Online Security Tips
Although adhering to online security guidelines does not guarantee protection against cyber attacks, they significantly minimize the risk. Here are our best practices to help you optimize your online security. Please note that these tips apply to any device that connects to the internet.
Password Tips
Using a strong and unique password is integral to maintaining a protected workspace. A password manager can help create and store strong, unique passwords. If additional security features are available such as two-factor (multi-factor) authentication, make sure to use these features.
Use the following guidelines when creating a password:
-
Use a combination of letters (capitalized and lowercase), numbers, and special characters.
-
Use 14 or more characters.
-
Do not reuse or share passwords.
-
Change passwords in the event of a security breach or every 90-120 days.
Website Security
When visiting websites, make sure that they are trusted and secure. Use trusted websites with certification such as SSL, in addition to antivirus software to protect against malicious software. Typically, web browsers will have features or pop ups that inform you of secure or insecure websites.
Tips for maintaining security when web browsing
-
Use antivirus software to protect against malicious software.
-
Use trusted websites with certification such as TLS.
​
Web browser security guidelines
Phishing and Online Scams
Phishing attacks are intended to trick you into sharing or accessing sensitive information such as passwords, bank information, Social Insurance Numbers, and other personal information. If you encounter a phishing or online scam do not respond or visit any included links.
Below are warning signs of online scams:
-
Email or text message from an organization or person you don’t know or use.
-
Requests for personal information such as passwords, account numbers, etc. Legitimate organizations will never send emails asking for sensitive information.
-
A hyperlink that does not look legitimate.
-
Spelling mistakes or grammatical errors.
-
Offers or messages that seem overly urgent or too good to be true.
-
An email or social media message that appears to be from a friend but seems out of character for them.
-
Anything else that causes uneasy feelings or doesn't seem quite right.
Integrated Device Security
Use integrated full disk encryption features for your devices: FileVault (Mac) and BitLocker (Windows). These features provide protection against accessing the computer’s hard drive. In addition, make sure your device is password protected and locks if inactive.
Public Wifi
Be careful using public wifi—such as at hotels, airports, and coffee shops—because you become vulnerable to cybercriminals accessing your data. Possible solutions include using a trusted virtual private network (VPN) or only using private (home or business) networks.
Keeping Software Up-to-Date
Installing the latest security updates is integral in being safe online. Make sure to install the latest updates to your operating system, applications, and any other platforms that store personal or sensitive information.
Other Tips
Closing or deleting unused online accounts and applications is a good practice as this minimizes the risk of cybercriminals gaining access to your data. Keeping a backup of your data is an important safety measure in case of an unforeseen loss of access.
Device Security
One of the best ways to protect the data on your devices is to prevent access in the first place! Make sure your devices are all password protected and lock after inactivity. In the case that your device does get lost or stolen, make sure you have all of your data backed up either using an app, or an external hard drive.