Being Safe Online

The internet is, inevitably, an integral part of working and studying at the University of Adelaide. By protecting yourself online, you are contributing to the secure computing environment at the University.

Smart phones, tablets and personal computers are used on a daily basis at the University. Because these devices often contain information which is vital to the University’s teaching, learning and research initiatives, it is important they are kept secure.

Browsing practices
Social media
Smart devices
Personal computers

The internet is a great place to access and share information with friends and colleagues. Unfortunately, the internet is also used by criminals to commit fraud and cause harm. To protect yourself, your computer or smart device, and the University from harm, it is important to be aware of the following SecureIT advice.

Expand

Turn off browsing features you aren't using
Internet browsers often come with features to enhance your web experience. These features, however, can be exploited by hackers to steal your personal information. The more browser options and functions you turn off, the safer your internet access will be.
Making the most of your internet access is a balance between being as secure as possible and experiencing every feature the Internet has to offer.

If you do not use a University-managed computer, some steps you can take to increase your browser’s security are:

Update or disable Java

Use alternative PDF software instead of Adobe Reader, such as Foxit Reader

If you use Adobe Flash, update it regularly
Make sure you're at your intended destination

Your browser’s address bar can help you identify a fraudulent website. Hackers will often build fake websites, known as "phishing" sites, to solicit personal information such as your password or banking details. Phishing sites will masquerade as a legitimate business (such as the University) so they appear more convincing.

All webpages belonging to the University of Adelaide will have a domain name ending in adelaide.edu.au.

Example of a phishing webpage:
Download content only from websites you trust
The internet is a great place for accessing resources that benefit the University’s learning and teaching environment. Websites may not always be what they seem, however. Hackers will sometimes hijack a legitimate website in order to distribute their malicious software to unsuspecting visitors. This software can hide itself on your computer and steal your passwords and financial information.
Some steps you can take to avoid downloading viruses and other malicious software are:

Run a virus scan on every item you download

Avoid opening files from untrusted authors

Avoid visiting sites that have been flagged as malicious
Stop and think before you enter your password into a website
Tip: Bookmark University webpages that require you to enter your username and password. Visit these pages only via your bookmarks and avoid clicking on email links to get there.

Your University password is your online key into the University. Just like your house key, it should be carefully guarded.

Hackers will often try to trick staff and students into giving up their password by pretending to be the University. Always stop and think before you enter your password online.
Some questions you can ask before entering your password are:

Does the website domain name end in adelaide.edu.au?

Does the webpage have a secure connection?
Example of a webpage with the correct domain name and a secure connection:

Below is some SecureIT advice that will help you to increase your security while using social media.

Expand

Limit the amount of personal information you publish online

Criminals target social networking sites because they are an easy way to access your information. Information such as birthdays, phone numbers or your pet’s name can all be used to steal your identity and commit fraud. Some criminals will even use social networking sites to find out more about your interests. They do this to target you more effectively with scams.

Many social networking sites allow you to “check in” to a physical place and share your location with others. Thieves will also use this information to know your whereabouts. If you “check in” overseas you are letting others know your home is potentially unattended.

For some interesting reading about the risks of sharing personal information in social media, check out this article from the Security Intelligence Blog: Public or private? The risks of posting in social networks.
Be mindful about who you accept as a 'friend'

Some people who use social networking sites are threatening and may use your information to embarrass you or damage your reputation. Strangers will often create fake profiles in an attempt to befriend you and gather information that can be used to harm you. It’s a good idea to limit the number of people you accept as your 'friends'.
Protect your profile with strong privacy settings
Social networking sites allow you to limit the amount of information you share by configuring the privacy settings. Consider setting your online profile to private and limit the amount of information you share with others.
You can find more information on security settings for social networks in the following guides:

Facebook: Basic privacy settings and tools

Google+ : How Google+ works for teens

Instagram: Privacy settings and information

LinkedIn: Account security and privacy - best practices

Snapchat: Privacy settings

Twitter: About public and protected tweets
Avoid clicking on suspicious or shortened links

Use caution when clicking on links – even if they are from your friends. Hackers often send malicious links via chat, wall posts or tweets in an attempt to steal your private information such as your password or banking details.

Tip:
To find out where a shortened link will take you, use a URL expanding service such as longurl.org

Portable devices such as smart phones and tablets have become an important part of working and studying at the University. Because these devices store information such as contacts, emails and documents it’s important that they are looked after.

Below is some SecureIT advice for keeping your smart device secure.

Expand

Set a passcode and enable automatic lock
Because mobile devices can easily be misplaced or stolen, it is a good idea to set a passcode (or PIN code) on your smart phone or tablet. Setting your device to automatically lock will prevent thieves from accessing your emails, phone numbers and social networking information.

You can find more information on configuring a passcode or PIN in the following guides:
Turn on device tracking
Many smart phones and tablets now come with built-in GPS (global positioning system) functionality. You can use this feature to locate your device in the event it is stolen or goes missing.
Learn how to configure device tracking for:

Apple support: Set up Find My iPhone on all of your devices

Google account help: Be ready to find a lost Android device

Microsoft account support: Find and lock a lost Windows device
Install apps only from authors you trust

Just like a computer, smart phones and tablets are susceptible to viruses and other malicious software. Reading app reviews is a good way to verify the trustworthiness of an app author.
Avoid storing private information on your smart phone or tablet

Mobile devices are great for providing instant access to all your information on the go. Because these devices follow us wherever we go, they are susceptible to being lost or stolen. Avoid storing sensitive information such as banking details, passwords or addresses on your mobile device, or use a password manager to store it securely.
Avoid using public wifi hotspots to access sensitive information
Hackers can use public wifi hotspots to surreptitiously intercept and steal your passwords, emails and other sensitive information.

The following tips can help increase your privacy when accessing information from your smart device outside of the University:

Avoid public wifi hotspots where possible and use your 3G/4G internet connection instead

Only use secure websites

University-managed computers offer a range of security features which protect staff and students from various online threats. Many of us, however, work from our own personal computer that we bring from home.

Below is some SecureIT advice for increasing the security of your personal computer.

Expand

Install security software and update it regularly
Security software such as antivirus, anti-spyware or personal firewall will help protect your computer from viruses, spyware and hackers. You can choose to either install these products separately, or use an all-in-one suite that bundles them together.
- Enable your software firewall
  Windows firewall
  
  Mac firewall
- Install antivirus software
  Bitdefender, Kaspersky, Norton, Sophos, Trend Micro etc.
Turn on automatic updates to protect your computer from hackers
Software companies regularly issue free updates to fix security problems in their software. These fixes are called patches and should be applied regularly to prevent hackers from gaining access to your computer.

Most operating systems and application software can be configured to update automatically. Check your program settings for a ‘check for updates’ option.
- Operating system updates
  Windows updates
  
  Mac updates
Microsoft is no longer providing support or patches for Windows 7. This can leave your computer vulnerable to hackers as security problems are no longer being fixed. If you are using Windows 7, we strongly recommend that you upgrade your personal computer to Windows 10.
Lock your screen when you are not using your computer
Your personal computer is an essential tool for working and studying at the University. Because it contains important files including emails, passwords and other sensitive information you should protect your computer at all times.

Here are some simple steps you can take to safeguard your personal computer:
- Immediately lock your screen when you walk away from your computer
- Set your screen saver to automatically lock after 10 minutes of inactivity
  Windows screen-saver
  
  Mac screen-saver
- Never leave your computer unattended in public areas
Set a strong password and change it from time to time
Passwords aren’t unbreakable but they can prevent strangers from casually accessing your computer.

Here are some steps you can take to set and protect your password:

Choose a strong password

Your computer’s password should be 100% unique and unlike any other password you use

Never reuse old passwords

Change your password at least once a year

Learn more about password security.

Being Safe Online

Turn off browsing features you aren't using

Make sure you're at your intended destination

Download content only from websites you trust

Stop and think before you enter your password into a website

Limit the amount of personal information you publish online

Be mindful about who you accept as a 'friend'

Protect your profile with strong privacy settings

Avoid clicking on suspicious or shortened links

Set a passcode and enable automatic lock

Turn on device tracking

Install apps only from authors you trust

Avoid storing private information on your smart phone or tablet

Avoid using public wifi hotspots to access sensitive information

Install security software and update it regularly

Turn on automatic updates to protect your computer from hackers

Lock your screen when you are not using your computer

Set a strong password and change it from time to time