UNIVERSITY PARK, Pa. — According to a study conducted by Norton Security, about 18 cybercrimes occur every second. To help combat this epidemic, Gerry Santoro, a senior lecturer in Information Sciences and Technology (IST) at Penn State, taught a group of students and community members proactive steps to safeguard their online information.
“Security is a big issue with the internet because it was developed without the idea of what would happen if someone purposely tried to misuse it,” Santoro explained.
In his spare time, Santoro created several sites devoted to cybersecurity education like SantoroSecurity.weebly.com, in the hopes it enables the average user to safeguard their information. “It’s also like a community health issue. If my neighbors are more secure, I will be more secure,” he said. “That’s the idea [of this lecture], to give you the power to control what you can control. And that’s more than you think.”
At the event sponsored by IST’s Security and Risk Analysis Club and the American Civil Liberties Union of Pennsylvania, Santoro presented 20 tips on personal cybersecurity and highlighted the following as the most impactful for individual users.
Exclusively use a least privileged account (LPA) on your computer.
LPAs are profiles on a computer that do not have administrator access. “If any site attempts a malware download, it will be stopped because there won’t be privileges to do it,” he said.
“When you get a new computer, it’s so easy,” he said. Simply set up your computer with an administrator profile, and then create a secondary, limited profile. Then going forward, only use that account. According to Microsoft, 64 percent of all vulnerabilities detected in 2009 could have been prevented by the use of an LPA.
Create strong passwords.
“A big issue today is with passwords,” Santoro said. The most common passwords, like “1234” or a child’s name, are easy for hackers to guess. Santoro suggested creating an ‘algorithm’ from your favorite song or poem. His example was, “Lady Madonna, children at your feet, wonder how you manage to make ends meet?” from the Beatles. By including special characters and numbers, that password becomes “LMc@yf-whUm2m3m.” Although memorable for the user, that password would be difficult for a hacker to guess.
Santoro also recommends not using the same password for multiple accounts. “If one account gets hacked, the person will most likely try your other accounts to see if that works,” he said.
Use a virtual private network (VPN) on all public networks.
Free Wi-Fi may be convenient in hotels and airports, but Santoro warns your data becomes extremely vulnerable when accessing these public networks. “[A VPN] is a way to use a public network for private communications. It’s why businesses often use them,” he said.
A VPN will shield your online activity from others on the network and provides an additional layer of security that is greatly needed. With affordable options available for personal use, Santoro said they are worth the price.
“Like it or not, you are the only one responsible for your online security,” Santoro said.