Digital Security
Matt Everhart
What is digital security?
Digital security is the protection of your digital identity - the network or Internet equivalent of your physical identity. Digital security includes the tools you use to secure your identity, assets and technology in the online and mobile world.
Tips to do, ways to be proactive. (How to be secure online)
- Fortify Your Passwords.
- All HTTPS, All The Time.
- Secure Security Questions.
- Using 2-step verification.
- Use a Secret Email Address.
- Unlist that Google Voice Number.
- Manage Your Passwords.
- Set Up Login Notifications.
- Tie Up Those Loose Ends.
- Keep your card info offline.
- Put passwords on your devices.
- Keep an offline backup.
- Don't link your accounts.
Things to NOT do, (things to avoid).
- Perform required software updates for your operating system and web browser.
- Install a firewall on your computer.
- Change your passwords often.
- Purchase or download anti-virus software.
- Install anti-spyware/adware programs onto your system.
- Delete emails from unknown sources.
Perform required software updates for your operating system and web browser.
Install a firewall on your computer.
Change your passwords often.
Purchase or download anti-virus software.
Install anti-spyware/adware programs onto your system.
Delete emails from unknown sources.
What to Do If You've Been Hacked
The recent celebrity hacking incident and Home Depot data breach may have you worried about your online security, and rightly so. As we bring more aspects of our lives online — social, shopping, banking, storage — the risks of cyber crime increase. But there are ways you can better protect yourself.
In this guide, I’ll outline some steps you can take to safeguard your various Web accounts and devices. The recommendations come from several Internet security experts I spoke with, including Laura Iwan, senior vice president of programs at the Center for Internet Security; Sean Sullivan, security adviser at F-Secure (an antivirus and online security solution provider); and Timo Hiroven, senior researcher at F-Secure. There are also tips on how to detect if you’ve been hacked and what to do about it.
De-fense! De-fense!
There are numerous precautions that you can take in order to protect yourself from hackers. One of the easiest and most simple ways is to create strong, unique passwords for every one of your accounts. Yet most people don’t. While it’s tempting to use something like your child’s name and birthday because it’s easier to remember, creating a password with a random mix of uppercase and lowercase letters, numbers and characters will be harder to crack.
password_reminder
Africa Studio / Shutter stock
There are password apps like Last Pass and 1 Password that can help you with this by generating strong passcodes for each of your accounts. Plus, they’ll keep track of them all. When choosing such a program, Iwan recommends that you look for one that uses an industry-accepted standard for encryption like Advanced Encryption Standard, or AES, and one that stores your passwords locally on your computer, rather than in the cloud.
Another safety measure you should take is to enable two-factor authentication when available. Two-factor authentication requires a user to provide an extra form of identification beyond just your login ID and password. This may be a special PIN code that’s sent to your phone, a physical token like a key fob, or your fingerprint.
Two-factor authentication isn’t impervious to attacks, but it does add an extra layer of protection. Many popular Web services, including Gmail, Microsoft, Apple, Twitter, Facebook and Dropbox offer two-factor authentication, so take the extra few minutes to turn it on.
Be suspicious of emails asking for personal information. A lot of hackers use a method called “phishing” that aims to gather sensitive data from you by sending an email that looks like it’s from a legitimate entity like your bank or credit card company. Some signs of a scam might be requests for immediate action, spelling and grammar mistakes, and suspicious links. Do not respond to these. Instead, call up the institution that supposedly sent the email and confirm if it’s legit or alert them to the issue.
Also, it should go without saying, but in general, don’t click on suspicious links or browse unsafe websites. Only install applications that come from trusted, well-known sources. And be sure that the operating system and apps on your computers and mobile devices are updated with the latest versions and patches.
Here are some more specific tips for different Internet activities:
Email and social accounts
Think twice about what you post to your social networks, and monitor what others are posting about you. There’s a chance that hackers might use your social profile pages to gather personal information about you, and try to guess your password or answers to your secret question.
Related to that, check your account’s privacy settings to make sure you’re only sharing information with your friends, and not with the public.
Sullivan also recommends creating separate email addresses for your personal communication and everything else. For example, you might use a throwaway email address for news websites that make you register with a user name and password, or for retailers who want to send you coupons.
Cloud accounts
If you back up your files to the cloud, remember that even though you delete them on your computer or mobile device, they’re still stored in your cloud account. To completely delete the file, you’ll also need to remove it from your backup cloud account.
Online transactions
Don’t use public computers or public Wi-Fi networks to make any transactions. The machines might contain malicious software that can collect your credit card information, and criminals could also be monitoring public Wi-Fi networks for similar information.
Web browsing
Don’t respond to pop-up windows.
Secure your home Wi-Fi network using WPA2 with AES encryption settings. There’s a good tutorial on how to do that here.
Set your Web browser to auto-update to ensure that you’re running the most current version.
Know the signs
How do you know if you’ve been hacked? There may be some obvious signs. For example, you may start getting emails from your friends saying they received a strange message from your email address. Or your bank or credit card company might call you about some suspicious activity on your account. If you installed a mobile app with malware on your smartphone, you might find some unauthorized charges on your phone bill.
There are other, more subtle indicators. You may find new toolbars installed on your Web browser, or new software on your computer. Your computer may also start behaving strangely or slow to a crawl.
These are all signs that you might have been hacked.
I’ve been hacked. Now what?
If you have been hacked, the first thing you should do is reset your passwords. Iwan recommends starting with your email account, followed by your financial and other critical accounts. This is because password resets for all your other accounts are typically sent to your email.
If you’re locked out of your account or blocked from accessing it, many Web services have steps in place so you can get back in. For example, Facebook has a system where you can use a trusted source like a friend to take back your account. Search each service’s help section for specific instructions.
Speaking of friends, you should let your contacts know that you’ve been hacked, and report the issue to the site. Also, run a scan of your computer or mobile device using a trusted and up-to-date antivirus program.
In the case of identity theft, order a copy of your credit reports, and file an initial fraud alert with the three major credit bureaus: Equifax, Experian and TransUnion. Contact your local police and report the identity theft, and request new cards from your bank and credit card companies. You should also continue to monitor your monthly statements for any more unusual activity.
Unfortunately, there’s no way to completely eliminate the risk of hack attacks and other cyber crimes. But by taking some safeguards and arming yourself with the knowledge of what actions to take in the event of an attack, you can help better protect yourself and minimize damage.
Relevant facts, data, ideas.
1. Internet is insecure to the core
Do you know majority of the protocols that form the Internet — such as HTTP (the Web), FTP (file transfers) and SMTP (email) — aren’t safe. This means whatever data you transfer using these technologies is open for anyone to see. So, you might think you’re sending a sealed envelope, but in reality, it’s a postcard that anyone can read.
2. Use Encryption
Luckily, you can use several most common Internet protocols with safe alternatives. These options bestow you with the similar functionality, but help you encrypt your data before transmitting it and decrypt it once it’s delivered. HTTPS is one of the safest protocols that makes it possible to transmit credit-card numbers and other sensitive data on the Internet. To check whether an HTTPS connection is available for a particular site, enter https:// rather than entering http:// in your browser’s address bar.
3. Avoid using weak passwords
Several security breaches start with feeble passwords. Don’t create passwords, which are easy to guess. Various studies indicate the most common passwords are also the weakest ones. Strengthen your password by choosing appropriate length— use eight or more characters. You can also include different letters, numbers and symbols, with a mix of upper and lowercase characters.
4. No password is more important than the one for your email
Avoid sharing your email passwords. If a person has access to your email, it is easier for him/her to gain access to any number of other accounts. This is because many sites allow for password resetting by clicking email-based confirmation links.
5. Use different email accounts for different purposes
Work towards minimizing the damage of a breach. This can be done by using one email account for most public communications and another email for private for more-sensitive communications.
6. For the best security, use a password manager and memorize just one “super password.”
Use strong passwords to ensure digital security. It will be even better if you use different passwords for different accounts. It is difficult to remember lots of different complicated passwords, in this situation, you can use a password manager. This tool generates very strong passwords and then encrypts those passwords.
7. Storing and communicating data essentially compromise security
Though encryption is a great tool, but choosing good passwords can surely help you keep your data safe.
8. Anonymisation can resolve various security concerns.
Apart from encryption, anonymisation is also another way to ensure security. Anonymisation involves various technologies including proxy servers and VPNs. Tor is a popular anonymisation tool, which employs a combination of encryption and relays to confuse data and send it on a junction path before it reaches its destination.
9. Open WiFi networks can be a problem
Though HTTPS is a big security tool even when you are communicating over insecure wireless networks, but it is still risky. However, information which has been encrypted over HTTPS won’t be visible, but certain websites execute HTTPS partly, protecting login pages but not other details.
10. Protecting illicit access to your physical devices is essential
All efforts to secure your online details would go in vain if your PC isn’t physically secure. If you stay signed in to accounts in your browsers, it wont take much time to access sensitive data stored on your PC.
Essential Questions
1. What does it mean to be a digital citizen?
Digital Citizenship is a concept which helps teachers, technology leaders and parents to understand what students/children/technology users should know to use technology appropriately. Digital Citizenship is more than just a teaching tool; it is a way to prepare students/technology users for a society full of technology. Digital citizenship is the norms of appropriate, responsible technology use. Too often we are seeing students as well as adults misusing and abusing technology but not sure what to do. The issue is more than what the users do not know but what is considered appropriate technology usage.
2. What are my rights and responsibilities as a digital citizen?
They are the basic set of rights extended to every digital citizen. Digital citizens have the right to privacy, free speech, etc. Basic digital rights must be addressed, discussed, and understood in the digital world. With these rights also come responsibilities as well. Users must help define how the technology is to be used in an appropriate manner. In a digital society these two areas must work together for everyone to be productive.
3. How can I use digital tools to educate others about digital citizenship?
By using the Nine Themes of Digital Citizenship
- Element 1: Digital Access: This is perhaps one of the most fundamental blocks to being a digital citizen. However, due to Socioeconomic status, location, and other disabilities- some individuals may not have digital access. Recently, schools have been becoming more connected with the internet, often offering computers, and other forms of access. This can be offered through kiosks, community centers, and open labs. This most often is associated with the digital divide and factors associated with such.
- Element 2: Digital Commerce: This is the ability for users to recognize that much of the economy is regulated online. It also deals with the understanding of the dangers and benefits of online buying, using credit cards online, and so forth. As with the advantages and legal activities- there is also dangerous activities such as illegal downloads, gambling, drug deals, pornography, plagiarism, and so forth.
- Element 3: Digital Communication: This element deals with understanding the variety of online communication mediums such as email, instant messaging, Facebook messenger, the variety of apps, and so forth. There is a standard of etiquette associated with each medium.
- Element 4: Digital Literacy: This deals with the understanding of how to use various digital devices. For example, how to properly search for something on a search engine versus a database. How to use various online logs. Oftentimes many educational institutions will help form an individual’s digital literacy.
- Element 5: Digital Etiquette: As discussed in the third element, digital communication, this is the expectation that various mediums require a variety of etiquette. Certain mediums demand more appropriate behavior and language than others.
- Element 6: Digital Law: This is where enforcement occurs for illegal downloads, plagiarizing, hacking, creating viruses, sending spams, identity theft, cyberbullying, and so forth.
- Element 7: Digital Rights and Responsibilities: This is the set of rights digital citizens have such as privacy, speech, and so forth.
- Element 8: Digital Health: Digital citizens must be aware of the physical stress placed on their bodies by internet usage. They must be aware to not become overly dependent on the internet causing eye strain, headaches, stress problems, and so on.
- Element 9: Digital Security: This simply means that citizens must take measures to be safe by practicing using difficult passwords, virus protection, backing up data, and so forth.
By using good manners, be respectful, and behave appropriately. Follow these rules and show people what you want them to see. Show them your best, and give your best effort at all times. When you do these things, you are creating a good image of yourself. You will have a good reputation and a positive public image! You are leaving good tracks behind...
References
- https://docs.google.com/a/pinkertonacademy.org/file/d/0B6EsbtdZzIpCWUVoWW84bVItS3c/edit
- http://www.efytimes.com/e1/114761/Top--Things-Everyone-Must-Know-About-Digital-Security
- http://recode.net/2014/09/11/what-to-do-if-youve-been-hacked-and-how-to-prevent-it/
- http://gizmodo.com/5932663/9-things-you-absolutely-must-do-to-keep-your-online-identity-secure