By Mohsen Doroodchi, instructional chair, MATC Information Systems Security Specialist Program

Mohsen1

Today, everyone is using different forms of online accounts on regular basis. We have accounts for work email, home email, Facebook, LinkedIn, online shopping, online banking and other eBusiness and eCommerce sites. For the most part, people use the same or similar passwords and user names for almost all of their online accounts.

What if one or all of such credentials are lost or stolen? What if 1.2 billion of these credentials are compromised? A few days ago, The Milwaukee Journal Sentinel reported that Hold Security, a Milwaukee security firm, revealed that Russian hackers have access to 1.2 billion accounts. Their report said, “The massive size of the trove instantly attracted attention.”

Security researchers reacted to this news differently, according to a variety of media reports. However, the reality is that millions of accounts are compromised. There also have been recent account breaches of Sony, LinkedIn, eBay and Adobe which account for 500 million compromised credentials.

Similar to the way living a healthy lifestyle requires some level of knowledge about how the body works, living healthy in cyberspace requires general knowledge of how computer systems and the internet work. We need to be aware of our responsibility for internet safety.

Many issues and questions arise. How often should we change our passwords? How should we select complex passwords which are at the same time easy to remember? What other problems can happen on the internet? How about malware? How about spam and phishing emails? How about identity theft? How about data breaches that have happened to large organizations such as companies and universities? How can we prevent these problems? What should we do after we learn of a security breach?

MATC’s information systems security specialist program teaches students to deal with complex internet security issues, including infrastructure security, system security, digital forensics and intrusion detection for businesses and organizations. The program also offers internet security awareness for the MATC community and the public.

Here are some suggestions for dealing with the newest security breach and for continued internet safety:

      Passwords should be strong and need to be changed frequently. A 12-character word which is a combination of lowercase and uppercase characters, symbols, and numbers is a strong password. For critical accounts, a password of at least 15 characters is recommended so it will be very difficult to crack.
      Don’t use the same password for each account. Make variations on a password to make it unique to each site. That way if one site is hacked, criminals will not have your password for every account.
      Don’t use common words that are searchable in the dictionary for passwords.
      Some banks and financial institutions offer additional authentication methods such as one-time codes sent to the mobile phone. Make sure to use them if available. Monitor your financial accounts frequently; report unusual activity immediately.
      See if your bank or credit bureau offers a free or low-cost credit monitoring service.
      When using financial sites, make sure there is an “https” before the URL and make sure there is a padlock icon on the page.
      Make sure to set privacy settings for various websites such Facebook to cut down on information the general public can learn about you. The more people know about you, the easier it may be to guess your password.
      Keep a list of passwords, but write it in a code you will understand rather than writing down the full password.
      Keep your virus protection, operating system and browser up to date. Run a full scan of your computer every day. Keep your computer updated as well.
      Most passwords are compromised through spam emails by clicking on a link in the email. Don’t click on such links, even if they seem to come from a trusted business or a friend. Double check to make sure the email and the link is legitimate. Go directly to the website via URL instead of clicking a link.

MATC offers a number of IT security programs, for more information, visit http://www.matc.edu/business/index.cfm

 

Advertisements