Be Aware: October is National Cyber Security Awareness Month

The month of October is one of my favorite months – the hot mugginess of the Southeast turns to more comfortable temperatures, football season is in full swing and celebrations like Halloween and Oktoberfest give us an excuse to party like rock stars (or at least wannabe rock stars). Of course, none of those things have the least little bit to do with IT security.

October 2012 is the ninth annual Cyber Security Awareness Month (NCSAM), sponsored by the National Cyber Security Alliance (NCSA). Sure, it’s nothing like Oktoberfest, but it is a reason for those of us in the IT security community to educate businesses and consumers about IT security and keeping themselves safe on the Internet.

Informing the community about IT security is one of our mandates at Solutionary. As part of NCSAM, throughout the month, Solutionary will be tweeting and blogging about security awareness topics in addition to our normal blog topics.

The Solutionary Security Engineering Research Team (SERT) also blogs about recent threats (such as the Java 0-days) and publishes monthly Security Threat Reports to keep readers informed. See the latest SERT white paper that focuses on malware analysis as part of incident response here.

Here are 5 quick, easy tips to staying safe online:

1. Use anti-virus and anti-malware: Although they don’t catch everything, keep yourself protected from the easy stuff by keeping your anti-virus up-to-date and regularly scanning your systems for malware.

2. Know what you click on: Phishing emails, spam and spoofed web sites are preferred ways for hackers to spread malware and steal data. Be cautious about giving personal information online, be careful about clicking links in email and make sure any page you are directed to is the page you intended to visit. Even better, put on your “security guy” mask and copy any links to the browser address bar manually to ensure you can see where they may take you.

3. Use complex passwords and change them often: There have been several widely-reported thefts of login credentials in 2012. Don’t use the same password for multiple web sites, change passwords often and use a combination of upper and lowercase letters, numbers and symbols to create your password.

4. Stay up-to-date: Keep software and anti-virus solutions up-to-date. Many updates are designed to repair vulnerabilities that can be exploited by attackers. On personal machines, use automatic updates. Business environments should follow a patching process that includes testing of new patches on systems prior to pushing them out, a rollback plan and change control tracking.

5. Secure your connection: Change the administrative password on your wireless routers from the default and disable remote administration. Make sure your wireless connections are password-protected and use encryption such as WPA/WPA2 in conjunction with MAC address restrictions. Be careful about sending sensitive information over unsecured wireless connections such as those found in coffee shops and hotels.

These are only a few of the really easy things that users can do to stay secure. For more helpful tips, visit the NCSA web site at www.staysafeonline.org, visit your anti-virus vendor’s web site and stay tuned to the Solutionary Minds blog.

Have a safe October! May the Internet only bring you treats and not tricks this year!