In this session the Director of Educational Technology, Matt Kelsey , explores how to protect yourself from common computer “hacks” with topics such as:
- “How I’d hack you”
- How to spot a “hack”
- Hands – on practice against phishing e-mails
- Prevention and disaster recovery
7 Ways to help protect yourself:
1. Activate 2FA on all your personal accounts. NCPA will activate 2FA on your work account within a month.
2. Buy the LastPass password manager, because it will let you easily store complex, random and unique passwords for all your sites. There’s an app for iPhone and Android, too! Chrome and Firefox have free managers that will also create and remember random passwords.
3. Check your work and personal email addresses at https://haveibeenpwned.com/ to find out if any sites you use have been hacked
4. Change your passwords regularly. NCPA’s password change website is https://password.ncpachina.org
5. Back up your files using the cloud. Only store files in your synced cloud folder, NOT on your desktop or documents folders.
5a. For work: install the OneDrive sync client https://support.office.com/en-us/article/sync-files-with-onedrive-on-mac-os-x-d11b9f29-00bb-4172-be39-997da46f913f
5b. For personal files: OneDrive is the best if you’re in China. Google Drive, Dropbox and Box are also good options.
6. Encrypt your sensitive files:
6a. On a Mac: https://support.apple.com/en-us/HT204837
6b. On Windows 10 Pro (not home): https://support.microsoft.com/en-hk/help/4028713/windows-10-turn-on-device-encryption
6c. Use the personal version of OneDrive’s Personal Vault feature to store sensitive items like social security cards, passports, tax returns, and bank statements.
7. Bonus for Americans: freeze your credit so hackers can’t open credit cards and take out loans in your name.
Special Note from IT in regards to sign in’s:
When you see there is an Office 365 login page, try accessing any of your O365 website services (for example, outlook.office.com)
Generally, O365 has a function called Federated Login.
In short, after you logged into your O365 account, you will not be asked for your account information when you use other O365 services again. This also applies to the services provider like Google or Tencent.
If you already log in to your NCPA-NetID in a browser, but the webpage still asks for your password, please pay attention to whether it is a fake website