Key Takeaways
- Use strong, unique passwords and consider using a password manager to securely store and generate passwords
- Enable multifactor authentication (MFA) to add an extra layer of security beyond passwords
- Be vigilant for scams and phishing attempts, and learn how to identify them
- Secure devices by keeping them up to date, enabling automatic updates, and being cautious with browser extensions
- Review and adjust privacy settings on apps, devices, and social media accounts to make informed decisions about sharing personal data
Introduction to Data Privacy Week
In recognition of Data Privacy Week, which takes place from January 26 to 30, the Information Security Office is offering practical tips to reduce risk and manage digital privacy. The Office of Information Technology’s Information Security Office (ISO) encourages faculty, staff, and students to take a closer look at how their information is being collected, stored, and shared. Data privacy is a key consideration not only in the workplace and when working remotely but also when engaging in personal online activities, such as shopping, social media use, and online banking. As interim chief information security officer Donna Tatro notes, "Protecting data is ultimately about protecting people. When we handle information with care, we strengthen trust and ensure our community can engage fully in their work, learning, and research."
The Importance of Strong Passwords
One of the simplest and most effective ways to protect personal data is to use strong, unique passwords. The ISO recommends creating passwords that are at least 16 characters long and avoiding the use of passwords across multiple accounts. Reusing passwords can put individuals at risk, as a hacker who gains access to one account can potentially gain access to others. To reduce the hassle of memorizing multiple logins, the ISO suggests using an encrypted password manager, such as LastPass, to securely store and generate passwords. Additionally, the ISO provides guidelines for creating and managing passwords, including avoiding sharing passwords whenever possible and using secure file-sharing services options, such as the central file service, OneDrive, and G-Suite.
Enabling Multifactor Authentication
Another crucial step in protecting personal data is to enable multifactor authentication (MFA). MFA adds an extra layer of security beyond passwords, requiring additional verification when logging in to accounts and apps. This can include entering a code or using an authentication app, such as Duo, before granting access. The ISO recommends enabling MFA for any website or application that offers it, and reminds individuals to always deny unexpected Duo push notifications, as these may indicate that someone else is attempting to access their account. By enabling MFA, individuals can significantly reduce the risk of their accounts being compromised, even if their password is stolen or compromised.
Being Vigilant for Scams and Phishing Attempts
Scammers are becoming increasingly sophisticated in their tactics to steal personal information, often pretending to be trusted organizations through email, phone calls, and text messages. To protect against these scams, it is essential to be vigilant and learn how to identify phishing attempts. This can include being cautious when clicking on links or downloading attachments, watching for typos, mismatched display names, or unfamiliar email addresses, and being aware of social engineering tactics. The ISO also recommends completing cybersecurity training modules, which are now required for faculty, staff, and students, to stay informed and up-to-date on the latest threats and best practices.
Securing Devices
Practicing good data hygiene is essential to keeping accounts and devices secure. The ISO recommends keeping devices, apps, browsers, and software programs up to date, enabling automatic updates whenever possible, and being cautious with browser extensions. Certain extensions may gather data about the sites visited and share it with advertisers or data brokers, so it is essential to only install necessary extensions and remove any that are no longer used. Additionally, individuals should use screen locks or strong pins to protect their devices and never leave them unattended in public spaces.
Reviewing and Adjusting Privacy Settings
Many apps and accounts collect more personal information than individuals might expect, often through default settings. To protect personal data, it is essential to review and adjust privacy settings on apps, devices, and social media accounts. The ISO encourages individuals to make informed decisions about sharing personal data with businesses and services, generally erring on the side of sharing less, not more. Individuals should also review the privacy and security settings on apps, devices, and social media accounts and set them to their comfort level for sharing. The ISO provides a resource with useful links to help individuals manage their privacy settings on popular services and apps.
Conclusion
Protecting personal data is an ongoing process and shared responsibility at Princeton. Data Privacy Week reminds individuals that small, consistent actions can make a significant difference in reducing risk and managing digital privacy. By following the tips and guidelines provided by the ISO, individuals can take steps to protect their personal data and contribute to a safer and more secure online community. For more information and resources about securing personal information, individuals can visit the Princeton University website at princeton.edu/cybersafe.
