ONLINE SAFETY AT VU
Cyber Awareness Guide | 4
INTRODUCTION Over the course of our one-hundred-year history, VU has proudly focused on creating education and training opportunities for students in the West of Melbourne and beyond. Our reach extends beyond local borders; we are a global community, now ranked 56 in the world’s top universities aged under 50. It is almost impossible to be a successful participant in the global knowledge economy or society without digital skills and an appreciation of the value of information and data. Whether it’s through mobile devices, online transactions or dating apps, technology has advanced our professional, personal ad academic lives, but it’s not without risk. Cyber criminals know technology is powerful. They use sophisticated activities, continually advancing their skills and taking advantage of modern technology and communications methods to create avenues to lure you into parting with your money or personal details. These criminals act for several reasons: • Some want to make money. • Some want to steal your digital identity and impersonate you. • Some have sinister motives such as online bullying, stalking or even revenge. • Some just do it for fun! We have created this short guide to help keep you and VU safe.
Nitin Singh, Director, VU Cyber
WHY BE SAFE, SAVVY AND SECURE? What we do, see and say online can result in a permanent digital footprint. Victoria University takes cyber security very seriously, and whether youâ€™re a student, academic or staff member, you are required to do the same. So, what does it take to be safe, savvy and secure? Follow the advice in this booklet and you will keep yourself, and VU protected.
Cyber Awareness Guide | 6
PROTECT YOUR INFORMATION
BE SAFE, BE SAVVY, BE SECURE
One of the most valuable assets to you and VU is our information; whether that is corporate, research, academic intellectual property or your personal data.
FOLLOW THESE STEPS TO PROTECT YOUR INFORMATION:
CHOOSE STRONG PASSWORDS Remember, with passwords: • the longer it is, the stronger it is • a strong password is a sentence that is at least 12 characters long and hard to guess • use a password manager to generate unique strong passwords for each online account
• don’t share your passwords with anyone, including colleagues, family and friends.
ENCRYPT SENSITIVE AND PRIVATE DATA Encrypt your personal and VU data so it will remain unreadable and safe. Remember: • use passwords on all your documents and files • zip tools such as WinZip can encrypt your files with a secure password • never share your encryption password on the same platform as the encryption data • only allow the authorised recipient of sensitive data access to the encryption keys/password.
Cyber Awareness Guide | 10
ENABLE MULTIFACTOR AUTHENTICATION Multifactor authentication (2FA) provides an extra layer of security, as it means your accounts can only be accessed when a minimum of two factors are available. Use for your emails, social media and other logins like Apple iCloud.
PRACTICE SAFE INTERNET BROWSING Internet browsing harbours hidden security threats like viruses, spyware and adware. Remember: • update web browsers regularly and enable security features to warn you about potential security threats • look for signs of encrypted web pages such as Green Padlock and https when providing sensitive personal information (banking, TFNs, etc) • only download files from trustworthy sites, such as legitimate app stores or organisations.
BE SAVVY PROTECT YOUR
BE SAFE, BE SAVVY, BE SECURE
Personal information needs to be valued and protected.
FOLLOW THESE STEPS TO BE PRIVACY-SAVVY.
LIMIT YOUR DIGITAL FOOTPRINT Information you post to social media can be used to steal your identity or hack into your accounts. Remember: • ensure privacy settings on social media allow only your friends and family to see your details
• keep in mind our tip about passwords – if you share pictures of your dog on Facebook, don’t use your dog’s name as your password.
UNDERSTAND SOCIAL ENGINEERING Social engineering is the manipulation of people into performing actions or sharing confidential information. Remember: • never share information like passwords, credit card numbers, projects or research theses • lock your computer screen every time you step away, even for a short time • connect to a secure network – on campus, stay connected to eduroam WiFi • never use USBs, memory cards or devices found on the street or given by a stranger
Cyber Awareness Guide | 14
BEWARE OF DIGITAL COPYRIGHT Illegal downloading, streaming, file sharing and publishing are breach of copyright and can result in disciplinary actions, fines or worse. Remember: • unauthorised uploading and downloading of copyrighted works is a crime – is it worth the risk? • don’t risk VU and legal penalties.
BEWARE OF ONLINE SPAMS AND PHISHING Many malware attacks occur through deceitful emails and compromised web pages (spam and phishing). Interacting with these puts your information at risk and can download viruses. Remember: • do not opening email from unsolicited or unknown email addresses • trash attachments in unexpected emails • avoid risky clicks – instead type the address into your browser.
BE SECURE PROTECT YOUR
BE SAFE, BE SAVVY, BE SECURE
Your laptop, phone, tablet, smart watch and other devices make it easy to connect to the world around you. They also contain personal and professional data, including your locations, studies and banking.
FOLLOW THESE STEPS TO KEEP YOUR DEVICES SECURE: 1.
KEEP DEVICES UP TO DATE Keeping up to date is critical cyber security practice and helps prevent malware infections Remember: • install the latest version of all software on your devices as soon as available • spring clean your device, review your files and delete any unnecessary data
• delete any apps and software you no longer use.
SECURE YOUR DEVICE If your mobile device is unsecured, lost or stolen, it could be used to access VU information, your money or steal your identity and irreplaceable data like photos or messages. Secure your devices by: • installing reputable anti-virus software • setting a password, gesture or fingerprint that must be entered to unlock • setting the device to require a password before applications are installed • leaving Bluetooth hidden when not in use and disabling automatic connection to networks • enabling remote locking and/or wiping functions, if your device supports them.
Cyber Awareness Guide | 18
BACK UP YOUR DATA Unfortunately, personal data can be compromised. Have a back up plan and remember: • manually back up all critical data, copy to authorised removable media and securely store • use automated programs to back up your important data, such as Time Machine for Macs • some cloud services provide ample secure storage to back up your personal files, such as OneDrive for business, Google Drive, Drop Box, iCloud, etc
CONNECT WITH CARE Public Wi-Fi hotspots in cafés, airports, hotels and libraries can be risky. Secure your data by: • limiting access to sensitive accounts such as banking, when on a public network • when connected to a Wi-Fi network, identify that it is a ‘public’ network if prompted • on a laptop, don’t share folders or devices with others on the network • installing a reputable VPN solution and create an encrypted ‘tunnel’ that allows data traffic to pass securely over public networks.
of cybercrime victims are 20-39 years old
found employee owned devices have been connected to malicious wifi hotspots
9 out of 10 data breaches happen through phising
of devices are vulnerable to cyber attacks
Spam accounts for over
60% of all emails
Facebook accounts are compromised everyday
Want to check your password strength? of people use the same password everywhere
Learn more and share your personal experiences at
Victoria University Information Technology Services April 2018