Cybersecurity Checkup

Best Practices for Maintaining Security and Privacy for You and Your Family

Passwords and authentication

• PIN or fingerprint protect your mobile devices: longer PINs are more secure
• Use secure pass phrases: longer passwords are better. Include numbers and punctuation.
• Don’t use the same password on multiple sites
• Yubikeys (DUO USB tokens) can be used as second factors for personal gmail/other accounts to improve security
• Use a password safe to manage your passwords
  • Keepass http://keepass.info/ or PassSafe https://pwsafe.org (both free)

Computer administration and maintenance

• Enable auto-update to get important security fixes
• Regularly update / patch software that does not have auto-update capability
• Install Sophos Home Free anti-virus software for Windows 10 & Mac OS X.:
  • Windows
  • Mac
• Disable guest accounts and change default passwords
• Enable encryption
• Enable the built-in firewall
• Backup regularly
  • Automatic backup software or services are preferred
  • A second backup to a disconnected removable disk is a good practice

Wireless and Internet access

• Enable WPA2 on your home wireless router
• Change default router passwords
• Disable Universal Plug-and-Play and device management from the Internet
• Use web-filtering DNS at home https://www.opendns.com/home-internet-security/
• Use eduroam when visiting other institutions

General guidelines for online security and privacy

• Check your security and privacy settings periodically. Options and defaults may change.
• Don’t post information that can be used for identity theft
• Don’t post information that you use for security questions: pet’s name, high school, etc.
• Read privacy policies. Check for data collected, data ownership, and uses of data.
• Configure your web browser to send “Do Not Track”
• Be alert to social engineering including phishing. If it’s urgent, it may be a trap.
• Check short URLs at https://www.virustotal.com/ before clicking
• Are you a victim? https://haveibeenpwned.com/

Check your privacy settings on social media

Check the privacy settings on your social media accounts for over-sharing. 

Privacy settings for LinkedIn

• Click on you picture and select “Privacy and Settings,” then click “Privacy”
• Review all settings, but pay particular attention to
  • The content of your public profile
  • Who can see your connections (Use “Only you” to respect your contact’s privacy)
  • Suggesting you as a connection
  • Sharing with third parties
• View your profiles with a browser not signed in as you to see what’s public

Privacy settings for Facebook

• Click the lock on the top-right side of the screen
• Run the privacy checkup. Pay particular attention to application connections.
• Review all privacy settings
• View your profile as it appears to others. Look for information you don’t want to share.
• Review private information in your security settings including passwords for other sites.
• Review linkages with other services like Twitter and Instagram.

Privacy settings for Twitter

• Click on your photo and select “View profile,” to see how your profile looks to others
• Click on your photo and select “Settings.” Select “Security and privacy” from the menu.
• Review all settings, but pay particular attention to
  • Tweet privacy controls whether your tweets can be publically viewed
  • Photo tagging, tweet privacy, and tweet location
  • Linkages to other services like Facebook