Tips to Minimize IT Security Risks
This article applies to: Secure Your Computer and Mobile Device
Keeping Your Devices Safe
- Never leave anything unattended in a public area, in a shared living space, or visible for potential intruders. Use physical locking devices or take it with you.
- Use an inconspicuous protective bag or case to carry your laptop and other devices. A laptop carrying case is an advertisement of its contents.
- Install tracking software (Front Door is available for free from Cornell) to help increase your chances of recovery.
- Report theft immediately to the Cornell University Police or local authorities.
- Protect your devices at all times. Even a safe in a locked hotel room may not be enough protection. Keep current backups just in case.
- Research the country’s laws where you’re traveling for what’s allowed to prevent your devices from being confiscated.
- Avoid using your private accounts online, if you use your computer or mobile device in another country. Change your passwords from a trusted computer when you return.
- Have an expert take a look at your devices for viruses and spyware when you get back.
- Learn more about working off campus securely.
Using the Cloud
- Use a cloud service for backups that will keep everything synchronized.
- Read the terms of service first. You may be giving up ownership of your files, or they may not be adequately protected for you.
- Use Box to store files online. Cornell’s IT Security Office has assessed this service. It is secure and allows you to maintain ownership of your files.
Browsing the Internet
- Don’t click on any links that appear to be from a Cornell Office that do not end in cornell.edu before the first “/”.
- Use 2 Internet browsers to separate everyday web browsing from websites you use to access important, personal information.
- Protect yourself further by using Firefox with the “NoScript” add-on for your everyday browsing. This will block the Java content known to be the biggest cause of computer viruses.
Using Public Wi-Fi
Only connect to public Wi-Fi when:
- You know your antivirus software is functioning properly and up-to-date.
- You’ve already installed all operating system updates before connecting.
- Your operating system’s firewall is turned on and running. Go to your Control Panel (Windows) or System Preferences (Mac) to review your firewall status.
- Do not connect to any unadvertised wireless networks. Coffee shops and other businesses should have posted signs. Make sure the name of the wireless network you’re connecting to matches exactly to the name on the posted signs.
- Do not connect to any unsecured wireless network with your smartphone or tablet. Many apps do not send your password securely, which can be discovered by anyone snooping on the network.
Securing Your Tablet and Smartphone
Scrutinize apps you download. Don’t trust all apps in the market.
- Many apps may be published by individuals, rather than trustworthy companies, who have re-packaged them with malicious code designed to steal your information.
- Review the apps you trust – some apps may request access to your phone’s features that are designed to collect information about you and send to the developer.
- Disable access that doesn’t make sense, after reviewing the settings and permissions of each app.
- Enable find my phone (iPhone) or download a trusted app that will allow you track your phone if it’s lost. If your phone is stolen, this will help you work with the police. For help reviewing mobile device security software, see: http://www.ctia.org/your-wireless-life/consumer-tips/how-to-deter-smartphone-thefts-and-protect-your-data#anti-theft_apps
- Encrypt your device using device settings. (For example, Apple devices will automatically encrypt when you set a passcode.) If it gets stolen, the thief will not be able to see your personal content.
- Be cautious with links everywhere, even on smartphones and tablets. Bad links in emails and online are always a threat. Mobile devices can also get viruses.
- Set an unlock Passcode. Require a passcode to unlock your device after a certain amount of inactivity.
- Do a factory reset before disposing of your device or when you get it back from it being lost or stolen. Don’t forget to destroy your storage and SIM cards before disposing.
- Disable Bluetooth when you are not using it to prevent people from connecting to your device.