Hackers stole BYU information security management professor Anthony Vance’s credit card information this year. Hackers installed malware at a local retail chain where his wife was shopping. When she swiped the card, the hackers had the Vances’ information.
This was a frustrating blow, but it couldn’t have been prevented, according to Vance.
“There was no security that my wife should have practiced,” Vance said. “The company was compromised … it wasn’t our fault because it was a third party.”
Vance made a YouTube video about information security to point out nobody’s information is 100 percent secure, and all run the risk of identity theft, credit card fraud, spam and unwanted ads.
However, he said there are preventative measures to increase the security of personal information. One of these measures is creating strong and unique passwords. Vance said he uses a password manager which generates strong passwords for different accounts on his computer.
Vance said he simply enters in a password he created into the password manager, and it pulls up all of his accounts.
“I just have one strong password that secures everything,” Vance said. “When I go to a new site to create an account, (the password manager) creates a really complex password that I never even see.”
Vance said a password manager makes life easier and more secure because he only has to remember one password. His password manager automatically enters the passwords for all of his accounts.
Mitch Hussey is a first year student in the Master of Information Systems Management; Hussey said one affordable password manager is GlassPass.
“You can use it for free on your computer, or you can pay a dollar a month and it will work on your phone,” Hussey said. “You just use your fingerprint, and it will put the passwords in for you.”
BYU information technology junior Chris Rupper said many web services use third-party authentication such as Google or Facebook as an option for new users to create an account.
He said these third-parties are much more secure than creating a password with an email.
“It shifts the risk from that website storing your security to bigger companies like Google and Facebook that invest a lot of time and money into making (information) safe,” Rupper said.
Vance said installing antivirus software is a common practice among non-experts of information security. People have several misconceptions about information security, according to Vance.
“I think a lot of (misconceptions are) folklore — what people think is right (about information security) and what they’ve heard from friends,” Vance said.
Experts acknowledge benefits of installing antivirus software, but say it may lure users into a false sense of security, according to the Google Security Blog.
Hussey said BYU student must learn to control their security. He believes BYU students may have misconceptions about information security and hacking.
“When we grew up we got hacked by our brother on a computer,” Hussey said. “When that’s their experience with it, a lot of people don’t realize that it is a serious threat.”
Information systems master’s student Alicia Wilkins said she believes BYU students aren’t generally aware of security risks. She believes we live in a society valuing convenience over security. The point of security is to make things harder, which may be a bit of a turn off to students, according to Wilkins.
“If you know a couple of basic security principles, it’s much easier to protect yourself,” Wilkins said.