Attending university introduces you to a plethora of new concepts and new skills, both because you have the opportunity to attend classes in your field of specialty, and because you’re living on your own, as an adult, for the first time. In both these applications, I’ve managed to learn far more about privacy and security than I was able to realize on my own, from my experience with campus Wi-Fi to the courses preparing me for a career in programming.
I’m recounting some of my biggest takeaways here to showcase some of the new knowledge and experience my professors have given me—and hopefully reach any of my peers who haven’t responded to the University of Minnesota’s efforts to increase privacy and security for everyone.
Key Lessons on Privacy and Security
These are some of the most important privacy and security lessons I’ve been able to learn, thanks to my experience here:
Not enough people take privacy and security seriously. First and most importantly, not enough people take privacy and security seriously. This is the first and most important step in better security and privacy habits, because if you don’t take the matter seriously, you’re not going to invest any time, money, or effort into it. Older generations seem to have a lack of understanding of how technology fundamentally works in many cases, while younger generations simply don’t think threats to security or privacy are anything to worry about. For example, younger people may be more likely to download a new app without researching its security credentials, publisher information, and so on. The University of Minnesota has done an amazing job distributing information about the importance of online privacy and security to students—but that only works when people take it seriously to begin with.
The most important measures are the most basic ones. It’s interesting that so many people view cybersecurity and privacy measures as intensive or expensive. In some ways, it is. If you’re running a major organization, you may need to spend millions to keep your employees and customers safe. But the most effective and important security measures seem to be the simplest; after all, it doesn’t matter how impressive your firewall is if one of your employees chooses “password” as their password.
No single app can provide ample protection by itself. We like to trust big-name developers to keep us and our data secure, but while they often do an amazing job, no single app or suite of services can provide ample protection on its own. For example, if you’re relying on a cloud services provider, additional cloud security measures may be necessary to keep your information secure; especially if you’re monitoring vulnerabilities across an entire team.
There’s a shortage of security experts outside of the university. I’m grateful for the number of security and tech professionals on campus, and wish the rest of the country worked the same way. But across the country, there’s a serious lack of security experts available—and a lack of security education among common employees. A combination of lack of interest and lack of available learning programs is partially to blame—but there’s only so much that amazing programs like those at the University of Minnesota can do to solve this nationwide issue.
The nature of privacy and security is always changing. In just a few short years, I’ve watched a number of transformations in privacy and security take place, in the type of apps that are available, in best practices and recommendations, and even in public attitudes. It’s enough to make me realize that there will always be more to learn, and security will always be a moving target.
No one can help you except you. The University of Minnesota, campus professors, parents, and even your friends can make recommendations, caution you about the importance of security, and even help you instill good habits. But ultimately, you’re the only one who can step up and change your practices for the better.
Integrating Privacy and Security Into a Career
I’m thinking about pursuing a career in digital security, or at least something related to IT, so all the new information I’m getting about digital privacy and security matters. But even if I decide to make a switch, these new lessons are going to be important to my future—and I suspect they’ll be important in yours, as well.
That’s because no matter what kind of role you have, you’re going to be at least partially responsible for maintaining a respectable level of privacy and security on behalf of your employer. By some measures, the majority of cyberattacks are the result of a simple, preventable human mistake—oftentimes made by someone not in the IT department. In other words, we all need to step up our efforts.