8 simple tips to improve your online safety and security

Cybersecurity is everyone's job.

Organizations and homes cannot be secure without each and every person doing their part. Online safety and security are a responsibility we all share.

Here are some simple tips from the National Cyber Security Alliance (NCSA), as well as resources from University Information Technology (UIT) and the Information Security Office (ISO) to help you get started.

Keep tabs on your apps

Most connected appliances, toys, and devices are supported by a mobile application. Your mobile device could be filled with suspicious apps running in the background, or using default permissions you never realized you approved — gathering your personal information without your knowledge, while also putting your identity and privacy at risk. Check your app permissions and delete what you don't need or no longer use.

Share with care

Think before posting about yourself and others online. Consider what a post reveals, who might see it, and how it might affect you or others. Consider creating an alternate persona that you use for online profiles to limit how much of your own personal information you share.

Think before you click

If you receive an enticing offer via email or text, don't be so quick to click on the link. Instead, go directly to the company's website to verify it is legitimate. If you're unsure who an email is from — even if the details appear accurate — or if the email looks "phishy," do not respond and do not click on any links or open any attachments in that email as they may be infected with malware.

Resources

ISO's Beware of Phishing video (below) and Phishing 101 tip sheet are two great resources that will help you quickly familiarize yourself with phishing attacks.

Send suspicious emails to phish@utah.edu. ISO's Security Assurance team will investigate the email in a safe environment and let you know the legitimacy of the email.

When in doubt, throw it out

Links in email, tweets, texts, posts, social media messages, and online advertising are the easiest way for cybercriminals to get your sensitive information. Be wary of clicking on links or downloading anything that comes from a stranger or that you were not expecting. When available, use the "junk" or "block" option to no longer receive messages from a particular sender. Don't trust those links.

Lock down your login

Create long and unique passphrases for all accounts and use multifactor authentication (MFA) wherever possible. MFA will fortify your online accounts by enabling the strongest authentication tools available, such as biometrics or a unique one-time code sent to your phone or mobile device. Use password managers to generate and remember different, complex passwords for each of your accounts.

Resources

Students can use Duo Security, which is already required for U employees, to add an additional layer of protection to their university account. Duo is a two-factor authentication (2FA) method that enhances the security of your uNID by using a secondary device to verify your identity.

Do you have a strong password? With UIT’s Password Tester, you can see if your password meets the University of Utah’s requirements.

Get savvy about Wi-Fi hot spots

Public wireless networks and hot spots are not secure, which means that anyone could potentially see what you are doing on your laptop or smartphone while you are connected to them. Limit what you do on public Wi-Fi, and avoid logging in to key accounts like email and bank accounts. Consider using a virtual private network (VPN) or a personal/mobile hot spot if you need a more secure connection.

Resources

When in doubt, use the U’s virtual private network (VPN) for secure internet access. AnyConnect is the university’s preferred VPN client and can be downloaded through the OSL website (login required).

If you’re visiting a partner institution, you can connect securely via eduroam.

Keep a clean machine

Keep all software on internet-connected devices — including personal computers, smartphones, and tablets — current to reduce risk of infection from ransomware and malware. Configure your devices to automatically update or to notify you when an update is available.

Resources

Antivirus software, like Endpoint Protection, is available for purchase from the Office of Software Licensing (OSL). OSL provides special educational pricing for a variety of software for students, faculty, staff, and departmental use.

Own your online presence

Every time you sign up for a new account, download a new app, or get a new device, immediately configure the privacy and security settings to your comfort level for information sharing. Regularly check these settings (at least once a year) to make sure they are still configured to your comfort.