When it comes to personal health or safety, we usually apply best practices to protect us from adverse events, illnesses or harm. This is more than logical, since our physical life depends on it. But how come in the virtual world, many best practices are simply ignored: “I have nothing to hide”, “Nothing will happen anyhow”?
In the physical world, we apply many safety measures automatically and repeatedly. We look left-right-left when crossing a road; we learn to swim early in childhood; we put on a coat when it is getting cold; we use a helmet when cycling; and even put on safety shoes and a harness when working in construction areas (and are required to do so when working in such areas at CERN!). We avoid dark alleys at night and do not accept gifts from strangers (chocolate, anyone?). We even lock our flat and car when leaving them, and keep our PIN codes and credit card numbers secret. And if asked if we would like a new car with an enhanced airbag system that improves personal safety by, say, just 30%, who would decline?
How come we are more relaxed in the virtual world? Are we? As we have written in previous issues of the Bulletin, our virtual life is deeply entangled with our physical world: Your smartphone and your laptop hold many more photos, documents and data about you and your family than you would ever disclose to your most intimate friends (Open door, open screen, open life...). If we lose either our smartphone or laptop to an attacker, we stand naked: (Smartphone lost - Privacy gone). On a bigger scale, our life in general is deeply tied to digital and computerised control systems and the failure of those control systems would transport us back to the stone age (Our life in symbiosis).
So, try to follow a few simple best practices for digital security:
- Choose a secure password. Yes, password rules are annoying. But they are the best solution we have. And in the end, we are CERN: we have brains! (Brain Power vs. Password Managers);
- Keep your computer and your smartphone up to date. This is a no-brainer. Auto-updates come with any operating system nowadays. Just don’t turn them off. And use an anti-virus software for additional protection. They don’t provide 100% more security, but the aforementioned 30% airbag enhancement would help too, wouldn’t it? (WannaCry? The importance of being patched!);
- Encrypt your hard disks. Laptops get lost (or stolen). Encryption at least ensures that the data stored on them cannot be extracted (Trips and Travel: some Recommendations);
- Stop – think – don’t click. If you doubt the provenance of a web address, link or URL, just don’t click on them. If an unsolicited e-mail comes with an attachment, beware. Only go ahead if you trust the sender and were expecting the e-mail (One click and BOOM…);
- And finally: you are not alone. Let us help you! If you have any questions or suggestions, check our website or contact us at Computer.Security@cern.ch.
Protect your life. In the physical world and in the digital. Have a safe and secure 2018!
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, visit our website or contact us at Computer.Security@cern.ch.