Brookhaven College

Home  |  Career Development Center  |  Continuing Education  |  Current Students  |  Class Schedules  |  Distance Learning = SAVE GAS!  |  eCampus  |  eConnect  |  Employees / News  |  Español  |  Future Students  |  Head Start Center  |  International Students  |  Students 50+   |  Transfer101  |  Workforce Training

Brookhaven College employee newsletter: Wednesday, September 19, 2012

Need to Know: Http vs. Https

Need to Know: Http vs. Https

BIG thanks to Terri Edrich, executive director of Human Resources, for submitting this unique story idea.

You shall not pass!

Guard your personal information online like Gandolf guards hobbits from ancient fire monsters.

Catch the "Lord of the Rings" reference there? If you did, you've probably read the trilogy and should write a book recommendation.

In the cyber world, not all websites are created equal, and only one letter stands between your personal information and hackers’ prying eyes. The magical letter, “S,” as in https:// rather than http://, refers to “secure” and can be found in the prefix of each Web address that runs on a secure connection.

Long story short, if there’s no “S,” beware.

Never enter personal information such as credit card and social security numbers, email addresses, passwords or the like on an unsecured website. If you do, you’re in danger of serving your private information to anyone who wants it. Hackers could see what you see and what you type, and could use that information to gain access to your personal email, social media pages, bank account and more. That’s right. Your $money$ is at stake. Listen up.

No matter if the site is secure or unsecure, there are general precautions everyone should take while online. Manny Estrella, senior information systems manager, shared a few tips.

"In this day and age of identity theft and hacking incidents, it really pays to be diligent and a little bit paranoid," he said.

Always check to make sure the site is secure before typing personal information. If the prefix isn’t visible when you first enter the site, it’ll pop up when you’re directed to enter personal information. Remember, you’re looking for https, not http. Also, be particularly cautious when logging in to an unsecured site through a hotspot or open network like DCCCD-wireless or AT&T in Starbucks.

Manny’s favorite line of defense is to use strong passwords and to use a lot of them. Passwords should be long and use a combination of letters, numbers and characters, and should never be the same from one login to another. They even need to be changed often.

Also, many sites such as Facebook and Gmail allow you to set up double password authentication – any attempt to login to the site would instantly send your phone a text with a single-use password for immediate use. The bonus of double authentication is not only security, but also an instant alert that someone is trying to access the account.

Because passwords are so important to personal security, Manny gave the following quick tips for managing your (hopefully) ever-changing password list.

Smart phones offer excellent password apps that can help you keep track of which password is being used where. Manny cautions, however, that the app itself needs to be doubly protected with one password to access your phone and another password to access the app.

Secondly, you can create a pattern by using a strong base password – long, letters, numbers, symbols – then customizing the password to the account. For example, if the base is @@Br00khavenCo11ege**, your Facebook password could be @@Br00khavenCo11ege**FBook, and your email password could be @@Br00khavenCo11ege**EMai1. Just remember to change the base often.

If a case arises that you may need or want to use the information stored on an unsecured website, use caution. You should never divulge bank account or social security numbers to unsecure sites, though Manny said you can easily skirt around those that require an email address to use their services by creating a bogus email address you’ll never use.

Be "paranoid," as Manny puts it, but know that site security is on the rise.

“The great news is that more and more sites are securing their login interface and have added features such as user identified picture ID or two-factor authentication,” Manny said. “Using these features will make it more difficult for hackers to access your account even if your password has been stolen.”

Have more questions? Call Manny at Ext. 4822.

Your information is your own - yours. Your preciousssss.

Again with the "Lord of the Rings" reference. Seriously, read it.