a digital security checklist - arc...

A Digital Security Checklist The Basics • Use a password manager / create better passwords / use 2- Factor Authentication • Carefully use an encrypted chat app and teach someone else how to use it. TURN OFF CLOUD BACK-UPs for your encrypted chat apps. • Understand metadata and how it leaks • Take advantage of disk encryption on your phones and laptops (File Vault and Bit Locker) • Check your app permissions for Twitter, Google, Facebook, Dropbox and check the privacy/sharing settings • Do not click on links or open documents from people you don’t know • Watch for insecure or weirdly- worded website URL (also HTTP without S) • Back up your data to your DEVICE using a strong password, not just to the cloud.

Upload: others

Post on 31-May-2020

4 views

Category:

Documents

0 download

Report

Download

Embed Size (px):

TRANSCRIPT

Page 1: A Digital Security Checklist - Arc Publishingresources.uscannenbergmedia.com/wp-content/uploads/2019/12/Presentation1.pdf•Use a password manager / create better passwords / use 2-Factor

A Digital Security ChecklistThe Basics

• Use a password manager / create better passwords / use 2-Factor Authentication• Carefully use an encrypted chat

app and teach someone else how to use it. TURN OFF CLOUD BACK-UPs for your encrypted chat apps.• Understand metadata and how

it leaks• Take advantage of disk

encryption on your phones and laptops (File Vault and Bit Locker)

• Check your app permissions for Twitter, Google, Facebook, Dropbox and check the privacy/sharing settings• Do not click on links or open

documents from people you don’t know • Watch for insecure or weirdly-

worded website URL (also HTTP without S) • Back up your data to your DEVICE

using a strong password, not just to the cloud.

Page 2: A Digital Security Checklist - Arc Publishingresources.uscannenbergmedia.com/wp-content/uploads/2019/12/Presentation1.pdf•Use a password manager / create better passwords / use 2-Factor

A Digital Security ChecklistThe Approach

• What is my sensitive stuff? Who are my sensitive sources?• Who might want my stuff? Who

might want to expose my sources?• How does my stuff flow through

the Internet and where does it land?• What tools do I have to protect my

stuff?• Which tools should I use for this

assignment?

• How can I encourage my sources to use better practices?• How can I minimize the risk that

they (and I) must take?• How can people connect the

source to me?• How much time do I want to

spend securing all of my work?

Page 3: A Digital Security Checklist - Arc Publishingresources.uscannenbergmedia.com/wp-content/uploads/2019/12/Presentation1.pdf•Use a password manager / create better passwords / use 2-Factor

A Digital Security ChecklistMore Advanced Practices

• Hide your searches from USC? Download the 1.1.1.1 DNS SEC “VPN” for your mobile phone.

• Do not use your phone for SMS 2-Factor Authentication codes. Use an authenticator app or a Yubikey.

• Search using https://www.duckduckGo.com when you don’t want Google logging your search history.

• Check https://www.haveibeenpwned.comfor your e-mail to see if your data has been breached.

Websites To Check

• https://freedom.press/ - Lots of tips

• https://thewirecutter.com/reviews/best-vpn-service/ (Which VPN is best for you?)

https://www.duckduckgo.com/

https://www.haveibeenpwned.com/

https://freedom.press/

https://thewirecutter.com/reviews/best-vpn-service/

Page 4: A Digital Security Checklist - Arc Publishingresources.uscannenbergmedia.com/wp-content/uploads/2019/12/Presentation1.pdf•Use a password manager / create better passwords / use 2-Factor

• You’ll soon get a FREE Yubikey from Yubico for 2-Factor Authentication. (Trainings in November in the Annenberg Digital Lounge).• [email protected]. (Marc Ambinder)• [email protected]. (Martin Shelton)

If you aren’t sure about something, or you’re starting work on a story that is sensitive or might require you to model the threat, ask for help. Practice what you’ve learned by teaching these concepts to the students you supervise.

Resources Available To You

http://usc.edu

http://freedom.press

Video Doorbell - beekman.nl · II Cybersecurity Recommendations Mandatory actions to be taken towards cybersecurity 1. Change Passwords and Use Strong Passwords: The number one reason

Passwords and You CREATING AND MAINTAINING SECURE PASSWORDS

Passwords - SANS · Password recommendations •Make your password a sentence •Unique account, unique password •Write down your passwords •Use 2-factor authentication

On the Use of Brainprints as Passwords - AFCEA · On the Use of Brainprints as Passwords Zhanpeng Jin Department of Electrical and Computer Engineering Department of Biomedical Engineering

Adobe Security Survey · Passwords • Fewer than one fourth of people use distinct passwords for each of their accounts • Many people store their passwords where others canfind

Phoenix: Rebirth of a Cryptographic Password-Hardening Service · Problem I - Weak Passwords Worst Passwords of 2016 by TeamsID 4% of users use \123456" as password 25% of users use

2 Create strong passwords Smarter Online = Safer Online ...download.microsoft.com/download/3/A/2/3A2C118B-3D... · Use unique passwords for bank and other important accounts. Avoid

PASSWORDS Lecture 18a - Auckland · passwords The fundamental issue is those passwords might be difficult to remember Attackers can use social engineering tricks that trick the user

Resetting Passwords | Exported XML Methodhikvisionusa.com/Techsupport/how to/Password Reset - Exported XML...Resetting Passwords | Exported XML Method . This method requires the use