Menu

Security in cyberspace

by Jessica Anderson

I don’t know where the time goes, but it’s been nearly two years since I wrote an article about cyber safety and security. It’s been on my mind since my dad clicked on a link in an email from a “friend.” The email was in his junk mailbox (clue #1), it was someone he hadn’t spoken to in a while (clue #2), and the sender’s email was a lot of gobbledygook (clue #3). I don’t say this to make fun of him, as I’ve absolutely done the same thing, in my case moving too fast and not paying enough attention.

Secure Community Network is working to develop a cyber security training program as a new component of their security training. As we speak, they are piloting a training module which will hopefully be available soon . It’s a continually changing field where new techniques and technologies are always being added.

This updated version is a revamp of my April 2024 article along with some best practices established by SCN for individuals. Organizational leaders have already been provided with best practice standards for organizations.

To start with the “new” material, you see that these items are basic recommendations you’ve probably heard before. And you’re asking, “why are you sharing these again?”

Why is cyber security important? Studies consistently show that 85–95% of cybersecurity incidents/data breaches are attributable to “end users” or human error. As individuals and organizations, we have a critical role to play in the security of our data, personal information, and systems.  So, if we haven’t adopted them yet, we need to hear them again.

Use auto-generated complex passwords and store them in a password manager. Alternatively, come up with a random, standard phrase you’ll remember and add a unique element related to that particular website. Ie, #4765Billyamazon, #4765Billybloomingdales, etc. Use multi-factor authentication to log into sites.

Slow down when opening emails that seem a little weird. Check the sender’s email address, look for context related to links, and always consider contacting the person directly through another format to confirm they sent the email.

Be wary of sites that sell the things you want at extra cheap prices. Good chance they are scams and you’ll never see the products. In many of these instances, Visa and Mastercard are NOT going to refund your purchase price.

Don’t use public Wi-Fi without a VPN. Alternatively, use a hotspot created by your phone. You’re safer using data where your specific phone activity is clouded in the thousands of other phones on the same tower.

The following reposted ideas are not official SCN recommendations but are an accumulation of practices I’ve adopted and have found useful to me.

I subscribe to deleteme.com, an online service that scrubs publicly available databases and continually requests the removal of my designated information. It’s the first thing I recommend people consider if they have exposure concerns.

If you want to know which of your accounts have been compromised, search for your email address on “Have I Been Pawned?” (haveIbeenpawned.com) This is a free service that cross-references your email address with hundreds of data breaches. Change your password on any account that shows a compromise.

Password keepers are more common now, and there are many options. These can be subscription programs like Keeper.com that maintain all your passwords in one place. Apple products have strong privacy policies. Another option is to store all your passwords on your phone or laptop “keychain”, even if you don’t access all the websites on your phone or computer. It becomes a single stop for password and account storage, so if you pass unexpectedly and a family member has access to your phone or computer, they can get into all your accounts, making things easier for those who will need to administer your estate.

Companies and websites track everything we do online, even more so than governments. Every ad, social network button, and website collects information about your location, browsing habits, and more. To prevent some of that collection, I’ve installed ghostery.com on my laptop. Ghostery is a free tracker and advertisement blocker that prevents access to my browsing habits. While I don’t think this is a major safety or security issue, it’s amazing to see how many trackers are working behind the scenes as I surf the web.

Lastly, our phones are with us almost everywhere we go. Most phone application default settings are set to track your location. Take some time to go through each of your app settings and turn off your location for everything that doesn’t need to know where you are. Yes, Apple and Google maps need it, but Spotify, Reddit, Amazon, and a lot of others don’t need to. Consider doing the same for your ‘microphone’ setting as well and ensure the iPhone setting “Allow Apps to Request to Track” is toggled off. I would also argue that not everyone needs access to all your photos. Anything you let an application have access to, you can be sure they are using it for something.

None of these things I’ve listed above are going to dramatically change your life. What I like is that in a world where there’s a lot I can’t control, there are a few things I can do. It’s kind of like safety and security training (see how I slid that in there?!). If you’d like to join one of my online safety and security courses, please see my security page on the JFGP website: https://jewishportland.org/security

Personal Security Consultations

As challenging days creep on, I often find myself speaking with individual community members who are struggling to feel secure, are anxious or angry about what they see in the news, concerned about family members (particularly children in school and on college campuses), struggling in work situations and various other issues.  The range of concerns is quite varied and often simply talking with someone who provides a professional perspective can be immensely reassuring. Additionally, my goal would be that together we develop some concrete steps or actions you can take which help you navigate your situation. If you have safety or security concerns in your personal or professional life, I’m always available to meet with you confidentially. Please reach out at janderson@securecommunitynetwork.org or cell phone 872-273-9214.