Semester security guide
How to save extra worries with a few steps and who to contact in case of problems?
A new semester is here. Someone jumped from exam period straight to the new semester, and the other managed to relax. Whether we are sitting in the lecture, leading the course, or dealing with accounting from one of the faculties, we are all just looking around in a load of new information and perceptions for the first few days. In a short time, study and work responsibilities will be imposed on us again. Let’s stop for a moment, breath in, and invest in ourselves – in cybersecurity prevention is enough to spare extra work or unnecessary stress. That’s why the Cybersecurity Team of Masaryk University prepared a semester security guide, which will lead you into different cybersecurity corners and also in physical spots of Masaryk University, where knowing some cybersecurity principles may come in handy. You will also get to know what can make your work easier and who is there for you in case you need a helping hand in cyberspace.
#1 Accounts, access data, passwords…
Essential parts of our lives in cyberspace. Sometimes other services or other platforms in which we need to sign up and which are good to protect and secure are added at the beginning of the semester. To secure our account, we should use strong phase passwords. Such a password should consist of three or four words, which would be easy to remember for us and which would be supplemented by special characters (@, #, %). It isn’t something complicated for us as creators of the password, but this will make it very difficult for potential attackers to break into our account.
The next principle is that we should not share our passwords with anybody (even not with our partner or siblings). We also should not write them down anywhere. Instead of this, we can use a password manager, which is for managing the passwords created. Which password manager to choose and more information about creating strong passwords, in general, you can find in our online course Cybercompass.
The general security of our accounts is good to support also with other principles. For example, we should always sign out from the school computers in libraries or classrooms before we leave. It is also useful to lock the screen of our computer in case we leave it at the place where it is accessible by others (for example in the library). We should use rather a school network instead of public WiFi for the entrance of our school accounts. It can also be useful to check which information about us is public at school networks and make sure that the others can reach just the information we allow – do we want, for example, our schedule or academic performance to be public?
#2 Communication as a basis
Communication has never been easier thanks to the internet, and using different online channels and services belong to everyday students and work life. Masaryk University provides many information and telecommunication services, which can make your life and everyday activities connected with communication easier – either you need safely save your data, arrange videoconferences or just print the document. Overview of all the services which MUNI provides you can find in IT MUNI catalogue, you will find there also descriptions and instructions.
Big security plus is also the Eduroam network, which you are using on the common academic ground. But you maybe don’t know how it differs from usual WiFi networks and what benefits it brings. It is an extensive world network with many partners – that’s why you can find a connection to the internet through Eduroam on Erasmus, on a business trip, or simply on a trip - and not even necessarily around the local campus. As a member of the involved institution (Masaryk University), you can connect by your UČO and secondary password. You can find more information about Eduroam, but also more tips for your private communication in our module Secure communication, which we have prepared for you within the course Cybercompass.
#3 Social networks
We will certainly have many successes during our studies and work – career advancements, graduation, nice moments with schoolmates or colleagues… It is natural that from time to time we want to share those moments with others on social networks. But what to look out for? It is always good to think about who all has access to our photos and information. Because all these posts contribute to enlarging our digital footprint, which can serve as a direct invitation for attackers, who can then focus on our details, bank accounts, and other valuables. You can find more about how to prevent disasters (not only) on social networks in our module Self-defense, which was created within the course Cybercompass. And how creative can swindlers be? Just read on…
#4 Swindlers? No chance!
Our Universities are also affected by various dishonesty, which the attackers often plan carefully. Those attackers take advantage of us being erroneous, inattentive, or just friendly – in short, being human. The methods of attack that are based on this are called techniques of social engineering, and it can happen that you will come across them also in the (cyber) environment of the university. Which next steps can help us decrease the risk of catching in one of the prepared traps?
In the case of e-mails, in the slightest doubt, it pays off to control the heads of the messages. We recommend looking at where the mail is coming from and not opening e-mail attachments from unknown sources. The next rule is that we should not provide our access data to strangers (not even in the case when the person on the phone claims that he/she is a worker from the IT services department). At the same time, we should avoid connecting foreign flash disks, SD cards, or other devices whose origin and security we know nothing about to our computer.
It is a matter of course to have an antivirus program installed, which we regularly update and use strong phase passwords, which we mentioned above in tip #2.
#5 What to do if we get fooled?
Man is not infallible, and sometimes we simply cannot avoid various mistakes, whether we are new to cyberspace or experienced experts. So what do we do when we fall into a trap?
At first, it is important to admit that we became a victim of some kind of attack and do not stick our heads in the sand. There is always someone who can help you with your problem. Within Masaryk University, there is always available for you the Cybersecurity Team of Masaryk University (CSIRT-MU), to which it pays off to report any security incident. Even in case you got just suspicious e-mail.
Not only CSIRT-MU can help you with your problem, but you will help to protect others by reporting such security incidents, so the others won’t get caught.
How exactly report your suspicions, and what specific information to provide? The Incident Reporting service will inform you about this.
#6 Prevention as an effective solution
Due to our reduced vigilance in a stress situation, which can be caused, for example, by approaching deadlines, accumulated tasks, finishing bachelor or master thesis, and on top of that learning for your state exam, we are much more prone to become a victim of a cybersecurity attack. We would miss that, wouldn't we? But no need to drop your mind! Simple measures can prevent a lot of potential disasters.
But where to start? Exactly for you to get the right prevention habits is there the web page security.muni.cz. It is a signpost of various courses and educational materials from the Cybersecurity Team. We make sure that the advice provided is always understandable, practical, and usable outside of the university.
#7 Keep your sanity…
To stay vigilant in cyberspace, we need to care about physical as well as mental well-being. No less important tip from us is the instruction on how to start with digital hygiene.
The project Replug me can help you with the first steps. You can find there different kinds of suggestions and consulting, how to find a healthy relationship with technologies as well as with ourselves. You can join some of their challenges too. It also pays off to search for details, which can have a positive impact on our well-being, thus on a certain balance between the online and offline world. For example, we recommend watching your screen brightness level (having it on the max level all the time isn’t the best thing for your eyes), do not neglect the cleaning of the physical workspace as well as your desktop. The next important detail is to keep in mind that we should alternate sitting at a computer with motion. All those steps create a good way for better physical and mental health.
Our guide showed you different corners of Masaryk University, where varied recommendations may come in handy. You don’t have to be afraid. No one is waiting for you, that you will begin to follow everything you have read after today’s midnight and that you will become a cybersecurity expert tomorrow. For the beginning, it is enough to be careful and begin with a few principles there, where you find yourself the most often. Add more over time, and it will work on its own - safe movement in cyberspace is not rocket science. We keep our fingers crossed that the semester will be a success, and we wish you as little trouble as possible!
