Effective Cybersecurity is Accessible; Effective Digital Accessibility is Secure
Posted Date: October 1, 2023
Essential Update Rundown
Remember, updates are not optional. Their most common components are critical to keeping technology safe, healthy, and performing as designed.
Technology updates are frequently referred to as "patching" and allow your technology to improve in the following ways:
Security: Block and mitigate damage from cyber threats being introduced daily, ranging from malware to data theft.
Accessibility: Enhance or add accessibility features for both individual and managed devices.
Maintenance: Prepare technology to continue performing well in shifting environments, such as keeping operating systems compatible with changes to cellular networks.
Performance Improvement: Correct design coding glitches or "bugs" that cause dysfunction and add newly developed or enhanced features and options.
October is National Cybersecurity Awareness Month and National Disability Employment Awareness Month. Now is the ideal time for users to familiarize themselves with the tools and support Northwestern IT provides to keep cybersecurity and digital accessibility aligned and top of mind. While the topics may seem disparate, the best way to protect against cyber threats and create a more inclusive and accessible community is to remain aware and proactive.
There are a number of evergreen and accessible steps users can take to shield themselves, including:
- Using multi-factor authentication (MFA)
- Keeping devices, software, and cloud-based applications up to date
- Learning how to recognize and report all kinds of phishing
- Using strong passwords
Read on to review details about simple ways to stay safer online and for information on how artificial intelligence impacts both cybersecurity and digital accessibility.
Whether you have heard it referred to as MFA or two-step authentication, using an additional identity verification method beyond entering a user name and password is one of the best ways to protect your privacy and data. Duo is designed with accessibility in mind, offering multiple tools, including screen readers, magnifiers, and various color contrast lenses.
Nearly all technology available today—including your laptop, smartphone, and browser—receive software updates from their manufacturers. Updates sometimes contain new and exciting features, including accessibility improvements, but most contain fixes for critical security flaws used to infiltrate systems and smuggle data. In 2022, more than 25,000 such flaws were found in software and hardware; most were fixable with software updates or upgrades.
Manufacturers focus on the most current versions of their products, so running supported software and hardware allows users to receive security patches and accessibility enhancements as they become available. Updates sometimes happen automatically, but often, they require a user to accept the update or restart their device for the patches to take effect. Review the "Essential Update Rundown" on the right side of this page to learn more about different update types and how they improve your technology.
Phishing, or its text message and video counterparts "smishing" and "vishing," remain among the most pervasive threats to the Northwestern community. Phishing messages can make it to our inboxes, even after various layers of email defense quarantine nearly three million messages per day. Phishing attacks are not always about compromising credentials or other sensitive data; they are often a gateway for other financial crimes.
Northwestern IT provides tips and resources to help users identify and avoid phishing. Below are a few to consider:
Tips and Resources to Identify and Avoid Phishing
- Verify the sender on any messages containing odd language, urgent calls for action, support requests, notices, alerts, warnings, and any requests for personal information.
- Never open links directly from emails. Always verify any link's URL address in a separate browser or by using a URL checker tool.
- When using a screen reader, use keyboard commands to open a list of all URLs in active emails or web pages for a quick way to review and evaluate links.
- If you suspect a security incident has occurred, immediately contact your school or department's local technical support staff or the Northwestern IT Service Desk.
- Find more tips and resources to help users identify and avoid phishing.
A strong password is the first line of defense in digital privacy and data protection. Passwords need to be sufficiently complex to be effective. However, that does not mean passwords must be so complicated that they lock out those they intend to protect.
Take It Easy
Aim to create something personal and distinctive rather than difficult to make passwords easier to remember.
One of the solutions Northwestern IT suggests for creating complex but uncomplicated passwords is to use a passphrase. Song lyrics, favorite phrases, or other personally meaningful sentences are good options for creating long, distinct passwords.
Password length and complexity are the most difficult to crack.
Modern account compromises are not about someone guessing your password but how long it takes for a computer to try all the different combinations. Try to use a password or passphrase that hits the maximum length requirement that a site or service provides.
Give your memory muscles a break.
Keep It to Yourself
Even the strongest passwords will only protect you as well as you protect them. Keep your passwords safe—NEVER share them with others.
No one else needs to know your password, including your NetID password.
Northwestern IT will never ask you to share your password. Make it your top priority to keep passwords completely private.
Sharing devices may create an opportunity for other users to access your information.
Be very careful allowing others to use your personal devices, and remember to completely log out of all systems you use on shared or public devices, such as computers in labs across campus.
Do not leave a trail for others to find your information.
Make a habit of completely clearing browser history and clearing your cache after using a shared or public device.
Do not give anyone who doesn't share account ownership access to your home (dormitory or apartment) network.
All home networks allow you to create a "guest" network with a separate name and password to keep your password private even when you share your bandwidth.
Generative AI tools, such as ChatGPT, Bard, and DALL-E, are evolving quickly and becoming pervasive in the technology industry. This rapid change is ushering in novel challenges and new possibilities for cybersecurity and digital accessibility.
|Pros||AI technologies, including machine learning, natural language processing, and computer vision tools can be leveraged to enhance accessibility by expanding users' possibilities to customize how they engage with digital content. Similarly, AI-based endpoint security solutions using machine learning algorithms can scan files and evaluate device behavior to identify malware and other threats better than ever before.|
|Cons||If the necessary considerations around inclusivity are not part of developers' processes, AI can complicate and introduce new accessibility barriers. The ways AI can be manipulated to bolster the reach and impact of cyber threats are evident and expanding.|
|Recommendations||There is no singular way to contemplate how AI's future will impact human interaction with digital technology. As we all continue to learn more, Northwestern asks that all members of the University community conduct teaching, learning, research, and business following the University's Guidance on the Use of Generative AI. Northwestern has compiled specific instructor resources and other information concerning AI on the University's Artificial Intelligence website.|
Digital accessibility and cybersecurity share the common goal of inclusivity. Both aim to guarantee equitable and safe usage of the tools and resources that technology affords without barriers, the threat of harm, marginalization, or exclusion. Actualizing that guarantee requires both individual and collective action. Please follow the insights shared in this article and join Northwestern IT in working to keep us all safer. For additional information and resources on these topics, you can visit Northwestern's digital accessibility and information security websites.