With classes kicking off this week, Northwestern IT’s Information Security Office has important tips to ensure everyone starts the academic year strong and secure.
Review and strengthen passwords for all your accounts. Strong passwords are a powerful asset and prevent hackers from easily accessing your personal, academic, and professional accounts. There are a number of ways hackers can attempt to steal your password. These password-cracking tools are easily accessible and run with minimal effort on the hacker’s end. For example, brute force password cracking tools run through lists of words and word/number/character combinations to force their way into an account. That means the longer and more complicated your password is, the more time it takes a password cracker to guess your password. Learn more about how to create strong passwords.
Protect yourself against “Zoombombing.” Zoom continues to update its service with security requirement changes. On September 27, the service will begin requiring either a Passcode or Waiting Room to be enabled on every meeting. Zoom is making this change to help prevent meeting disturbances. As activity picks up with the start of the new academic year, take a moment to review recommendations for preventing “Zoombombing” and requesting a webinar license for meetings open and advertised to the public.
Utilize Multi-factor Authentication (MFA) wherever possible. Multi-factor Authentication protects you even if someone steals your password—it also serves as a warning that someone has compromised your password. MFA is a combination of two or more “checks” that confirms a person’s identity logging into a system. Typically, this includes something you know (a password) and something you have (a device). Northwestern utilizes MFA on several University programs to protect personal employee and University community data.
Beyond Northwestern, we encourage you to implement MFA—also known as two-factor authentication, two-step verification, and more—whenever possible on programs, systems, social media channels, etc. MFA can mean many things, including user name/password and a code sent to a device or even biometric factors like fingerprints or retina scans. Most importantly, never share a code with someone else or approve a request if you have not initiated the login. If you receive a login attempt you do not recognize, change your password for the service in question immediately after rejecting the request. Learn more about MFA at Northwestern.
Update or install antivirus software on your devices. Antivirus software protects your devices by scanning it for known malicious files and by scanning files before you download them onto your device. While having antivirus software is not the only necessary step to protect your devices, it is the first and most essential step to protecting yourself from a myriad of malware. Northwestern provides free antivirus software to all students, faculty, and staff.
Use a Virtual Private Network (VPN). VPNs allow you to maintain security and privacy online. When accessing sensitive University information and systems, remember to connect using the Northwestern VPN. All traffic within a VPN is encrypted, preventing unauthorized access to the traffic. Review the Northwestern IT Knowledge Base to learn more about setting up and using Northwestern’s VPN.
All of these steps are critical to ensuring you operate in a safe and secure technological environment. Other helpful resources for you to consider include: