The Cost of Convenience

Posted on 7/17/2020 9:47:37 AM
Waleed Farag and students

Waleed Farag is a professor of Computer Science and the director of IUP’s Institute for Cyber Security. Since joining the IUP community in 2002, he has been responsible for overseeing the IUP cybersecurity program, which has been designated as a Center of Academic Excellence in Cyber Defense Education since the early 2000s.

During the last five years, Farag has secured about $2 million in federally funded grants from the Department of Defense, the National Science Foundation, and the National Security Agency, many leading to the establishment of unique programs and initiatives that contributed to the enhancement of cybersecurity education at IUP and the surrounding regions.

Farag has served in the technical program committees and as a reviewer for several international journals, conferences, and federal agencies. He is a senior member of the Association for Computing Machinery. His research interests include cybersecurity education and dissemination; e-learning delivery, assessment, and applications; network security, multimedia data security, and information hiding; and multimedia indexing and retrieval techniques and applications. He has several contributions in these areas and has published over 50 articles as book chapters and papers in journals, conferences, and workshops.

Cybersecurity was an important topic before the pandemic; but now, with so many transactions taking place online due to health and safety precautions, we asked Farag for some tips on personal cybersecurity.

Reports about cybersecurity breaches at banks, credit card companies, and retailers are frequently in the news. Can you trust companies with your financial information?

Users should have trust in the service providers they use. Once you use a company, you actually transfer the security risk to that company. That entity, by law, must take strong measures—its “due diligence”—to secure your information. Security measures available to companies have improved significantly in the last decade or so. While we still have some work to do in our field of cybersecurity, there are new efforts to improve security happening constantly.

Of course, we always have to worry about genius hackers; the cybersecurity field is very complex—it’s not just understanding the workings of a computer. That’s why we have to offer a comprehensive curriculum to our students. To be successful in the field, they need to understand so many other aspects that affect cybersecurity, ranging from privacy laws to the criminality of consequences.

When your computer or phone gives an alert about updates, do you need to take the time to power down and let the update happen? Do they really do anything?

Yes! They are very important. You should try to make sure that your programs and systems are up to date. Automatic update windows usually have a default setting of “on” or “active.” Don’t turn those off. When you get a pop-up message that your software needs to be updated, don’t ignore that—if you ignore it, it can be dangerous, because these software updates, or patches, can save you from an security attack. All software must be updated. It is well worth the time to accept the update.

Are passwords really important?

Absolutely. After the security measures of a computer software system, passwords are your second line of defense. Passwords are still the most common way to hack into a system.

But, way too often, people choose convenience over security. You don’t need to be an expert to protect your privacy and your accounts. Here are some tips:

  • Passwords must be complex. It seems silly to tell people not to use passwords like “welcome,” “hello,” or “123456,” but these are being very commonly used.

  • Don’t write your passwords down where people could find them in your home or office.

  • Be aware of how many accounts you have that require passwords—even ones that aren’t associated with banking or shopping. If your password is discovered for one of these non-financial accounts, this could open the door to hackers breaking into other accounts. Most people don’t have any idea how many accounts and passwords they have.

  • Use a unique password (as much as practically possible) for every account you have. Using the same password for every account you have is very dangerous. It’s convenient, but definitely not secure.

  • Don’t have your devices “remember” and autofill in your passwords.

Could filling out an online customer service survey, including one that promises an online gift card or other benefit, put you at risk for a security breach of your information?

Yes, this definitely can lead to security breaches. It is very recommended that you limit the sharing of your sensitive information at all times, particularly when you are online. If you trust the providers of these surveys, you can still participate while taking all the precautions discussed in this message.

More About Waleed Farag

  • PhD’02, Computer Science, Old Dominion University
  • MS, BS, Electrical Engineering, Zagazig University, Egypt
  • PhD dissertation proposed techniques constituting a fully content-based system for retrieving video data

Classes He Teaches

  • Computer Literacy
  • Problem Solving and Structured Programming
  • Internet and Multimedia
  • Object Oriented and GUI Programming with Java
  • Interactive Internet Programming with Java
  • Data Structures and Algorithms
  • Intro to Cyber Security
  • Computer Networks
  • Network Security
  • Unix Systems
  • Seminar on the Computer Profession and Ethics
  • Computer Architecture
  • Internet Architecture and Programming
  • Introduction to Operating Systems
  • Information Assurance Administration
  • Seminar on Technical Topics