By Edilson Lima, Security Manager at CAIS/RNP
The concepts of information security are based on the primary idea that it is necessary to protect against threats information that has some value and, as the value of information increases, security measures change, becoming more complex and sophisticated. Thinking of examples that explain this idea in the corporate world is very easy: companies invest (or should invest) a lot of money in the security of corporate data. It is also possible to think of examples in the personal life of each individual: care with the password to access internet banking, concern for personal privacy data, just to name a few. Thus, when considering that the idea is to protect information that has some value, aspects of academic life are closely related to the topic of information security.
Unfortunately, many times students and researchers do not have the same concern about information security with their work or academic content, which jeopardizes this information that is of great value to them. It is easy to measure the value of academic information when thinking about the effort and dedication required to produce an academic work, or the importance of producing and delivering a certain content on time, or even thinking about the value of a possible scientific discovery. That is why it is important that students and researchers know and apply some basic information security precautions in order to protect their academic life.
The first, and perhaps most important, basic care is to backup your files. Imagine having a very important printed book for your academic work. It will probably not be left in the classroom unattended, nor will it be loaned to anyone, as this could misplace or damage it. However, if you have another copy at home, the impact if you lose that book is less. The same is true for digital files. The backup is a copy of the file that serves as a guarantee that if it is deleted, altered or becomes unavailable, it will be possible to access a copy and proceed the academic work.
The increasing use of technological solutions such as cloud storage or collaboration platforms can give the impression that the risk of loss, undue alteration or unavailability does not exist, and this leads people to forget the importance of having backup of all important files. However, even in the cloud or on an online system, it is possible that a file is accidentally deleted, or that another person with access can change it without keeping history or logs, or that the platform becomes unavailable at a time when you need the file. That’s why it’s very important to keep backups, in different locations from the main files.
Other important precautions for every student or researcher are related to:
- Use of unlicensed or outdated software – which may contain uncorrected security flaws and compromise the use of the software and the content generated in it, so it is recommended never to use unlicensed software and always be aware of version updates made available by the manufacturer;
- Use of unknown and unprotected wifi networks – The exploitation of unprotected networks to capture the traffic content, called a man-in-the-middle attack, is quite common and occurs since the begin of the internet, in this type of attack data can be stolen and the user may also be directed to fake and fraudulent websites, it is recommended that unknown public networks without access passwords be avoided;
- Lack of antivirus on the computer or smartphone – Constant protection of the devices used in the study or research is essential for information security. With new types of attacks such as ransomware (which uses encryption to hijack digital files and asks for a financial ransom to return access), it is extremely dangerous to use equipment without protection software.
Finally, it is important to emphasize that the security and privacy precautions applicable in corporate environments and personal access are also applicable to the academic environment. After all, security must be applied to all valuable information, which includes the all-important academic production and scientific research.
About the author
Edilson Lima is the Security Manager of CAIS/RNP – RNP Security Incident Response Team.
Also this year GÉANT joins the European Cyber Security Month, with the campaign 'A Community of Cyber Heroes'. Read articles from cyber security experts within our community and download resources from our awareness package on connect.geant.org/csm2022