NOT SAYING GOODBYE

Because this is not the end of the road

Not every user at Masaryk University will read this course. But you’ve gone so far! What does it mean?

You’ve learned that in cyberspace, the possibility of an attack on your treasures (money, devices, data, photos, messages, the reputation of you, your company, or family) is much higher than in the physical world. You've learned how to face those threats using simple and effective precautions. You’ve found your security priorities (what, why, and how to secure the most critical data). Therefore, you’ve got far away from inexperienced users who rely only on seemingly strong passwords, nothing more. Congratulations! We guarantee you won't regret it.

At the end of our course, we prepared a summary of the basic rules of secure behavior in cyberspace. You can return to the key information from individual lessons using the links below.

Which topic would you like to review?

Securing devices

SECURING DEVICES

Working on a notebook and PC

Lock your screen manually (shortcut Win + L). Always open the anonymous browser mode on devices that are not yours or are shared by many people. Does your device contain sensitive data? Then you must start with encryption.

View details in the lesson

Updates

Never postpone updates, they will eventually run automatically anyway (in the most unfavorable moment). An outdated system is full of security holes, rendering your other precautions useless.

View details in the lesson

Caring for a smartphone (and tablet)

Set a screen lock: ideally use a PIN code, but at least a fingerprint or a gesture. Set an automatic lock after a few minutes of inactivity. Let the notification previews show you just the essential parts (e.g., name of the sender, not the content). Encrypt the device and the SD card in the device settings. Don't forget, specialized apps can help you find and block a lost device.

View details in the lesson

Antivirus

Antivirus should be installed on mobile devices too. It can filter dangerous apps that you may accidentally download even from the official store.

View details in the lesson

Back-ups

If you treasure your data and their irreplaceability, perform regular backups. Choose one or more data storages (consider money and space), then select types of files to backup. Cloud, as an online solution, is ideal for present smaller files. An external disk is better for a vast amount of not-so-irreplaceable data (like movies). The most precious data should conform to the 3–2–1 rule. That means three copies on two media, one of them outside your home. Consider comfortable automatic backups. At MU, you can use Microsoft OneDrive.

View details in the lesson

Passwords

PASSWORDS

Passphrase

The passphrase is the most secure password. It consists of a phrase (more or less random sequence of words) and ideally numbers and symbols. Remember the examples?

WH0Ashesaidyes, rating9*forG0T, never8say8never, ittakes2totanG0, oncebittentwiceshy...

View details in the lesson

Password manager

Simple and secure cloud-based solution (therefore, you don’t need to download the app, you can log in online). It can store an arbitrary number of passwords to your accounts. You decide whether to save passwords for Facebook, e-mail, or bank. If needed, review the LastPass password manager installation tutorial.

View details in the lesson

Stop your bad habits

No more writing passwords on a piece of paper, no more re-using one password for all services from Instagram to a bank, no more sharing passwords among the whole family. Remember what you safeguard, manage, or follow online. Protect your treasures.

View details in the lesson

Self-defense

SELF-DEFENSE

Spectrum of manipulation

The attackers tend to be creative, prepared, and knowledgeable about you and your workplace. They rely on humanity, rush, curiosity, confusion, trust. Be careful, and don't hesitate to confirm the information with the corresponding service or institution. Three basic rules are:

  • Never click on URL call to action links (password change, distraint order, etc.).
  • Never open unknown attachments.
  • Always check requests.

View details in the lesson

Phishing

Phishing is a popular attack based on distributing bulk fake e-mails that try to push you into some action. View our phishing guide and remind yourself how to recognize a phony e-mail.

phishing guide

Address bar

Always check the address bar, especially when typing private information or when logging into apps. The slightest change (hyphen instead of a dot, swapped letters, etc.) is almost invisible and, therefore, effective trick of attackers.

View details in the lesson

Public Wi-Fi

On public Wi-Fi without a password, everyone connected to it can see what you’re doing (including your password or other private data). On password-protected public Wi-Fi, private information is visible only to an administrator. Turn off automatic logging to public Wi-Fi without passwords.

View details in the lesson

VPN: truly secure internet connection

VPN makes you (almost) invisible, which assures a more secure Internet connection. All you have to do is download the VPN app and keep logging into it regularly.

View details in the lesson

Differentiating the importance of accounts and shared information

Categorize your accounts (and shared data) into three categories. The red box contains the most critical data with a severe risk of misuse. The yellow box information has some dangers of abuse but smaller than the red one. The green box includes not so essential or public information. Review some examples visible on our switching cards.

 

HIGHLY IMPORTANT

Maybe: internet banking, social network profiles, (work) e-mail, work or school information systems.

 

MORE OR LESS

Maybe: telephone number, permanent residence address.

 

NOT SO IMPORTANT

Maybe: e-mail with advertisement offers and spam.

 

Sharing private information

You involuntarily leave some information behind in the cyberspace (cache, browser history, cookies – although proper settings and an anonymous browser mode reduces their amount). Voluntarily shared information, typically on social networks, should be well-guarded. Set a private profile, communicate with people you know, and consider what information you really want to share with the whole world (e.g., the date of vacation or ID card number shouldn’t be on that list).

View details in the lesson

Communication

COMMUNICATION

Eduroam

Eduroam is an international network. Therefore, as an involved member from MU, you can connect to the Internet from many places, not just from Brno. For a genuinely secure connection, install Eduroam CAT (assures the correct configuration) and a VPN (ensures your privacy).

View details in the lesson

File Depository

File Depository offers secure sharing of research or private data. Each uploaded file will be saved for 30 days. You can share files within MU or publicly, and your identity of the sender or receiver is guaranteed. An alternative solution is OneDrive in O365.

View details in the lesson

Encrypted e-mails

A signature is not the same as encryption. The signature guarantees that you personally are really sending the message. Encryption, in turn, ensures that just the intended recipient and no one else will read the message.

View details in the lesson

Incident reporting

INCIDENTY

To report or not to report?

The answer is always to report, even if you're unsure. Specialists from the CSIRT-MU will evaluate and resolve the situation. User reporting improves the security of the MU cyberspace.

View details in the lesson


 

Keep discovering new cybersecurity horizons with us. Like our page on Twitter to stay updated. 

Time for thanks

Some of the new rules and principles are easy to follow; others are not. But keep trying and never give up! You don’t have to change everything at once. Return to the course from time to time and remind yourself why you wanted to change in the first place. Cybersecurity is not a one-time product, but a mindset.

We believe in you.
Thank you all for your time and trust.
The Cyber Compass team

You are running an old browser version. We recommend updating your browser to its latest version.

More info