How to have that difficult “stay safe online” conversation with your kids
It’s crucial to arm kids with knowledge of how to protect themselves and their information online, not only in the moment, but also for the future – a concept many kids may not really care about or even grasp.
If you’re looking for the best way to start a conversation with your children about online safety as they start using the internet with greater independence, below are some tips to help them (and you!) keep themselves and their information protected.
1. Does it pass the grandmother test?
It can be easy to get swept up in the moment, and suddenly without realizing you’ve said or done something you regret and that you can’t take back. It’s even worse on the internet, as that thing you’ve said or done lives online forever – yes, even if you think you’ve deleted it.
Think for a moment before you post something, and remember that once it’s online it’s out there for everyone to see. If you wouldn’t be comfortable with your grandmother, a teacher, or future employer reading that post, perhaps it shouldn’t go online in the first place.
2. Who are you talking to?
You can’t always be sure of who you’re talking to online, and you definitely can’t be sure of who’s watching or reading.
If an unexpected message pops up from someone you know, be careful. It might be someone pretending to be that person.
3. Protect your information
Whether you’re talking to someone or using an app or a service, it’s crucial to protect your personal information (your full name, your birthdate, or where you go to school), and your location (like where you live, or where you frequently hang out with your friends).
If someone or something is asking for your details, ask yourself why. Who are they, and why do they want this information? What do they want to do with it? Follow your gut instinct: If something feels off about the website or app that’s asking, trust that gut instinct and stop what you’re doing.
4. Don’t be lazy with passwords
It might seem like the easy thing to do – less typing and remembering, right? – but using the same password on every service and app is a really bad idea.
Sites and services get hacked pretty frequently, and hackers will often post a big data dump of all the email addresses and passwords they gather during that hack. Then they take those email addresses and passwords and try them out on other sites and apps, and sadly it often works.
So if you use the same password on a harmless free gaming app and a social media account, if that harmless app gets hacked you may find yourself locked out of your social media account the next day, as your profile has been hacked too.
The solution is really easy: Use unique, strong passwords on every site and app you use.
You can use your browser or mobile device’s built-in password manager, or a third-party manager to do this. Any of these password managers will do two important things: Generate a strong password (one that a hacker couldn’t guess on their own easily), and remember it for you.
5. Use 2FA on your accounts to keep hackers out
For the accounts that are really important to you, taking an extra step to keep them out of a hacker’s hands is really worth doing.
A lot of services, like email, social media, and games offer what’s called multifactor or two-factor authentication. This is an additional measure of security to add to your account that goes beyond passwords. Sometimes the multifactor authentication comes in the form of a numerical code the service texts to you, in other cases the service will help you set up multifactor authentication with a third-party authenticator (like Google Authenticator).
Other services may have their own authenticator app or key generator they will ask you to use – if a service offers multifactor authentication, they’ll walk you through how to set it up and use it.
6. Think before you download
You don’t want to do anything that might make your phone stop working properly, or that could put it under someone else’s control. Download apps or browser extensions from trustworthy sources, otherwise they could allow someone to take control of your device, steal your information, compromise your accounts – and even demand ransom money to release control of the devices and its contents back to you.
7. Check permissions on apps
Take a good look at any permissions the app asks for – does it really need all those permissions? Ask why it needs all that access if it seems excessive, and if you can’t find out why, it might be best to remove it.
8. Don’t share accounts with friends
This one might sound like a no-brainer, but don’t share your passwords with friends either. If your friend gets hacked, then you’re locked out too! (Or if you and your friend have a fight, they might change that shared password in a moment of anger.)
If your friend wants to use the same app or service you’re using, they should get their own account that’s under their control.
9. Remember to log out!
If you’re at a public computer or using some other kind of shared device, like at a library, store, or a lab, remember to log out of any accounts you log in to! (Unless you really want other folks at the Apple Store reading your email.)
These tips are just a part of the ongoing conversation you should be having with your kids. Yes, parental controls exist to set limits on screen time, app access, and even transactions as you feel appropriate, and these can be very useful.
However, they are not foolproof – and one day, like training wheels, they have to come off. That’s why it’s vital that, when that day comes, your kids are well equipped with the knowledge to allow them to safely take control.
Industry: Cyber Security News
- IDAM Business Analyst
- Up to £65,000 Base
A Business Analyst with strong exposure within the Identity & Access or Privileged Access Management space is required by a leading consulting firm. You will have a strong technical understanding of at least one of the following subjects; Privileged Access/ Identity management, Identity Governance and Administration. Vendor experience may include; CyberArk, Sailpoint or Ping Identity. Any of the following vendors could also be advantageous; Oracle’s Identity Manager/ Access Manager or One Identity. The role is to be based in either London or Manchester, with 3-4 days of travel required in a week, that may flex based on the influx of work. This person will have excellent client facing skills, as you will be the primary point of contact between the clientele, and the Engineering team. So prior client facing experience is a must. If this sounds like you, give me a call today on; 0208 663 4030 or email Thomas.Childs@DCLSearch.com Ref: TC7516
- ISO27001 Information Security Consultant
- Up to £60,000
Information Security Consultant with ISO27001 audit and advisory experience is needed for a client facing opportunity with a Cyber Security company in London. Experience with ISO27001 is essential. Activities of the role will include, but not be limited to providing advice to clients, Gap analysis, Risk assessment, analysis, ISO27001 Audits. Experience taking a client through to iso 27001 certification is highly desirable. This Cybersecurity consultancy, who are dedicated to improving and investing in their client's businesses and employees careers, are looking for a security consultant due to expansion. All the training and development will be provided to help them specialise into the PCI industry / Security advisory industry. Ideal certifications ISO27001 Lead Auditor, ISO 27001 Lead implementer, PCI ISA. Aspiring PCI QSA. Other certifications such as CISSP, CISM or CISA are beneficial to have but not required. The ability to SC Clearance is essential. MUST be UK based and realistically able to commute to London. Structured career path, technical training, diverse and interesting clients available. (ISO70001 Lead Auditor, ISO 27001 Lead implementer, PCI ISA. Aspiring PCI QSA, ISO27001 Information Security Consultant) Contact me on email@example.com or 07884666351 or 02086634030 Ref: CH7514
- Google Cloud Data Engineer
- Up to £650 Per Day
Google Cloud Data Engineer London Up to £650 Per Day Duration: 3 months (Potential to extend) We are currently working with a leading Google Cloud partner who are currently looking for a Google Cloud Data Engineer in London. The Google Cloud Data Engineer will be responsible for a new, on-site project (start to finish) designing and implementing a data cataloguing platform using Google Cloud. Current Experience Required Google Cloud Data Analytics (Data Engineering, Data Mining, Data Cataloguing etc.) Cloud PUB / SUB Ref: PG7512
- Professional Services Security Engineer
- United Kingdom
Professional Services Security Engineer with current checkpoint experience is needed for the UK focused client facing implementation/migration, configuration position. The role will be utilising the latest versions of Checkpoint, so someone accredited with either CCSA or CCSE, on at least version R80 is ideal. The Professional Services Security Engineer must have current technical implementation experience using Checkpoint, however, I would look at someone with strong firewalling experience around other vendors such as Palo Alto and Fortinet. Being a multi-vendor professional services business, there is scope for this person to receive training and experience within other vendors. This is a UK wide role, the company in question has 2 offices across the UK, however, there is scope for this person to be home based when not on client site. Vendor training and exposure actively promoted.