Information Security & Secure Connections

The use of mobile devices and ubiquitous access to wireless networks are becoming the norm across the globe. Unfortunately, online predators know how to steal information when proper security is not in place. Using unsecured wireless networks and web sites can expose your information to criminals. Encrypting laptop disks, storage devices, and sensitive files can also protect your information

Please review our tips for Information Security and Secure Connections below:

1. Use encryption to protect your information.

  • Encryption is a way to enhance the security of a message or file by scrambling the contents so that it can be read only by someone who has the appropriate encryption key to unscramble it.

  • You can choose to encrypt your entire hard disk or a storage device like a hard drive, USB storage devices may be purchased with built in encryption. The best way to ensure that files on your laptop are not accessible if it is lost or stolen is to use disk encryption. Some common free tools for encryption are TrueCrypt (Windows, Mac,Linux), Disk Utility (Mac), 7-Zip (Windows), and GNU Privacy Guard (Windows, Mac, Linux).  Stonehill laptops are all configured with TrueCrypt disk encryption.

  • File encryption is recommended for transmitting confidential information as an email attachment. MS Office documents can be encrypted with a password that is then shared with the receiver in a separate message or method.  Use this option with caution as email is inherently unsecure.

2. Ensure that a web site is secure and is what it claims to be before entering personal information.

  • Online shopping and banking is convenient for all of us, including criminals. Attackers can create malicious websites that appear to be legitimate often sending links in email messages that just as legitimate. Make sure the site is legitimate and your information is being encrypted before entering information like bank account, credit card number, or passwords.

  • Use reputable sites that are known to you. If you are unsure about a source, type the address into your browser instead of clicking on a link in an email or on a web site.

  • A legitimate site will use SSL, or secure sockets layer, to encrypt information. Indications that your information will be encrypted include a URL that begins with "https:" instead of "http:" and a padlock icon. If the padlock is closed, the information is encrypted. The location of the icon varies by browser; for example, it may be to the right of the address bar or at the bottom of the window.

  • Click the lock to get verification of the web site’s identity.  Information about the site owner and the certificate authority that issued the SSL certificates should be displayed.  If you are unsure, search for information on the authority.

  • If you are still unsure, don’t use the website.

3. Always practice wireless safety with public hot spots.

  • Only use legitimate hotspots (wireless access points).  Make sure you know who owns the connection you are trying to access.

  • Enable the personal firewall on your computer. Microsoft Windows users have a personal firewall installed.

  • Turn off your Android/iPhone's built-in Wi-Fi when you aren't using it or you may be auto-connecting to nearby wireless access points - plus it saves your battery!  You should also choose the wireless setting that requires manual selection of a network that is not known.

  • Secure your wireless network at home by configuring WPA security which enables encryption and a password for your network.WEP is a less secure option if WPA is not available. If you are in an area with many wifi hot spots or lots of residents near your wifi consider not broadcasting your SSID.

  • Public networks that are available at places such as Starbucks, McDonalds, and Panera are unsecure and susceptible to “sniffing” by criminals. This means that they may see sensitive information that you transmit like passwords and credit card numbers. Use of these networks is not recommended for doing anything that requires a login. Some of this risk is removed by using the Stonehill VPN (Virtual Private Network) which encrypts your connection, but only for services accessed at Stonehill.

4. Use hillspot secure wireless at Stonehill, not guest.

  • The hillspot secure wireless network is encrypted so information sent over the network cannot be intercepted by anyone else.

  • The Guest wireless network is unsecure and information sent over this network is in clear text. This means that software may be used by anyone to read all of your transmissions.

5. Exercise caution when using peer-to-peer file sharing.

  • BitTorrent is a commonly used peer- to-peer file sharing protocol that accounts for a large percentage of all internet traffic. There many legitimate uses for this protocol but it is unfortunately commonly used for copyright infringement.

  • Copyright infringement is a serious offense in the United States and carry’s severe penalties including jail time and fines up to $150,000 dollars for each work infringed and can easily ruin the rest of your life.

  • Cyber criminals commonly implement their malicious software into torrents as it is an easy way to distribute malware disguising it as some other piece of work such as a song, movie or software.

  • For more information on peer-to-peer file sharing and its risks, please visit our Peer-to-Peer File Sharing page.

Additional resources: