Oct. 21, 2021

What’s in your cybersecurity tool kit?

Cybersecurity webinar Oct. 26 offers tools and tactics you can use for online security

Cybersecurity is important in helping everyone stay safe online — at home and on campus. It’s important to learn how to protect ourselves, our colleagues and our communities from hackers and fraudsters.

In honour of Cyber Security Awareness Month, and ahead of our special cybersecurity webinar on Oct. 26, Staying Cyber Safe: Working, Sharing and Being Social Online, here are some tools you can use to remain cybersafe this month and all year round.

Turn on automatic updates

Turning on auto updates on each of your devices is one way to remain cybersecure and ensure your apps, data and software are protected. Developers provide patches through updates to close loopholes and stop hackers from exploiting vulnerabilities that can be discovered over time. Turn on auto updates and you’ll never have to check if you’re using the most secure software available.

Use a firewall and antivirus software

Most modern operating systems have built-in firewall and antivirus capabilities. A firewall acts as a gatekeeper for traffic between your system and the rest of the world, blocking potentially harmful data. Antivirus software prevents, detects and removes malicious software known as malware. Make sure your device has firewall and antivirus capabilities turned on and properly configured and updated to ensure you are protected.

Use password managers and multi-factor authentication

Sometimes, it doesn’t matter how complex your password is. If a hacker compromises an organization holding your data, they can access your password without having to attack you directly. And, if you’ve used that password across multiple sites and accounts, then hackers could have access to your entire digital profile, which often includes credit card and personal information.

A good way to protect yourself is to never reuse passwords. Create passwords that use paraphrases, are at least 12 characters long and use a combination of letters, numbers and symbols. Check our password page for more great tips. Using a password manager can help you keep track of your passwords, and many even provide alerts when one or more of your passwords need to be updated due to being affected by a data breach or large-scale hack.

Use haveibeenpwned.com to find out if any of your accounts were part of any large data breaches. The site compares your username to a database of known breaches, letting you know if a password associated with your username has been compromised.

Multi-factor authentication (MFA) is one of the best ways to protect your accounts online. MFA requires two or more verification checks to gain access to your account that fall into one of three broad categories: something you know (password), something you have (a physical/software token, phone/app), or something you are (fingerprint, retinal pattern).

UCalgary uses a password and an authentication app for its factors. Even if a password is compromised, a hacker would need the timed security code sent to your phone or app to access the account. Access to UCalgary accounts on Outlook, Teams and several other online applications require MFA to protect you, your data and the university community. Learn more about multi-factor authentication.

Educate yourself and be aware

Online scams have grown much more sophisticated than the days when you just had to say no to “Nigerian princes” asking for money. These days, fraudulent emails can appear to be from trusted sources that trick you into disclosing your personal information willingly. The best way to protect yourself from these sorts of attacks (also called phishing) is to know how to spot them, report them, and be wary of how and to whom you are sharing your personal information. Take UCalgary’s Introduction to Phishing Course on Enterprise Learning Management to educate yourself on how to spot, avoid and report phishing attacks.

UCalgary will never directly ask you for any personal information or passwords. Anyone who asks for any personal information, by phone or email, claiming to be IT, is phishing for your information.

Follow us on twitter @ucalgary_it for more cybersecurity tips and tricks.

More resources