Thursday, September 25, 2014

Don't Be a Target


I am hearing about and seeing actual instances of ESSD staff not following good security practices.  Each of us are the first line of defense of a strong network security practice for the district.  When all of us make good security a habit, all of us are better protected.

Gateway

Keep in mind that with the recent additions of digital resources, your network password is now the gateway to your documents stored on network server, your gradebook, your district email, and your Google Apps account (gmail, gdrive, etc.)  If you access personal websites on your district computer such as your bank, personal email, personal Facebook/Instagram/Linkedin/Twitter/etc accounts on your district computer then your hacked network password could lead someone into those accounts as well, especially if you let the browser store your password to these sites.

Mobile Devices

Don't become complacent about iPad security either.  The only protection between instruders and the content on your iPad is the passcode lock.  But, that passcode is useless when you unlock the iPad then hand it to a student, your child, your spouse or anyone.  A user with your unlocked iPad has unfettered access to your district email, possibly your Gmail account, Gdrive, any installed social networking apps, and anything else on that device.  [Note:  While I'm on this topic of mobile device passcodes, do you have your personal smartphone passcode protected?]

Ultimately, you are held responsible for all activity that occurs under your ESSD network accounts.  Regardless of who may have hacked it or who you knowingly allowed to use your account, you will be the person approached.

Here are some reminders of what NOT to do concerning network security.

Don't leave your password in plain sight near the computer or even anywhere around your desk.
Don't give your network password out to ANYBODY, not even a Technology Department member.


Don't give your network password out to a SUBSTITUTE.  See http://estigertech.blogspot.com/2013/10/gateway.html for ways to handle substitute access to your computer when you are away.


Don't give anyone unfettered access to your district iPad.  Setup Guided Access mode http://support.apple.com/kb/ht5509 for temporary users of your iPad.


Don't leave a computer logged in and unattended.  See  http://estigertech.blogspot.com/2013/08/two-simple-keystrokes.html for more information.



Make cyber-security a habit.

You ARE a target regardless of what you think!











Photo Credits
Laptop with user name on label.  "Interesting approach to computer security" by Victor Bayon is licensed under CC by 2.0.

Child with iPad.  “IMG_0102” by Scott Sayre is licensed under CC by 2.0.

Computer with padlock on screen
New Federal Legislation and WikiLeaks Attacks Frame University of Maryland Cybersecurity Center Launch” by Merrill College of Journalism is licensed under CC by 2.0.

You Are a Target courtesy of Securing the Human. https://blogs.sans.org/securingthehuman/files/2013/01/STH-Poster-YouAreATarget-LowResolution.jpg



No comments:

Post a Comment