to raise awareness and empower everyone to protect their personal data against digital crimes.

The university’s cybersecurity and IT support pros strive to keep Iowa systems safe, but their reach extends only so far. Cybersecurity begins at home, with the devices, networks, and data we manage personally.

For many Iowa students, staff, and faculty, there’s no clear line between school/work and home use of technology. Even remote employees with university-managed computers (strongly recommended for anyone working remotely) may sometimes use personal devices for work-related tasks.

Read on for key steps you can take to boost your at-home cybersecurity.

Update your devices’ software

Software updates are easy to run, but also easy to forget or ignore. If you’re not updating your software, you’re missing vital security patches. Some tips for managing software updates:

  • Set up automatic updates: Review settings for all your devices and make sure you’re automatically downloading updates. Note that you may need to restart a device for updates to take effect.
  • Go to the source: Only download updates from trusted sources, like your devices’ official app stores.
  • Make updates a habit: Check your software regularly, especially if you haven’t set up auto-updates. If your system tells you an update is available, pause what you’re doing and install it right away—the benefits far outweigh any inconvenience.

Get basic software-update info for different types of devices.

Secure your Wi-Fi network

Make sure you’re keeping unauthorized users off your home network:

  • Network routers usually come with default administrative settings, including a network name. Change all these settings to make them unique.
  • Set a strong router admin password (a complex combination of at least 12-15 varied characters, unique from all your other passwords).
  • Set a different strong password for your network (this is the password you’ll use when joining the network on a computer, phone, etc.).
  • Create a guest network with its own password so you can keep your main password private.
  • Turn off remote management, Wi-Fi Protected Setup (WPS), and Universal Plug and Play (UPnP). These convenience settings can weaken your security.
  • Enable WPA3 encryption and any built-in firewalls.

Also, make sure to include your router when checking for software updates. Get more info on Wi-Fi network security from the Federal Trade Commission.

Make regular backups

Having backups of essential files on an external hard drive or cloud-based service can be helpful in a security breach. It also provides insurance against hardware failure and other problems.

Research backup options for the devices you use and the kinds of data you work with. For many folks, automated backups to the cloud are the easiest solution.

University employees working remotely should keep work files on OneDrive rather than personal devices. Students also can use OneDrive to store original files or backup copies.

Consider antivirus software, firewalls, or VPNs

Reputable antivirus programs detect malicious software (malware) and purge it from your devices. The university provides recommendations for free antivirus software on Windows, Mac, and Linux platforms.

Computers and other devices also offer firewalls and related security options. Every platform is different, so check your security settings and research the options as needed.

Finally, students, faculty, and staff can use university-supported virtual private networks for another security layer. Off-campus access to some university resources (e.g., library systems) requires either the Cisco AnyConnect or GlobalProtect VPN.

Other cybersecurity essentials

Wherever you are, whatever device you use, keep these essentials in mind:

  • Create strong passwords for all your accounts: Using passphrases and password manager applications can help.
  • Use multifactor authentication: Activate systems like Two-Step Login/Duo whenever they’re available (e.g., for bank, shopping, or social-media accounts).
  • Recognize phishing: If an email, social post, text, or direct message seems suspicious, it’s probably a scam. Trust your instincts.

Make today the day for a cybersecurity checkup. Staying safe online is a team effort, and your help makes all the difference.