“When it comes to the computer and the internet, there is nothing wrong with being paranoid. You should be skeptical of everything that comes into your computer and be 100% sure that it is legitimate before taking action.”
That's the message that Dr. Chris Hamady, AWLS Director of Technology had for the nearly 20 community members who attended the District's recent Cybersecurity Lunch and Learn. Hamady, along with Technology Specialist, Devin Filip presented how the Technology Department takes a proactive approach to protecting the District's digital infrastructure and offered tips for individuals to protect themselves from cyber criminals.
Protecting District Information
The pair emphasized the need for a robust security program to help thwart cyberattacks in an age when school districts are increasingly targeted by criminals. They provided an overview of the District's measures to bolster cybersecurity, including the following recent upgrades, many of which private citizens can also employ to protect themselves.
Software is updated regularly: Updates and security patches for devices and servers are monitored and updated as needed to protect against vulnerabilities.
Outdated equipment is replaced: Hardware that can no longer be updated with the latest security measures is replaced with newer technology.
Anti-virus protection measures are in place: All devices across the district are equipped with reliable anti-virus software to detect potential threats.
Data is backed-up regularly: Comprehensive backup systems and strategies have been developed and implemented to ensure quick recovery in the event of a problem.
Cybersecurity emergency response plans are in place: The team has developed an emergency response plan should a data breach occur, and regularly tests and updates these plans.
Prevention training is provided: Ongoing cybersecurity training and information is provided to staff on a regular basis to build awareness of and resilience against cyber threats.
Access is restricted: Two-factor identity authentication has been implemented and is required across the District.
Physical file sharing is discouraged: The practice of exchanging files on USB storage devices has been limited to minimize risks of malware infections.
Proactive education: Identification strategies and next steps for protection are shared regularly with staff to increase awareness of, and intercept the latest phishing tactics
Careful partnerships and purchases are made: The Technology Department closely evaluates and assesses products and services for security before purchase, partnership and implementation.
Protecting Yourself
The second half of the presentation focused on how individuals can take measures to protect their devices and personal information from cyber threats. The quick tips and tricks that Hamady and Filip shared focus on remaining vigilant and cautious when handling devices and personal information. A few of these tips are shared below:
ENSURE DEVICE SECURITY
Do not leave your device in your car.
Lock them with a passcode.
Do not allow others to use your device.
MAINTAIN PASSWORD SECURITY
Create a strong, unique password for each account - preferably one that includes 16 or more characters and features random mixed-case letters, numbers and symbols.
Use a unique password for each account you have. Do not re-use them.
Hint for Remembering Long Passwords Determine a general password format to help you remember, then create a variation of it for each account. EXAMPLE: The account + Your street name + Your pet name + the year + a symbol + the number of letters in the business name. Example 1 - Costco: CoeberStlassieCo2025$6 Example 2 - Walmart: WaeberLmlassieArt2025$6 Example 3 - Huntington: HueberNtlassieIngton2025$10
|
If you still have trouble remembering your passwords, it might be useful to use your browser's password manager (after setting a master password), provided that you do not sync your passwords across devices.
TURN ON MULTI FACTOR AUTHENTICATION
The two-step login feature adds a layer of security to your account, makes it harder for someone to impersonate you, protects against security breaches
Combines something you know (password/username) with something you have (device) with something you are (facial recognition)
USE A SECURE BROWSER AND BROWSER EXTENSION
RECOGNIZE & REPORT PHISHING
Watch for suspicious emails, texts, social media messages or phone calls that request personal information, money or other details. Particularly if they are unsolicited.
If you’re not sure, do not click, respond, open or download any links or files. Instead, contact the individual directly by phone or face-to-face to confirm the request.
Report potential phishing attempts, then delete the message.
Watch for sneaky phishing attempts. For example, publicly posted QR codes can be tampered with to lead users to malicious websites. Be sure you are scanning QR codes from a trusted source.
STAY UP TO DATE
OTHER ACTIONS
Freeze your credit to restrict access to your credit report and reduce fraudulent abuse.
Create separate administrative and standard user accounts on your computer, and avoid using the admin account for day-to-day use.
Avoid using public Wifi for personal business.
Don’t install software that you aren’t sure is legitimate.
Ignore phone calls from strangers.
Confirm any financially-related requests directly with the institution.
Use private browsing to avoid cookies becoming corrupted.
Turn off the “always on” feature on personal assistance apps like Siri, Alexa and Google Assistant.
Hamady and Filip emphasized that hackers are getting increasingly better at accessing information and that no prevention method is 100 percent guaranteed, but any action that we can take against would-be cybercriminals is better than no action at all.
They stressed that remaining proactive and reporting potential fraudulent activity does help and that it is important to remain vigilant in order to protect our personal information.
LINKS SHARED DURING THE PRESENTATION: