At the beginning of a new semester it is important to remind ourselves about best security practices. Information security is a team effort and every member of our community plays an important part in protecting our data. Below are a few helpful tips to ensure you start the year off right!
Symantec Endpoint Protection (SEP) antivirus software is available to all Northeastern students, faculty and staff for free. It is strongly encouraged that you have a current version of antivirus software on your computer. Learn more about Symantec Endpoint Protection and how to get it.
Your information is only as secure as your passwords. While we all would like to have passwords that are easy to remember, it’s important to not use passwords that are easily guessed. For example, do not use things like dictionary words, pet’s names, anniversary dates or any other data that may identify you.
Change passwords often. It is a good habit to change your passwords once a quarter. Link it to the seasons or a holiday so you don’t forget. Worried about remembering them? There are free apps, like Dashlane, LastPass, and KeePass, that let you store your passwords in a secure location – making it easy to access your different online accounts.
Use different passwords on different systems. No single password should be reused across multiple accounts. This way, if one of your accounts is compromised, they aren’t all compromised. Last year’s security breach at Adobe caused Facebook to alert certain users to update their Facebook passwords, due to the concern that the same password was used for both accounts.
Do not share your passwords. Your password should be kept as secret as your Social Security number, if not more so. Remember, Northeastern will never ask for your password.
Create challenge questions (and answers) that are actually a challenge. When creating your myNEU account challenge questions be sure to come up with a question and answer combination that is hard for anyone to guess, especially those who know you, or – even better – make the answer random. SecureNU has a few great ideas. Even xkcd has taken a look at password strength.
Remember to install patches and updates. The reminders always seem to come at the most inconvenient time, but please remember install all patches and updates. Not doing so could expose you and your information to viruses and theft. Additionally if your information is compromised it has the ability to compromise others at Northeastern. Try setting a time aside to install patches, such as at the end of the day, so it doesn’t interrupt your work.
Using wireless Internet on campus? Make sure to log into NUWave with your myNEU credentials for full access and a secure connection. NUwave-guest is a limited wireless network intended for guests only; it requires separate registration and access ends after eight hours. Be more secure and use NUwave. Living in upperclassmen housing that allows routers? Be sure to setup your router following the 2014-2015 ResNet Router/Wireless Access Security Requirements and Recommendations. [UPDATE – 8/15/2015: Routers are banned as of 8/15/2015. The residential wireless expansion project was completed on August 15, 2015. Details are available on the NUwave service page.]
Shopping for back to school supplies? Shopping and banking should only be done on a device that belongs to you and on a network that you trust. Free wifi can be appealing, but those networks are likely not secure – wait until you get home to buy those last few items on your list.
Bittorrent is too good to be true. The Northeastern University Appropriate Use Policy (AUP) prohibits the download, use or redistribution of any copyrighted material without authorization for the copyright holder.
Does something seem a little suspicious? All suspected security incidents should be reports to either the ITS Service Desk at 617.373.4357 (xHELP) or to the Office of Information Security at firstname.lastname@example.org.
Questions or concerns? Feel free to reach out to the Office of Information Security for assistance. We are here to help in the event that something does happen to your account.