Website Under Construction But Fully Operational
Recently, Kelseyville Unified School District sent a notice to student families and staff members about a security breach. Through a compromised password, bad actors gained access to our student information system, PowerSchool. PowerSchool has since secured the data and offered free credit monitoring to everyone involved.
This got me thinking about notices I’ve received from credit card companies, banks, insurance companies and others, explaining that my data may have been compromised. I love the convenience of having information available with the push of a button, but I don’t really understand how all the technology works, which puts me at the mercy of those who do.
Based on a conversation with our IT Director Bill Grossner, there are three main things you can do to stay safe and maintain a high level of cybersecurity: protect your passwords, avoid sharing private information on public wifi, and pay attention to how you navigate online.
Secure your passwords
Most of us need passwords to gain access to the basic tools of our lives: wifi, email, online shopping, online banking, social media and more. It seems like every digital application wants you to enter a unique username and password. I can hardly remember what I did an hour ago, let alone remember hundreds of usernames and passwords, and I know I’m not alone.
According to Bill, most people either write down their passwords on a piece of paper that they keep in a not-so-secure location (top desk drawer, Post-in Note on the computer monitor, etc.), or they let their computer cache (save) passwords so they can automatically pop up when you need them. Sometimes to simplify things, people use one username and password for multiple platforms. None of these strategies are secure.
One way to improve security online is to sign up for two-factor authentication or 2FA whenever it’s offered. 2FA requires you to enter your username and password and then enter a code generated at that moment–either via an authentication app or sent to your email or phone. This extra layer of protection makes it harder for people to steal your data.
Be mindful when you’re using public wifi
Another way hackers gain access to your information is by “sniffing” unsecured data on a shared public wifi or when a person inadvertently joins a wifi designed to look like public wifi. If you’re in a cafe or at an airport and you want to browse around, watch YouTube, listen to a podcast, or read the news, that’s fine. However, Bill recommends avoiding entering any passwords to access your private personal data, from email to banking.
People who want your data will sometimes set up hotspots with names that fool people into believing they are legitimate public wifi. For example, if you are at the San Francisco airport, the legitimate wifi might be named SFO-Public but a nefarious wifi could be called Public-SFO. Hackers can then capture your datastream, just like watching the ticker tape for stocks, all your passwords are easy for them to read on their screen.
Browse carefully
When browsing only, it can be easy to get pulled in by click-bait–something that makes you curious and is often misleading. Hold your curiosity in check long enough to ask yourself whether this feels like a possible scam or misleading image or message. Bill compares being online to being on vacation. If you’re in unfamiliar territory, pay attention to interactions that don’t feel safe.
When you’re on vacation, you avoid dark alleys and people who seem overly familiar. Try to do the same online. Stick to sites you know. And if you get an email from an unknown party or you get a strange request from someone you do know, think before you click.
No legitimate source will ask for personal information via email–not your bank, your insurance company, not even a tech support person.
While our students can fall prey to online hacks, oftentimes we adults are more gullible than they are. We all need to think before we click and never access sensitive personal data on public wifi networks.