Security awareness

6-Step Security Awareness Checklist for College Students

Christine McKenzie
October 31, 2018 by
Christine McKenzie


Technology plays a huge role in a student’s life on campus. It’s how they socialize with friends and family, work on assignments and handle their finances. Like anything that plays such a large role in life, it’s important to keep it safe.

That’s where security awareness comes into play! Essentially, security awareness is the knowledge you need to keep your digital life private and secure.

Two year's worth of NIST-aligned training

Two year's worth of NIST-aligned training

Deliver a comprehensive security awareness program using this series' 1- or 2-year program plans.

College students face unique cybersecurity threats. Between class registration and social media, much of their personal information is digitized. They often work in public spaces like libraries or cafes with unsecured networks. Open living situations like dormitories can also pose a threat, with laptops and smartphones vulnerable to theft.

With that in mind, this article will focus specifically on Internet safety for college students. The following is a security awareness checklist with six steps covering how students can protect their digital lives throughout their time at college and beyond.

The Checklist

1. Avoid Phishing Scams

Have you ever gotten a strangely-worded email asking you to open an attachment or follow a link to an external website? If so, there's a good chance this was a phishing scam.

Phishing scams will often attempt to mimic a legitimate institution, like a bank or university, and will ask you to divulge information like your login, bank account number or Social Security number. Additionally, they will often aim to create a sense of panic or urgency for the user by claiming there was unauthorized activity on your account that you should fix immediately. While these scams are dangerous because you can potentially lose highly-sensitive information about yourself, you know also easily learn to spot them if you know what to expect.

You can read about the ten most common phishing scams here.

Some common warning signs of phishing scams identified by security awareness experts include:

  • Similar, but not-quite-matching email domains. Instead of an email from, a phishing scammer might send an email from This is known as typosquatting
  • False urgency. Feeling rushed to make a decision? All the more reason to have a second look. Scammers frequently rely on rushing you to impair your judgement
  • Uncanny familiarity. A common phishing technique involves compromising an email, and then attempting to phish every contact associated with that email. See an email from a friend or relative where they don’t sound quite right and don’t seem to know you? Then it’s probably a phisher in disguise!

2. Protect Your Password

Don’t assume that because your account is password protected that it’s automatically safe. Although passwords do offer valuable protection to your accounts, some passwords are stronger than others and you should always take steps to protect your password. By following a few simple rules of thumb, you can ensure your password is not easily crackable.

Security awareness experts recommend using a combination of capital letters, numbers and symbols to throw off would-be intruders. In the event that your password does get stolen, having different passwords for your accounts instead of just one you use across all accounts will help minimize the damage.

3. Don’t Leave Devices Unattended

This may sound obvious, but you may find yourself tempted to leave your laptop out at the library while you run to the restroom, or you might forget to lock your door when you leave for class with your phone or other devices out in plain sight. If you absolutely have to leave your device unattended, use a password-protected login to add an additional layer of security in case your device falls into the wrong hands.

Likewise, be cautious about what devices you connect to your computer. If you find a random USB stick lying around, you may feel like you got lucky and scored a free new device, but this can also pose a threat. Security awareness professionals consider USBs “attack vectors” because hackers will load them with malware and leave them in public places with the goal of getting someone to pick one up and plug it into their computer. Once plugged in, it will infect your computer and potentially the entire network your computer is part of. To best protect yourself, follow the BYOD (bring-your-own-device) rule of your college or university and only plug in devices that you personally own.   

4. Be Cautious When Using Unsecured Networks

Thanks to innovations like mobile technology and Wi-Fi, you can move around from your apartment to the library or the cafe down the street and plug seamlessly into your network.

While this is certainly convenient, using an unsecured public Wi-Fi network comes with its own risks. Unsecured networks allow the transfer of data without any encryption or security protection. This means a third party can intercept any information sent through the network, including passwords and login credentials and sensitive information like your emails. As a result, if you are using an unsecured network, it is best not to log into any of your accounts or share anything too personal or sensitive.

5. Update All Software Regularly

Software updates can seem pesky and repetitive, but they’re a critical step in keeping your devices secure. Many updates are designed to address security faults in older versions of the software and shore up any bugs or exploitable holes in the code. Software you should update regularly includes your operating system, web browser, and antivirus.

Using an antivirus program is an easy way to protect you from many kinds of viruses and malicious attacks. However, antivirus can only provide you with the best possible protection if its updated regularly. The viruses and malware used by hackers are constantly evolving to thwart aging antivirus libraries. By keep your antivirus updated, you can ensure your device is protected against the latest threats.

6. Use Secure Sites

When you open a web browser, you have thousands of websites at your fingertips, some more reputable than others. To best protect yourself while you browse, security awareness experts recommend using secure sites. You can easily double-check that a site is secure by looking for the padlock icon and “https” in front of the website address. Using secure sites means any data transferred between the website and your browser is encrypted, which protects it from being easily viewed by third parties.


College students are tech-savvy and extensively utilize technology in their daily lives. Everything from private conversations to class completion and financial purchases can be made online. As a result, it’s important to understand how to best protect your data and personal information. Having a foundational knowledge of security awareness and how it applies to life on campus will go a long way towards keeping your digital life safe and secure.

Be sure to hold onto this security awareness checklist so you can implement these best practices and tips outlining internet safety for college students.


Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.


This Is Exactly What Not To Do When You Find a USB Stick, TIME

Christine McKenzie
Christine McKenzie

Christine McKenzie is a professional writer with a Master of Science in International Relations. She enjoys writing about career and professional development topics in the Information Security discipline. She has also produced academic research about the influence of disruptive Information and Communication Technologies on human rights in China. Previously, she was a university Career Advisor where she worked extensively with students in the Information Technology and Computer Programming fields.