The Elm

Safe Computing Practices: Building Daily Digital Habits for Long-Term Security

Introduction

Cybersecurity isn't just about responding to dramatic threats, it's built on daily habits and consistent practices that create layers of protection over time. Just as we develop habits for physical health and safety, digital security requires routine behaviors that become second nature.

This article focuses on practical, everyday computing practices that collectively create a strong security foundation for both personal and professional digital activities.

The Foundation: Device Security

Software updates often include critical security patches that address newly discovered vulnerabilities. Establish these update routines: 

• Enable automatic updates for Windows, macOS, or Linux systems. Set devices to install updates during off-hours to minimize disruption.
• Keep browsers, email clients, productivity software, and other applications current. Many applications can update automatically.
• Enable automatic updates for smartphones and tablets, including both operating system and app updates.
• Check quarterly for firmware updates on home routers, smart home devices, and other network-connected equipment.

Browser Security and Web Habits

Choose browsers with strong security track records and configure them properly:

• Use current versions of Chrome, Firefox, Safari, or Edge
• Enable automatic updates and security warnings
• Configure privacy settings to limit tracking and data collection
• Use private/incognito browsing for sensitive activities

Extension and Plugin Management

• Install only necessary browser extensions from official sources
• Regularly review and remove unused extensions
• Keep installed extensions updated
• Avoid extensions that request excessive permissions

Safe Browsing Practices

• Verify website URLs before entering sensitive information
• Look for HTTPS encryption (lock icon) on sensitive sites
• Avoid clicking on suspicious links in emails or messages
• Use bookmarks for frequently accessed financial and work sites

Email Security Habits

Inbox Hygiene

• Regularly clean out spam and junk folders
• Unsubscribe from unnecessary mailing lists (only from trusted sources)
• Use email filtering rules to organize and prioritize messages
• Set up separate email addresses for different purposes (work, personal, shopping)

Attachment and Link Caution

• Scan attachments with antivirus software before opening
• Avoid opening unexpected attachments, even from known contacts
• Verify links by hovering over them before clicking
• Use University-provided file sharing services instead of email for large attachments

Network Security Practices

Home Network Protection

• Change default passwords on routers and modems
• Use WPA3 encryption for Wi-Fi networks
• Create a separate guest networks for visitors
• Regularly check which devices are connected to your network

Public Wi-Fi Safety

• Avoid accessing sensitive accounts on public Wi-Fi
• Use University-provided VPN when accessing institutional resources remotely
• Turn off automatic Wi-Fi connection features
• Use your smartphone's hotspot instead of public Wi-Fi when possible

Work Network Considerations

• Follow UMB policies for network access and usage
• Use approved devices for accessing institutional resources
• Report unusual network activity or performance issues
• Maintain separation between personal and professional network activities

Data Protection and Backup Strategies

Data loss can result from hardware failure, malware, theft, or accidental deletion. Implement the 3-2-1 backup rule

• 3 copies of important data
• 2 different storage media types
• 1 offsite backup location

Personal Data Backup

• Use cloud services (Google Drive, OneDrive, iCloud) for automatic backup
• Maintain local backups on external drives for critical data
• Test backup restoration periodically to ensure data integrity
• Encrypt sensitive data both in transit and at rest

University Data Management

• Follow institutional policies for data classification and handling
• Use University-approved cloud storage for work-related data
• Maintain appropriate access controls on shared documents
• Report data security incidents according to established procedures

Physical Security Considerations

Device Protection

• Use screen locks (PINs, passwords, biometrics) on all devices
• Enable automatic screen locking after short periods of inactivity
• Install device tracking and remote wipe capabilities
• Secure laptops with cable locks in public spaces

Workspace Security

• Lock computer screens when stepping away
• Position monitors to prevent shoulder surfing
• Secure physical documents and storage media
• Use privacy screens in public areas

Travel Security

• Keep devices with you rather than in checked luggage
• Use hotel room safes for devices when possible
• Avoid using public charging stations (use personal chargers/power banks)
• Update software and sync data before traveling internationally

Social Media and Online Privacy

Privacy Settings Management

• Regularly review and update privacy settings on all social media platforms
• Limit personal information visible to non-friends
• Be cautious about location sharing and check-ins
• Review and clean up old posts that might reveal sensitive information

Professional Online Presence

• Maintain appropriate separation between personal and professional social media
• Use privacy settings to control who can see posts and contact you
• Be mindful of how your online presence might reflect on the University
• Regularly search for your name online to monitor your digital footprint

Financial Digital Safety

Online Banking and Shopping

• Use dedicated devices or browsers for financial activities when possible
• Monitor accounts regularly for unauthorized transactions
• Set up account alerts for transactions and balance changes
• Use credit cards rather than debit cards for online purchases

Digital Payment Security

• Use secure payment methods (PayPal, Apple Pay, Google Pay) instead of entering card information directly
• Avoid saving payment information on shopping websites
• Use virtual credit card numbers when available
• Review statements regularly and report suspicious activity immediately

Software and Application Security

Application Selection and Management

• Download software only from official sources (app stores, vendor websites)
• Read reviews and research applications before installation
• Regularly review installed applications and remove unused software
• Keep an inventory of installed software for security auditing

Antivirus and Security Software

• Use reputable antivirus software with real-time protection
• Keep security software updated and configured properly
• Run regular system scans for malware and vulnerabilities
• Consider additional security tools for specific threats (anti-ransomware, etc.)

Communication Security

Secure Messaging Practices

• Use encrypted messaging apps for sensitive conversations
• Verify the identity of contacts before sharing sensitive information
• Be cautious about file sharing through messaging platforms
• Use University-approved communication tools for work-related discussions

Video Conferencing Security

• Use waiting rooms and passwords for sensitive meetings
• Verify participant identities before sharing sensitive information
• Be aware of your surroundings during video calls
• Use appropriate privacy settings and meeting controls

Incident Prevention and Response

Monitoring and Detection

• Review account activity logs regularly
• Set up alerts for unusual login attempts or account changes
• Monitor credit reports and identity theft protection services
• Stay informed about security breaches affecting services you use

Preparation and Response Planning

• Maintain current contact information for banks, credit agencies, and IT support
• Keep records of account numbers and important information in secure locations
• Know how to report identity theft and financial fraud
• Have plans for recovering from device theft or loss

Creating Sustainable Security Habits

Rather than attempting to implement all security practices at once:

• Choose two to three habits to focus on initially
• Practice consistently until they become automatic
• Gradually add additional security practices
• Celebrate progress and learn from mistakes

Integration with Daily Routines

• Link security activities to existing habits (check for updates with morning coffee)
• Set monthly reminders for security reviews and updates
• Make security checkups part of semester beginnings and endings
• Use calendar reminders for periodic security tasks

Community Engagement

• Share security tips with colleagues and friends
• Participate in University cybersecurity training and events
• Learn from others' experiences and near-misses
• Stay current with University security communications

Conclusion

Effective cybersecurity isn't achieved through dramatic gestures or expensive tools, it's built through consistent daily practices that create layers of protection over time. Like maintaining physical health, digital security requires ongoing attention and gradual improvement rather than perfection from day one.

The practices outlined represent a comprehensive approach to personal cybersecurity that supports both individual protection and collective University security. By developing these habits gradually and maintaining them consistently, you contribute to a safer digital environment for our entire academic community.

Every small step you take, every update installed, password improved, or suspicious email reported, contributes to the overall resilience of our digital community.

The goal is not to eliminate all risk (which is impossible), but rather to reduce risk to acceptable levels while maintaining the productivity and collaboration that define university life. Through consistent practice and continuous learning, we can achieve both security and academic excellence.