What are four things I can do to practice safer computing in 2017?

The university, its assets, and you yourself are constant targets of cyber attacks. The good news is that you can take a few simple steps to help safeguard your systems and data.

Check out these four recommendations from the Information Security Office (ISO):

1. Be vigilant for phishing.  Phishing is the single greatest cybersecurity threat we face today. Be wary of unsolicited or unexpected emails, even if they appear to be from someone you know or pertain to a subject in which you are involved. If you are unsure whether you can trust an email, call the sender to confirm its authenticity before clicking any links or opening any attachments.

You are invited to forward suspicious messages to spam@stanford.edu for analysis. Groups can sign up for the University IT Phishing Awareness Service at phishing.stanford.edu, which raises awareness and trains participants to better recognize phishing emails.

2. Use a password manager. Password managers remember your passwords for you, help you generate strong and unique passwords for each of your accounts, and are not fooled by phishing. The Information Security Office (ISO) recommends using either Dashlane or LastPass, and ensuring that you enable the two-step authentication feature. For more information, see our password manager webpage.

3. Back up your files. The best way to recover from ransomware and other malware, hard drive crashes, lost or stolen devices, and liquid spills is to have backups. University IT offers the CrashPlan automatic backup solution for laptops and desktops.

4. Review Stanford’s Risk Classifications and Minimum Security Standards. Developed by ISO in collaboration with IT teams throughout the University, the Minimum Security Standards website, minsec.stanford.edu, lists security requirements for endpoints, servers, and applications based on how the systems or data are classified (see dataclass.stanford.edu).