Ten computer security tips for back to school

By: Tim Teatro

September 5, 2011

By Tim Teatro

It’s that time of the year again boys and girls! While we’re all caught up in the excitement of orientations, buying textbooks and decorating dorm rooms, it is important to give some thought to security. It only takes a little bit of time and care to ensure that you don’t become an unlucky statistic.

Here’s ten tips to keep yourself safe from common disasters that I see each year as a university TA.

  1. Encrypt your thumbdrive/SD cards– If you do not have a thumb drive, you will need one. It’s not just for passing files between friends, it is an incredibly vital branch of your file backup system.Each year, I see situations where one student loses their portable storage, and another student finds it and garnishes their assignment with stolen data from the found thumbdrive. Unfortunately, they both get zero.My personal favourite software for encrypting my data is TrueCrypt. Use it on all of your important data.
  2. Use Lastpass to create and manage strong passwords. – Unless you take the time and effort to memorize random string of numbers and letters then your passwords are junk. That may sound harsh, but you should not feel safe if you are not. I have used Lastpass for years and I trust it. All of my passwords are insane random strings that cannot be directly hacked. No normal human could memorize them, so I use Lastpass to manage them. I need only memorize one master password to unlock my passwords and secure notes that I store with Lastpass.
  3. Back up your files with Dropbox.– Amazingly, students still don’t back up their data and end up losing their files the day before the deadline! A proper backup requires you to have a local copy, a local backup and an off site backup. Dropbox will create a folder on your computer(s) that is securely synchronized on the Dropbox server. This takes care of your off-site backup and is free for 2 Gb or less.
  4. Secure your browser – Usually the first step in browser security is getting rid of Internet Explorer or Safari. Even Microsoft doesn’t claim safety as a reason to use IE9. Safari isn’t much (or any?) better. Firefox is, at the time of this writing, the best choice for security.Next, check your settings to be sure they they are secure. Never use your browser to store your passwords. Your passwords can be lifted from your browser in seconds. See my tip above on using Lastpass to manage your passwords.
  5. Secure your wireless router.– A common misconception is that the only reason to secure your wireless router is so people do not steal your bandwidth. The truth is that without proper security, you are blasting your data un-encrypted for all to see. WEP is not good enough. Use WPA encryption with a proper and strong passkey. Consult your router’s manual for instructions.
  6. Set a password on your cellular. – As the CBC has pointed out, Canadians do not take the proper security precautions with their cell phones. If you do not set passcode locks on your phone, then losing your phone can cost you money, personal data and even open you up to further security threats from identity thieves.
  7. Sync your bookmarks. – There are several services out there to store your bookmarks. Chrome will sync to your gmail account, but a more universal solution is Xmarks. Xmarks is from the makers of Lastpass and is a fantastically convenient tool to synchronize your bookmarks across multiple browsers and devices.
  8. Use legit’ office software.– Pirating your office software is risky and dishonest. It can lead to problems if your efforts to bypass digital rights protection fails near a critical deadline, leaving you without an office suite.I highly recommend you check out LibreOffice. Not only is it free (and open-source), but it is new and new features are added constantly. It opens, edits and saves files in Microsoft Office formats. For users with outdated copies of Microsoft Office, LibreOffice will open and edit .docx files, allowing you to collaborate with others who use the latest Microsoft Office.
  9. Review your facebook settings– particularly useful advice for freshmen. Going to a new school and meeting new people makes it particularly important to be sure than your privacy settings in facebook are what they should be. You cannot rely on facebook to keep your settings as they were set when you signed up. When I signed up for facebook (years ago when I lived with my parents), I locked everything down tight. Last year, one of my overzealous students found my (parents) number on facebook (no, he was not one of my friends) and started phoning them wanting to know what his exam mark was. Some people have no sense of boundaries, so keep your personal information locked up!Oh, and for those of you who think their drunken frosh pictures are a real hoot, remember that your future employers may be seeing them if you post them on facebook.
  10. Encrypt your laptop hard drives.– Entering a password to log into your computer does not mean that your data is safe. Your operating system’s login password opens your session, but the data it allows you access to is un-encrypted. Unless you encrypt your hard drive, your data is accessible to anyone who finds (steals?) your computer. They do NOT need to log into your operating system to see your data!TrueCrypt is an industry standard tool for encrypting anything from hard drives to SD cards. It is completely secure and always a good idea.

3 comments

  1. timtro@gmail.com'
    Tim Teatro
    Author

    @Philip: Thanks for your comment. The security warnings sent out by Lastpass don’t constitute major breaches. Lastpass never actually has un-encrypted copies of your passwords or data, so there’s nothing serious to be stolen from their server. Even Lastpass cannot unlock your data files without your personal password. All they ever get is hashes of your password, so you are not trusting them to protect your data, just to store it. The breaches to which you refer were in fact only potential vulnerabilities which were patched, and only a risk to people with very weak master passwords, who are actually at risk simply by having their encrypted data on their OWN computer. If I were a hacker, I would hack their computer to get the data before I were to hack the computers at Lastpass. I recommend Lastpass because I understand how it works and therefore I trust it. I don’t know how RobForm works, so I can’t trust it. (That’s not to say that it can’t be understood, just that I have no need to do the research again to move away from Lastpass.)

    As for using GoodSync, I can’t recommend it because it doesn’t work on Linux. Do you have a problem with Dropbox, or are you simply offering alternatives?

    Thanks again mate.

  2. rfsnowball@yahoo.com'
    Phillip

    I’m surprised by some of the choices here, these are meant to be security tips but both LastPasss and Dropbox have had major security breaches in the past year. If you want secure alternatives, try RoboForm instead of LastPass and GoodSync instead of DropBox. Both are made by Siber Systems which have never had any security issues in the history of the company, better supported and more secure. Just better options all together.

Leave a Reply

Your email address will not be published. Required fields are marked *