Skip to content

Month: October 2022

Published on

Between all of your online accounts, whether personal or work accounts, you probably have many unique — and complex — passwords to manage.  And since you know better than to write them down in a notebook, have them on sticky notes hidden under your mouse pad, or stored digitally on your desktop, what are you supposed to do? 

Passwords are one of the most vulnerable cyber defenses used to protect our online accounts, as passwords are the only barrier between online accounts and cybercriminals who have a desire to access to our data and systems. Utilizing a password manager is a security best practice that cyber professionals are recommending for us.  

Along with other security tips, password managers minimize the risk of mis-managing our passwords. The question that arises here, are password managers secure, and what is our responsibility here to manage the password manager? 

What is a Password Manager?

A password manager is a software that allows users to generate passwords, store and manage accounts’ information including user names and passwords all in one location. Password managers offer other features such as complex password suggestions, identifying weak or repeated passwords used, and alerting its users from entering their credentials to suspicious websites. To create a password manager account, you need to set a password that is often referred to as the “master” password. 

Password managers are available in different formats: 

  • An online service hosted by a third party and accessed through a website portal. This type is useful if you need access to the password manager from multiple devices. 
  • Software installed locally on a workstation that can operate either completely offline or connected to the internet to synchronize your information to a cloud database and get software updates.  

Are Password Managers Secure? 

Password managers will offer users the security level they are looking for to their accounts’ credentials and information if they follow best practices to secure their password manager account.  Whether you use, or planning to get, an online, or an offline password manager, you need to follow the following practices: 

  • Do your research and get a trusted password manager software that has a high reputation in the industry. 
  • Use a strong master password for your password manager account and never forget it. Some password manager vendors would never retrieve your account if you can’t remember your master password. 
  • Enable two-factor-authentication (2FA) to your password manager account for an extra layer of security.  
  • Keep your password manager software along with web browsers you use up-to-date. 
  • Audit the list of devices that are approved to access your password manager. 
  • For work-related accounts, always use password managers that are approved by your organization. Follow your organization’s policies, standards and procedures when processing, storing or sharing work-related data. 

Remember, if password managers are managed appropriately, they will offer you the level of security you are looking for to your online accounts’ passwords. 

This blogpost is offered to you by the GW Information Security and Risk Services team. 

#SecuringGW is a shared responsibility, so if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse@gwu.edu

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp@gwu.edu, or visit ithelp.gwu.edu

Published on

Cloud computing is a leading edge technology that delivers high-demand computing services entirely over the internet. Operationally, cloud computing stores, manages and processes data effortlessly rather than relying on a local server or personal computer systems. Cloud computing gave birth to the term, “cloud storage.” 

Cloud storage stores digital data online using a cloud service provider’s computing infrastructure. Some well-known cloud services include Box, Google Drive, Apple iCloud, Dropbox, Microsoft OneDrive, and Amazon Web Services. With many of us working hybrid schedules, cloud storage has been central to assisting students, faculty and staff work more connectively while being physically away from the university. For example, at GW, secure, encrypted cloud-based solutions such as Box and Google Drive are two of the cloud services provided to the university community for easy collaboration and data storage. 

The following are some key benefits of cloud storage: 

  • Adequate security, which requires authentication and password.
  • Your files are secure, and you are less likely to lose data due to device failure.
  • Facilitates collaborative team projects as you can easily share files and folders.
  • Easy access to lesson plans and notes to share across several devices.
  • An excellent way to back up your computer without copying your data to a hard disk or flash drive. 

While cloud storage offers good security measures to keep your data safe and secure, you need to do your part to guarantee that no one gains unauthorized access to your data. Following are some recommended practices to help you secure your data: 

Use Permissions: When a folder or file is shared, it's usually in the form of a link or permission using the recipient's email address. Consider setting different access levels for senior staff members or on a need-to-know basis. Permission-based access can make it harder for a hacker to get through each layer of permissions. 

Manage File and Folder Sharing: Protect stored data by limiting shared access to the files or folders associated with that link to specific users. When utilizing Box or Google Drive, it is usually best to only share files or folders with George Washington University members unless there is a business justification to share outside of the university. 

Examine Files and Folders: Review the shared folders and files regularly, and disable shared access when it's no longer required.

For more information on Storage, backup or document management, please visit our GW IT website: https://it.gwu.edu/backup-storage-document-management    

This blogpost is offered to you by the GW Information Security and Risk Services team. For more information on GW IT Security, please visit our security website: https://it.gwu.edu/gw-information-security 

#SecuringGW is a shared responsibility, so if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse@gwu.edu 

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp@gwu.edu, or visit ithelp.gwu.edu.   

Published on

Cybersecurity has become one of the most significant hot topics inside and outside technology circles over the last two years. From securing learning devices due to a rise in digital learning during the COVID-19 pandemic to coping with the fallout of high-profile breaches of national infrastructure such as the Colonial Pipeline, there is an evidently constant news cycle dedicated to cybersecurity mishaps and concerns. With this continuous stream of bad news, it can be challenging for you to know how to keep secure in the face of cybersecurity and threat actors. 

Everyday users have a huge role in cybersecurity threat prevention, detection, and remediation. According to a Wall Street Journal article, many hacks are successful by convincing someone inside or close to the target company to divulge network access credentials or other critical information. Therefore, GW’s first line of defense in helping to combat cyber-related issues is you. 

Here are 4 essential best practices that you can adopt today to enhance your cybersecurity and create a more secure cyberspace for you and GW.  

Watch out for Phishing Attempts

Phishing is when a threat actor poses as a legitimate party such as a bank, delivery service or other organization in an attempt to get individuals to click harmful links. Phishing remains one of the most popular tactics used  today. In fact, 80% of cybersecurity incidents stem from a phishing attempt. While phishing has gotten more sophisticated, the phishing signs remain the same. Look for typos, poor graphics, and other suspicious characteristics (incorrect logo or email address) as these can be red flags indicating that the content is a phish. In addition, if you think you have spotted a phishing attempt while logged into the GW network, report the incident to GW IT immediately. To report an incident please contact the GW Information Technology Support Center at 202-994-GWIT (4948) or email abuse@gwu.edu

Update your Password

Password cracking is another tactic that cybercriminals use to access sensitive personal information.  To guard against password cracking, having unique, long and complex passwords is one of the best ways to boost your cybersecurity immediately.  It is highly recommended not to repeat passwords across your accounts because once a hacker cracks one account, they can easily do the same across all of your accounts. 

Passwords can be tough to remember. That’s why it’s smart to use a password manager to help you secure your various passwords in one place. Password managers are easy to use and can automatically plug-in your stored password when you visit a site. Along with other security tips, password managers minimize the risk of mis-managing account passwords.

Take Advantage of Secure Wi-Fi 

Mobile hotspots and public Wi-Fi networks are typically not password-protected,  so it’s easier for threat actors  to gain unauthorized access to devices. Students, faculty, and staff should take full advantage of the university Wi-Fi networks when on campus. They are password-protected and only allow internet access across the university premises, operating as a secure online bubble for every user to work in peace.  

Lock your Device

Whenever you're logged into your devices (computer, laptop, phone, etc.),  you’re also open to potential unauthorized access by hackers and other threat actors.  The easiest way to prevent unauthorized access to your device is to lock it whenever you leave it unattended. All you have to do to get back on your device is enter the correct password, and you can pick up where you left off. If you wouldn't leave your house with the front door wide open, you should not leave your devices unlocked, especially when they are unattended.  

This blogpost is offered to you by the GW Information Security and Risk Services team. For more information on GW IT Security, please visit our security website: https://it.gwu.edu/gw-information-security  

#SecuringGW is a shared responsibility, so if you see something, say something. Report suspicious digital activities, including phishing emails, to abuse@gwu.edu

IT Support Questions? For IT support, please contact the Information Technology Support Center at 202-994-GWIT (4948), ithelp@gwu.edu, or visit ithelp.gwu.edu.  

Original blog content provided by The National Cyber Security Alliance www.stayfaeonline.org, modified and posted with permission. 

Viewing Message: 1 of 1.
 Notice

This site uses cookies to offer you a better browsing experience. Visit GW’s Website Privacy Notice to learn more about how GW uses cookies.