How to have that difficult “stay safe online” conversation with your kids
It’s crucial to arm kids with knowledge of how to protect themselves and their information online, not only in the moment, but also for the future – a concept many kids may not really care about or even grasp.
If you’re looking for the best way to start a conversation with your children about online safety as they start using the internet with greater independence, below are some tips to help them (and you!) keep themselves and their information protected.
1. Does it pass the grandmother test?
It can be easy to get swept up in the moment, and suddenly without realizing you’ve said or done something you regret and that you can’t take back. It’s even worse on the internet, as that thing you’ve said or done lives online forever – yes, even if you think you’ve deleted it.
Think for a moment before you post something, and remember that once it’s online it’s out there for everyone to see. If you wouldn’t be comfortable with your grandmother, a teacher, or future employer reading that post, perhaps it shouldn’t go online in the first place.
2. Who are you talking to?
You can’t always be sure of who you’re talking to online, and you definitely can’t be sure of who’s watching or reading.
If an unexpected message pops up from someone you know, be careful. It might be someone pretending to be that person.
3. Protect your information
Whether you’re talking to someone or using an app or a service, it’s crucial to protect your personal information (your full name, your birthdate, or where you go to school), and your location (like where you live, or where you frequently hang out with your friends).
If someone or something is asking for your details, ask yourself why. Who are they, and why do they want this information? What do they want to do with it? Follow your gut instinct: If something feels off about the website or app that’s asking, trust that gut instinct and stop what you’re doing.
4. Don’t be lazy with passwords
It might seem like the easy thing to do – less typing and remembering, right? – but using the same password on every service and app is a really bad idea.
Sites and services get hacked pretty frequently, and hackers will often post a big data dump of all the email addresses and passwords they gather during that hack. Then they take those email addresses and passwords and try them out on other sites and apps, and sadly it often works.
So if you use the same password on a harmless free gaming app and a social media account, if that harmless app gets hacked you may find yourself locked out of your social media account the next day, as your profile has been hacked too.
The solution is really easy: Use unique, strong passwords on every site and app you use.
You can use your browser or mobile device’s built-in password manager, or a third-party manager to do this. Any of these password managers will do two important things: Generate a strong password (one that a hacker couldn’t guess on their own easily), and remember it for you.
5. Use 2FA on your accounts to keep hackers out
For the accounts that are really important to you, taking an extra step to keep them out of a hacker’s hands is really worth doing.
A lot of services, like email, social media, and games offer what’s called multifactor or two-factor authentication. This is an additional measure of security to add to your account that goes beyond passwords. Sometimes the multifactor authentication comes in the form of a numerical code the service texts to you, in other cases the service will help you set up multifactor authentication with a third-party authenticator (like Google Authenticator).
Other services may have their own authenticator app or key generator they will ask you to use – if a service offers multifactor authentication, they’ll walk you through how to set it up and use it.
6. Think before you download
You don’t want to do anything that might make your phone stop working properly, or that could put it under someone else’s control. Download apps or browser extensions from trustworthy sources, otherwise they could allow someone to take control of your device, steal your information, compromise your accounts – and even demand ransom money to release control of the devices and its contents back to you.
7. Check permissions on apps
Take a good look at any permissions the app asks for – does it really need all those permissions? Ask why it needs all that access if it seems excessive, and if you can’t find out why, it might be best to remove it.
8. Don’t share accounts with friends
This one might sound like a no-brainer, but don’t share your passwords with friends either. If your friend gets hacked, then you’re locked out too! (Or if you and your friend have a fight, they might change that shared password in a moment of anger.)
If your friend wants to use the same app or service you’re using, they should get their own account that’s under their control.
9. Remember to log out!
If you’re at a public computer or using some other kind of shared device, like at a library, store, or a lab, remember to log out of any accounts you log in to! (Unless you really want other folks at the Apple Store reading your email.)
These tips are just a part of the ongoing conversation you should be having with your kids. Yes, parental controls exist to set limits on screen time, app access, and even transactions as you feel appropriate, and these can be very useful.
However, they are not foolproof – and one day, like training wheels, they have to come off. That’s why it’s vital that, when that day comes, your kids are well equipped with the knowledge to allow them to safely take control.
Industry: Cyber Security News
- Identity & Access Management (IdAM) Consultant
- Upto €100,000 plus bonus and benefits
An Identity & Access Management Consultant is needed to lead and drive technical and or business transformation projects in a client-facing position for a prestigious consultancy in Germany. The Identity & Access Management Consultant will be responsible for technical design and implementation of Identity & Access Management/IAM products within a wide variety of clients. The Identity & Access Management Consultant will have a blend of technical hands-on and client-facing consultancy with the ability to develop new business. Broad technical knowledge across Identity and access management is benefical. The Identity & Access Management Consultant will need to have technical hands-on experience with one or more of the following core areas; Privileged Access Management (PAM, CyberArk, Beyondtrust, Thycotic) Identity Governance Administration (IGA, Sailpoint, Omada, RSA) Customer Identity & Access Management (CIAM, Forgerock PSD2) The Identity & Access Management Consultant must have the willingness to travel to customer sites across Germany.
- PCI DSS Security Specialist, Level 1 Service Provider,
CH7827 Payment Card Industry DSS Security Specialist, Level 1 Service Provider End User. £75,000 Flexible location, ocassional travel to London- Covid permitting Payment Card Industry DSS Security specialist needed to join a Security team to work with a highly respected CISO within a Level 1 Payment Service Provider. The PCI- DSS Security Consultant will have end to end responsibility for PCI - DSS and its continuing certification. 2021 / 2022 plan is to transition PCI to the cloud. Experience must include a focus into the Payment Card Industry. A mix of Information Security standards, frameworks, audit principles, controls / policies and the management and use of the technical tooling to achieve compliance is essential. PCI objectives / 12 key requirements, OWASP top 10, ISO 27001, NIST Cybersecurity Framework etc An ideal candidate will be working within an end user environment with a cyber consultancy background. PCI Cloud compliance, specifically someone with experience taking PCI-DSS from on premise into the cloud is HIGHLY desired. However, someone with Solid PCI experience with a strong technical background which include Cyber / Secure by design etc would be considered. Experience managing internal stakeholders and external third parties essential. Flexible working, but with the ability to get into London. This is an exclusive role to DCL Search & Selection. Arrange a call with Chris Holt on https://calendly.com/chris-holt/arrange-a-call-chris-dcl-pci-compliance
- SPLUNK Level 3 SOC Consultant, SIEM Splunk, London / Birmingham
REF CH7825 Level 3 SOC Consultant, SIEM Splunk, London / Birmingham £55,000 + Level 3 SOC Consultant, SIEM SPLUNK needed. Security Clearance. Permanent role Level 3 SOC Consultant, SIEM SPLUNK needed to join a public sector client. The ability to achieve SC clearance is essential. MUST have experience working with SPLUNK ideally to an Advanced Power User level. Splunk Enterprise Security (ES) knowledge and hands on experience highly desirable. The role will include, but not be limited to; managing and handling incidents end to end, supporting and mentoring level 1 / level 2 staff, supporting the SOC manager in the delivery of the SOC roadmap, engaging with the client stakeholders (other technical teams) as and where needed, use case development, advanced search and reporting etc. The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt use this calendy link https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Chris.Holt@dclsearch.com
- SPLUNK Level 3 SOC Consultant, SIEM Splunk, London
SPLUNK Level 3 SOC Consultant, SIEM Splunk,, Must be able to commute to London Client site in London- able to get to site- Covid permitting- Must be able to achieve Security clearance. The SPLUNK Level 3 SOC Consultant must have current experience working within a SOC environment with specific experience using a range of tools and techniques to investigate security incidents. Current experience with Splunk is essential. any additional experience Individuals with Elastic Security SIEM are desirable. Any of the following certifications are desirable Splunk Phantom certified admin, Splunk Core Certified Power User / Advanced, Splunk Certified Enterprise Security Admin, etc The role will include, but not be limited to working with sophisticated information security tools, investigating security incidents, managing and handling incidents end to end, supporting and mentoring level 1 / level 2 staff, supporting the SOC manager in the delivery of the SOC roadmap, engaging with the client stakeholders (other technical teams) as and where needed, use case development, advanced search and reporting incident management, technical escalation, process improvement, research into the latest threats, reporting etc The individual MUST currently be living in the UK and be able to achieve UK security clearance. (SC) This is a permanent role To arrange a call with Chris Holt https://calendly.com/chris-holt/arranged-call-with-chris-holt-remote-soc-role Chris.Holt@dclsearch.com