Online Risks, Passwords, and Laws
Many are looking for steps they can take to protect themselves from identity fraud. One important step is to get a credit freeze for each of the three US credit agencies. A credit freeze prevents additional credit accounts from being opened in your name.
For more information on credit freezes see the Federal Trade Commission's Frequently Asked Questions page .
The average American has around 130 accounts registered with their primary email. Each of these accounts requires a password, however good security practices require that you never reuse the same password for different accounts.
How can one possibly remember 130 strong, unique passwords? The simple answer is you don't. Instead use a password manager to manage all those accounts for you. A password manager is a program that keeps all of your passwords in a secure vault that is locked by a master password.
For a free full featured password manager, try KeePassXC .
How To Check Your credentials/Accounts integrity and prevent compromises
Below are useful tips to check your accounts and devices for potential tech related compromises.
Simply enter the email address associated with the accounts you want to check.
Enter your password into the secure application and it will tell you if that password is already known to attackers.
Learn how to detect phishing attacks from the phishing experts at Malwarebytes.
Get a quick estimate of how secure your password is and how long it would take attackers to guess.
Cyber Security Laws
There are several federal laws that govern different aspects of cybersecurity in the United States. For anyone working with medical records, the Health Insurance Portability and Accountability Act (HIPPA) governs what data can be accessed by different administrators or medical professionals.
The Computer Fraud and Abuse Act (CFAA) grants protections to certain "protected computers", including those used by the Federal Government or financial institutions. Under the CFAA obtaining unauthorized access to computer systems or exceeding authorized access can result in severe fines or a felony depending on the context of the attack.
Distributed Denial of Service attacks, also known as DDoS attacks are also illegal under the CFAA, even if the attack was not successful in disrupting the targeted service.
California Security Breach Information Act (SB-1386)
SB 1386 requires that any person or business that conducts business in California follow certain procedures to disclose the details and extent of security breaches that compromise non-encrypted personal information.
The bill requires that affected persons be notified of the compromise of their data in a timely matter following the breach.
Code of Ethics for the Security Professionals
Security professionals also follow code of ethics specific for their profession. CSUF uses a Managed Security Services Provider (MSSP).
Dell Secureworks is an extension of CSUF security operations that closes the loop of people, processes and technology, offering 24x7 security operations center support.