Information security guidelines for students
Students can be faced with many data security threats such as phishing (data fishing) and cyberscam or fraud attempts, malware (malicious or harmful software) or devices disappearance. It is important that students take note of the instructions below to improve their own personal data and device security.
1) Passwords and user IDs are personal. Never allow other people access to them.
2) Ensure strong password usage:
- Do not use the same password in many different places. Make sure that you at least have a different password for important and less important services.
- A sentence type password is recommended. This will make your password longer, safer and easier to remember. A sentence type password can be, for example, your favourite words, your favourite quote or saying, or some other thing related to the site in use. e.g. a Facebook password could be something like “I keep in touch with my friends on Facebook”.
- If you need to write your password down, write it in a different way that only you can interpret or figure out, and always keep it in a safe place.
3) Start to use 2 Phase Authentication (2FA) for the services you use.
(Available usually in service or account settings). This means that log-in requires 2 authentication or verification phases of which one is, for example, your online bank identifier codes and the other could be a text message (SMS). 2 phase authentication provides a much more secure protection level to your personal data.
4) Use automatic keypad lock on your mobile or PC and lock your PC when you are not using it or if you leave the room.
5) Do not allow other people to use any of your devices if you are not beside them observing.
6) Make sure you update your devices when due. Set Your device up so that automatic updates are in use, never delay updates. Updates will fix important data protection deficiencies.
- 7) Be aware of cyberscams and data fishing attempts. Carefully read all messages you receive, think carefully before clicking links and be suitably suspicious of any special requests you receive.
- Be extra cautious clicking any links in e-mail or text messages (SMS). Always check the destination address / target URL before clicking.
- Do not open attachments to e-mails if you are not certain about the origin of the message. Attachments may contain malware or direct you to a harmful website.
- When you use important services (e.g. services, which require secure online banking credential log-in) check the site authenticity e.g. via the URL. Cyberscam and fraud sites may look very authentic and even appear higher on the Google search results page than the real site.
8) If you think you might have been the victim of a con/fraud or cyberscam do not hesitate to ask for help.
9) Only e-mail your personal details to your teacher via your Careeria e-mail, (these e-mails are encrypted automatically when sent from one Careeria e-mail to another Careeria e-mail).
10) Be careful using communication channels and social media
- When choosing which communication channel to use and how to use it, think about the nature of what you need to achieve. E.g. – you must not send confidential information, such as a doctor’s note via WhatsApp.
- It is recommended to use 2-phase authentication (2FA) on Social Media account IDs.
- When sending confidential / personal data via e-mail, remember to encrypt the message.
- Do not publish or discuss any confidential matters on social media.
- Always remember to check the privacy and security levels of your Social Media profile accounts and change them if required.
- Be cautious presenting any photo or other personal information about yourself on social media.