DIY Digital Security: Self-Assessment Quizzes for All Levels
Written by Brian Wesolowski
As our reliance on digital devices increases, so does our digital vulnerability. Cyber attacks and hacks are growing both in number and sophistication, making it more important than ever that we take control of our own cybersecurity. But for those of us with limited technical knowledge, anything prefixed with “cyber” seems shrouded in a baffling binary fog. We at CDT wish to clear this intimidating haze by illuminating some effective security strategies.
As such, and in preparation for our return to SXSW Interactive this weekend, CDT has developed three cybersecurity self-assessment quizzes tailored to three different audiences: the general public/activist community wishing to ease into effective cybersecurity strategies; businesspeople whose online practices affect not only their own digital security, but that of their company as well; and the “leet” community already well-versed in basic security tools and techniques.
Our incredible intern, Remeny White, led the way in developing these cybersecurity quizzes – and honestly wrote the bulk of this post – she rocks.
These quizzes are modeled after the popular travel-focused quiz we created for SXSW 2016 that was featured at the CSM Passcode expo booth. CSM Passcode is featuring these new quizzes as part of the SXSW outreach this year.
For the newbies out there who wish to dip their toes into simple cybersecurity strategies but may shy away from a full-fledged quiz, we’ve got you covered with our top tips for beginners:
- Use HTTPS while browsing the web. This secure browsing protocol encrypts your data as you peruse a website, meaning that nobody can read or tamper with your private data. We recommend installing the HTTPS Everywhere extension available on Firefox, Chrome, and Opera.
- Be vigilant on public wifi. Even if public wifi is password-protected, anyone with access to that password can monitor the data flying through the shared network. To avoid giving up sensitive information to network onlookers, restrict your internet activity–specifically online shopping or banking–or, better yet, install a VPN, which provides a secure network connection on public wifi.
- Keep your software updated. Outdated versions of software contain vulnerabilities that can be exploited by various cyberattacks and malware threats. Software updates patch up these vulnerabilities to prevent data interference.
- Avoid USB charging stations. These stations are extremely convenient at rallies and music festivals, but your devices are configured to sync and transfer data when connected to a USB port. This provides a very convenient platform for someone to tamper with your device by downloading or extracting data. Find an outlet and plug into your own charger instead of a USB port or invest in a USB filter, aka “USB condom,” to prevent data transfer.
- Use a 2-factor authentication for your email. A 2-step login heightens your account security by requiring you to enter a one-time code in addition to your password. This code is sent directly to you and can only be accessed on your specific device via a text message or specialized app.
- Use strong, unique passphrases or a password manager. We recommend using a different 12 character minimum passphrase with uppercase, lowercase, and non-letter characters for all your accounts. But remembering all those strings can be tough, which is why a password manager is such a nifty tool. It does all the hard work for you by creating long, unique, and hard-to-memorize passwords for all your accounts and storing them safely. You’ll only have to remember one strong passphrase: the Master Key for your password manager account.
- Don’t click the link. Email phishing is the most common cause of personal data breaches, so always be wary of suspicious links in emails or text messages. Even if the message was sent by someone you know, reach out to them on a different communication platform or at a different email address to verify the link. And never provide personal information like passwords or your social security number over email!
If you are attending SXSW Interactive, we hope to see you in Austin! Be sure to stop by any of the five panels featuring our CDT staff and reach out to us if you’d like an invitation to the happy hour we are co-hosting with R Street. For those of you who can’t make it, you can follow our trip on Twitter.