October is National Cyber Security Awareness month.  In its 14th year, the effort seeks to raise awareness of the dangers of poor computing habits, especially in our online environments.

For this week, let’s focus on end-user best practices.

Why?

Statistically, most cyber security issues originate from end-user activity.  In fact, nearly seventy-five percent of all reviewed security breaches began as the result of end-user action.

The statistics do not surprise most security practitioners.  After all, currently, end-users are the dominant consumer of electronic resources – people deploy, configure and use the devices.  The machines aren’t running everything, yet.

We end-users make mistakes.  Those statistics include IT professionals and everyday users.  Often IT professionals lack adequate skills and training.  Perhaps they exhibited some talent or aptitude and became the “go-to computer person”.  Clever use of modern technology is no substitute for proper training.  Nearly one-third of all security breaches were the result of poor IT configuration and management, according to an annual IBM cyber security study.  Have confidence in your IT resources.  If a search engine is your technician’s preferred tool, perhaps looking elsewhere is appropriate.

As part of the nation’s ongoing cyber security awareness efforts, I suggest end-users be the best resource in our defense strategy.  Through proper training, alerts and best practices, your actions will foster improvements to our shared electronic resources: you are our best defense.  A measure of paranoia is a good strategy when interacting with the wealth of the worldwide web.

Mobile devices, including laptops, tablets, smartphones, wearables, have constant access to you and your data.  Use the simple tips below to reduce security risks associated with portable technology.

Protect Your Devices: enable passcodes, lock gestures on your devices now.

Use strong passwords or Passphrases: examine your digital footprint.  How simple are your account passwords?  Make them complex and use a password manager to keep track of passwords.  Don’t use the same password for different accounts.

Check Your Social Media Settings: providers of social media services change layout, design and privacy settings frequently.  Make certain you observe the changes and manage your content properly.  Enable two-step verification whenever possible.

Educate Yourself: stay informed of the latest technology trends and security issues.  If you’ve read this far, you’re doing great.

What’s a password manager?

A password manager is a digital wallet, of sorts.  It is a software application that stores your passwords, categorizes them and generates complex passwords as well.  If you want to simplify your password clutter, then a password manager is your ideal solution.  Instead of writing passwords(bad idea) or trying to recall complex passwords(worse idea), one password is all you need – one password for all of your passwords.  After you install a credible password manager, you create a password for the program.  Then, begin entering your websites, social accounts, email information and the program stores the entry in a digital Rolodex.  If creating complex passwords frustrates you, the password manager will generate one for you.

A password manager will simplify your online security activities.  Install on your trusty smartphone and your digital wallet of complex passwords will always be nearby.

A review of password managers and good end-user computing hygiene resources are available at Who’s Watching Alabama.  Visit  http://www.whoswatchingalabama.org and select the Resources tab.

William Greg Price is the chief technology and security officer at Troy University and also serves as the District 2 representative on the Pike County Board of Education.