Seven months working (virtually) with cybersecurity professionals has made me realize how unaware many students are when it comes to their cybersecurity.
Even before the COVID-19 pandemic drove the shift to online learning, most college students needed to use a computer every day.
Whether it's communicating with classmates, taking notes at conferences, or researching for assignments, technology is very important to any student.
I asked 15 students who weren't studying computer science or cybersecurity about their online safety behaviors, and although it was an informal study, the results surprised me.
With technology being such an important part of student life, the number of students unaware to cybersecurity threats is alarming.
This is why I leave you some simple cybersecurity tips that all students (and non-students) should know to protect themselves: do your homework!
1. Stick to HTTPS websites
Searching for information requires students to jump between many websites every day, but how often do you check the search bar?
Make sure to verify that each website you visit uses HTTPS (secure HTTP, where there is a lock in the address bar) instead of HTTP.
13 of the 15 students consulted did not know the difference between HTTPS and HTTP.
Fortunately, if an insecure web page asks for passwords or other personal information, most browsers will warn you not to enter it, as insecure web traffic data can easily be spied on while browsing the Internet.
However, it is important that you know the difference between HTTPS and HTTP, to ensure that all communications are encrypted and cannot be eavesdropped as they move between your browser and the sites you visit.
The web content you see, and even the order in which you visit a series of web pages, especially if those pages are on sites that you would not normally visit, but need to refer to for research purposes, tell a story about you that is not a matter. No one else's.
2. Beware of scams
College students typically receive many emails a day about conferences, seminars, newsletters, student union activities, and other college-related information.
Despite the flood of emails, you should stay alert and read emails carefully, especially if they ask you to take some kind of action on your computer, such as clicking a link, downloading a file, installing a new application, or changing a system configuration.
To avoid being scammed or a victim of identity theft (since this type of email is where you are tricked into providing confidential information to the wrong person, for example, through a fake website), it is important that you make sure that that the sender is really who they say they are.
If you are not careful, you could end up revealing information and details that must be kept private, including credit card numbers, details of identification documents such as your ID, or your home address.
When it comes to personal data, use the mantra, "If you have any doubts, don't reveal it."
Hide your IP address
Once a malicious operator has access to your company's IP address, they can potentially cause any amount of damage, ranging from small nuisance incidents to major events that have a lasting impact on your bottom line.
For example, they can replicate your IP address to download illegal content that can cause problems with internet service providers or law enforcement agencies; more seriously, they can use the address to launch large-scale attacks against your network, including highly damaging DDoS (distributed denial of service) attacks, which flood corporate servers with fake web traffic to render connections inoperable. This can result in extended outages that will interrupt your ability to deliver core services for your clients, leading to lost revenues and reputational damage.
It's also worth considering that some criminals use IP addresses alongside geolocation technology to track down the physical location of your company's offices and devices, which creates a whole other spectrum of potential risks. Naturally, incidents such as these represent a worst-case scenario - but it's still worth taking any obvious precautions to prevent such risks from arising.
IP addresses find utmost importance in the exchange of information or data over the Internet. We hope the information above has answered the question: what is my IP address ?
4. Log out or lock your computer when you are not using it
Many students use the library to study, but there are many distractions, even in a library.
Stepping away from your laptop for just two minutes to go to the vending machine could be potentially dangerous if you "don't bother" to log out or lock your computer before leaving it unattended.
Although it is unlikely that someone will be loitering and waiting for you to leave your account open and free to use, it is better to be safe than sorry.
It's worth spending a few seconds unlocking your screen or logging back in, than giving someone the opportunity to alter your settings, take a look at your files, or install some kind of malicious app to spy on you.
Even if all that happens is one of your "friends" posts a silly Facebook message behind your back, it's something you haven't done that ends up being posted under your name.
Worryingly, only 3 of the 15 students asked said they log out of their account or lock their system when they leave their laptop unattended in the library.
I recommend that you use a hotkey to lock your computer manually. Do not rely on the "automatic lock", because it usually takes at least two minutes to activate after leaving your laptop. Use Windows + L on Windows or Control + Command + Q on a Mac.
5. Use a good password manager
Surprisingly, 13 of the 15 students said they don't use a password manager.
Students are probably already inundated with passwords with all of their social media accounts, and when college starts, the number of passwords inevitably increases.
When you have a lot of passwords to remember, it's easy to get into the habit of using the same (or at least very similar) for all accounts.
In other words, if one of your accounts is hacked, the person who hacked it will immediately know how to access all of your other accounts.
A password manager automatically chooses and remembers a different, strong password for each account.
It also helps prevent you from accidentally entering passwords on bogus sites (that's what we described earlier as "phishing"), because the password manager keeps track of the correct web page to use for each account.
You just have to pick a really good password for the password manager!
For tips on choosing the right passwords, including your password manager's password, I suggest "How to create a strong password" video:
6. Reduce your cyber stress
Starting college can be incredibly stressful, even without the new cybersecurity threats you face, when you embark on your own in a world where you are expected to spend hours online just to do the research you need to do in order to complete your course.
Trying these simple cybersecurity tips will help you reduce your cyber stress and keep your personal accounts and private data safe.