Computer and Online Security Tips
Resources, tips, and tools to help you keep your computer secure and operating properly.
Update Software Regularly
Regularly updating your software helps prevent vulnerabilities from developing. Setting up automatic updates ensures that your software will always be up-to-date. Refer to the following links for more information on how to set up automatic updates:
Use Strong Passwords
Passwords are the number-one target for hackers and cybercriminals. Having passwords that are unique and difficult to guess can reduce the chance of your information being compromised.
- Passwords should be long and complex
- Never share your passwords with anyone
- Keep your passwords secure and avoid writing them down
- Create a unique password for every account
Use Updated Anti-virus Software
Using anti-virus software on your computer and devices helps prevent viruses and other forms of malware from being downloaded. Here is a list of available antivirus software:
Beware of Phishing Scams
Phishing is when hackers attempt to steal your personal information by impersonating a trusted source. These scams include e-mails or text messages that appear to come from trusted sources and ask you to click on a link, which takes you to a phony site. Once there, you are asked to input personal information. If you do so, the phisher will use your information to access your accounts.
Avoid phished by:
- Typing in the original URL, rather than clicking on a link provided in an e-mail (i.e. if it says it links to iastate.edu, type in iastate.edu in your address bar instead of clicking the link).
- Never providing a password or username in an e-mail or over the phone.
- Checking the URL of the link provided in every e-mail to see if it is one you recognize.
- To do this, hover your cursor over the link and check the lower left-hand side of your web browser to see if the link is authentic.
- Not opening e-mails or attachments, downloading files, or following web links from unknown sources.
Verify a Website's Security
The website design will appear the same as the original one so there is no point in examining it to find a difference. However, the phishing URL cannot copy the official URL of the website so check these items to identify phishing:
- Name of the website is usually misspelled (e.g., “www.paypal.com” is written as “www.paypai.com” or “www.paypol.com”)
- * “HTTPS” connection is missing - check if the “Lock icon” at the start of the address bar is "Red" it should be “Green” or “Gray”
- Check the Security Alerts - Phishing E-mails frequently for recent attacks
* The number of hishing sites hosted on HTTPS pages is rising significantly faster than general HTTPS adoption. The green or gray paddlock (i.e., HTTPS certificate) indicates the data is encrypted in transit and has no indication the site is secure and legitimate. An HTTPS site is not less vulnerable than a non-HTTPS site.
Backup Data Regularly
Regularly back up research files, class work, and other important information to a separate storage device to prevent the permeant loss of important information or documents.
To back up data, visit the corporate website of the operating system your computer is running, if not listed below.
Use a Firewall
Use a firewall to filter out unauthorized traffic from the Internet. For more information, visit:
Secure Mobile Devices
Mobile devices often contain personal and sensitive data, posing a security risk to both individuals and the university. Wireless mobile traffic may be unencrypted and can be intercepted. It is recommended you use a passcode on your device to protect personal and university data. If your device is lost or stolen, you can contact the Data Protection Office to explore ways to remove data from your mobile device remotely.
Check out FTC’s free online security tips and resources, and share with your friends, family, co-workers, and community.