Oct 04 2020

Help Your Users Protect Themselves

When it comes to securing university networks in a remote climate, your users are the first line of defense.

With your workforce and student populations dispersed across the country, it’s more challenging than ever to hold your users accountable and enforce best practices. While some IT departments might already have established remote security policies, this is entirely new territory for others. Start by reminding your users of this: Attackers learned long ago that the best way to get what they want is to target the user. With this in mind, here are four critical tips you should consistently share with remote users to help them protect your university’s network assets and data.

LEARN MORE: Get the Defense-in-Depth strategy checklist.

1. Think before you click

If something sounds too good to be true, it probably is — but many users will still take their chances. Consider, for instance, the most recent Twitter scam, which involves criminals offering to send users $2,000 in return for $1,000. This bitcoin scam earned its creators an estimated $120,000 — and its victims $0.

2. Use automation to enforce password changes

While you can’t enforce password changes on your users’ personal devices, you can automate those policies on any of the university programs they’ll be accessing from them. Remind your users that a long phrase or sentence will often suffice instead of random strings of characters and alternating letter cases.

MORE ON EDTECH: Learn these defense-in-depth (DiD) strategies.

3. Keep your ­computer ­operating ­system and software up to date

IT pros know the drill: patch, patch and patch. Your users, however, don’t spend their days focused on cybersecurity. They need frequent reminders — a task you can automate to spare yourself the time and hassle and your users the crisis of being hacked.

4. Separate work and personal credentials

If your users are using personal devices to log in to work systems, encourage them to create separate user IDs for accessing the university’s network. This way, their browsers and security settings can adhere to work policies, even if their personal settings do not. 

Manuel Breva Colmeiro/Getty Images

Zero Trust–Ready?

Answer 3 questions on how your organization is implementing zero trust.