Cybersecurity



Cybersecurity threats are becoming more advanced so it’s important to learn how to identify the risks and take steps to safeguard your devices and information. The loss or theft of information can cause personal inconvenience and have financial and other consequences.

TIPS FOR KEEPING YOUR DEVICES SAFE

    Connect securely

    Random wireless hotspots can steal your passwords and private information. It is even possible to set up a hotspot that looks legitimate but lets people spy on everything you do while connected. To protect your privacy, use ‘UniWireless’ where available. Use the Virtual Private Network (VPN) when connecting from public wireless to remotely access the campus computer or if you need to transfer data securely to the University’s network.

    Keep your computer and phone software updated

    The best way to protect yourself is to keep your computer and mobile phone operating systems and all your applications up-to-date. Make sure you have auto-updates turned on where it is available. Updating your software removes weaknesses that might be exploited by an attacker.

    Backup

    Make extra copies of your important files such as assignments and store them in a separate location like cloud storage, file servers, external hard drives, or USB memory sticks.

    Lock your devices

    Always remember to lock your computer or phone screen before leaving it unattended. In addition, set your device to auto-lock after a period of inactivity (e.g. 5 minutes) in case you forget to lock your screen. This minimises the opportunity for someone to gain unauthorised access to your device. If you leave your device unattended, also be mindful of the potential for theft.

    Lost or stolen data and devices

    Following these tips reduces the risk of someone breaking into your device and harvesting your data.

    Changing all your passwords as soon as you realise your device is missing helps to further protect you.

    Reporting that your device may be vulnerable also helps, especially if it wasn’t protected. Remember to contact your financial and other service providers as well as the University (by logging a ticket in ServiceNow), family and friends.

    Select a strong password

    A strong password is your best protection against many types of cybersecurity threats. A strong password should be at least 10 characters and contain a mix of uppercase and lowercase characters, numbers and special characters. Consider joining several words together to form a longer passphrase that is still easy to remember. Set a PIN on all your devices and make use of biometrics where available.

    Don’t reuse passwords for different accounts

    Use a different password for each account and website that you use. This ensures that even if one system is compromised, it won’t give automatic access to your other accounts. Having different, as well as complex, passwords will help to ensure your data and identity is protected.

    Consider using a firewall

    A firewall helps you specify which other computers on the network your computer may communicate with. This will avoid unsolicited connections to your computer. A firewall can also be configured to request for your permission before allowing applications to access the network or Internet. There are free software firewalls available for download via the Internet. A firewall is particularly recommended for network or Internet connections that are active for long periods of time, for example, broadband Internet connections or wireless networks.

    Install and update anti-malware software

    Anti-malware software (sometimes referred to as anti-virus) helps detect, block and remove malicious software from your computer, keeping your sensitive information safe. Devices owned by the University of Melbourne will automatically have this software installed and updated. Use reputable anti-virus software on your personal devices and ensure it is regularly updated. Configure it to scan every file accessed through any source, e.g. email, Internet, and disks. Occasionally, scan all disks for viruses and corrupt files. The University may notify you if your computer has been detected to contain malware.

    Internet Privacy

    A good rule of thumb is to only post information you would be willing to put on a banner in a public place.

    Assume that any information you enter online is public unless you are using a known, trusted, secure site.

    Social networking sites (e.g. Facebook, Twitter), personal web pages, and blogs are great places for people to find personal information about you and once you post something, you can't take it back.

    Be cautious about downloads

    Only execute or download files to your computer that are from known and trustworthy sources, as anti-virus software is not foolproof. Do not open email attachments in unsolicited emails and be wary of unsolicited emails requesting information or inviting you to click on a link.

    Minimise storage of sensitive information

    Delete sensitive information whenever you can. Keep it off of your workstation, laptop computer, and other electronic devices if at all possible.

    Don't keep sensitive information or your only copy of critical data, projects or files on portable or mobile devices (such as laptop computers, tablets, phones and memory sticks) unless they are properly protected. These items are extra vulnerable to theft or loss.

    Watch out for phishing or suspicious emails

    You need to be increasingly cautious of unsolicited or suspicious emails, as they aim to steal your electronic identity and use it to compromise your personal information or access your computer system. Continue reading about unwanted emails.