Laptops, smartphones and tablets are a lifeline for many people, fitting everything from work to banking online. Professionals and students from BYU’s cybersecurity program have tips for making life online a convenience, not a liability.
BYU’s cybersecurity measures
John Payne, head of cybersecurity for the Church Educational System said, “BYU has protections in place at various layers of the IT and network environments. Access to these resources is monitored continuously to watch for unauthorized or malicious activity and respond appropriately.”
Payne said the university is constantly investing in tools to address evolving security threats. Despite BYU’s best efforts and technology, however, some of the responsibility for cyber safety falls to individuals.
“Security tools are not perfect, the human element is also a vital component of any cybersecurity program,” Payne said.
Payne explained in case of a university security breach, the Church Education System Security Operations Center has cybersecurity staff ready to respond and keep students’ and faculty’s information safe.
Since most likely do not have a cybersecurity team poised and ready to counter hacks, Payne shared his top three tips for avoiding personal cybersecurity breaches.
Recognizing and avoiding email phishing
Crime has moved from the streets to email and even Instagram DMs. Matt Hillary, a cybersecurity professional for Lumio and a BYU alumnus said phishing, a scam in which someone impersonates a reputable person or company to get personal information from another person, is one of the most common (and effective) online tricks.
In a phishing scheme, the victim may receive an email, text or direct message from someone claiming to be a friend, family member or even a complete stranger needing help. Sometimes it is just a message from an account impersonating another account the person already trusts, asking to verify personal information.
“Phishing and social engineering will sadly be an extremely effective mechanism whereby people and companies get breached,” Hillary said.
Payne said recognizing scams like email phishing is one of the best ways to keep online information safe. Keeping email information safe will often keep most other online information secure, according to Ian Cook, president of BYU’s Cybersecurity Student Association.
“Your email account serves as kind of your way back into a lot of other accounts,” Cook said. “If you lose access to your email, it’s pretty easy for somebody to then move towards other channels and take control of those pretty easily.”
Take advantage of available protections
You do not have to be a cybersecurity professional to keep your devices secure. Payne, Cook and Hillary all said it is important to take advantage of available online protections.
Payne said simple and repeated passwords can be a liability, even though it may seem easier to keep track of.
“Avoid using the same password for multiple websites,” Payne said. If it is hard to remember dozens of different passwords, he suggested using a password manager.
“Take advantage of multifactor authentication wherever it is available,” Payne said. BYU uses Duo Push, a two-factor identification program for logging into BYU accounts. Staying on track with device and software updates will keep users under the latest and strongest security umbrella.
“Keep all the programs you use up to date,” Cook said. Hillary also stressed the importance of regularly updating devices.
“That’s the biggest thing you can do.” Hillary added that devices should be updated “whenever those updates come out.”
What should students and faculty do to protect themselves online?
As far as BYU’s cybersecurity goes, Payne suggested students and faculty do what they can to stay safe online, including educating themselves.
“Resources are available to learn about these protections, and other ways people can act to protect themselves,” he said. For more information, visit infosec.byu.edu