IT News

Protecting Your Online Presence this Holiday Season

The holidays are the season of giving/receiving gifts and enjoying time spent with loved ones. Unfortunately, in our digital world, it makes it easy to have your identity stolen and turn your holiday season into a lamented one. In the spirit of a safe holiday, let's embrace certain online security best practices to remain protected and secure when using mobile devices. Take a few moments and implement these new habits. Initially, it might be challenging; but with practice, consciously staying safe online becomes easier.

  • Install an antivirus program on your mobile device(s). According to the "Best Antivirus Comparison" website, the top three free antivirus apps for mobile devices are TotalAV, PCProtect and Norton, which you can download at top10bestantivirus.com/best-free-antivirus. Go directly to the company’s website to download, install and enable your antivirus mobile app. Be sure to keep the software current with all updates.

  • Physically protect your phone. Be alert and attentive to your environment as well as the people around you. Keep your phone and your computer devices with you at all times.

  • Ensure public Wi-Fi networks are legitimate before use. According to United States Computer Emergency Readiness Team (US CERT, us-cert.gov) if you need to use a public Wi-Fi network: "confirm the name of the network and exact login procedures with appropriate staff to endure that the network is legitimate." Otherwise, do not use public Wi-Fi networks such as the free Wi-Fi offered by the store you are shopping in or the coffee shop you frequent.

  • Protect yourself from "shoulder surfers." Based on the Techopedia dictionary, "shoulder surfing involves looking over a person’s shoulder to gather pertinent information while the victim is unaware.” When inputting the pin for your debit card, cover the pin pad to prevent others including the clerk, to observe the number you are providing. When lines are long and people are rushed, it is easy to forget, be mindful of your surroundings.

  • Do not conduct sensitive activities, such as online shopping, banking or sensitive work, using a public wireless network. It is recommended that if you have to conduct online banking or shopping, to use the network provided by your phone’s cellular carrier.

  • Beware of phishing and false websites. An attacker will create malevolent websites and email messages that look like the actual website, and through the use of social media hackers have increased exposure to exploit businesses and their marketing campaigns and messaging. When in doubt, open a browser and manually type in the company’s website.

  • Avoid connecting your mobile device to any computer or charging station that you do not control. According to the US CERT website, "Be cautious when charging your phone at public places, such as a charging station at an airport terminal or a shared computer at a library.

  • Implement a password, pin code, or biometric protection on your phone and computer. Within the settings of your mobile device, set it to automatically wipe after a certain number of failed attempts. The recommended number is ten.

  • Only use sites that begin with 'https:' when conducting online shopping or banking. The 's' in 'https:' signifies the connection is encrypted and secure. It is best to download and use the banks online banking app or the retailer’s app for shopping.

  • Deactivate your Bluetooth connection when not in use. According to Stop, Think, Connect (stopthinkconnect.org), if you use Bluetooth to connect your mobile devices to your car or other devices within your home, it is recommended that you deactivate the connection when not in use. Bluetooth can be used to send unwanted messages to your phone, which when opened, can install adware or malware onto your device.

  • Encrypt, encrypt, encrypt. If you store personal information within your mobile device, check to see if your device offers the option to encrypt the files.

  • In a case of a loss or theft, immediately report it to the appropriate authorities. If you use your phone for work, immediately follow the procedure and policy established by your employer for reporting it.

  • Report any suspicions of fraud immediately. According to the US CERT website, "If you notice that one of your online accounts has been hacked, notify the bank, store, or credit card that owns your account. Reporting fraud in a timely manner helps minimize the impact and lessens your personal liability. Change your account passwords or any online services associated with your mobile device using a different computer that you control. If you are the victim of identity theft, additional information is available from idtheft.gov."

  • Very importantly, back-up your data files and store them in a separate location (either local hard drive and/or cloud-storage back-up).

If you have any questions or concerns, please contact the Information Security Office (ISO) at: ciso@miami.edu. If you suspect that you are a victim of any type of online fraud, please contact the UMIT Service Desk immediately at: (305) 284-6565 or help@miami.edu.

Thank you.