How to have that difficult “stay safe online” conversation with your kids
Our friends at Sophos have published this really informative article, which we wanted to share with our customers. Some great tips are mentioned below to help you support your children when it comes to online safety. The following article was published on Naked Security by Sophos on October 1, 2018.
It’s crucial to arm kids with knowledge of how to protect themselves and their information online, not only in the moment, but also for the future – a concept many kids may not really care about or even grasp.
If you’re looking for the best way to start a conversation with your children about online safety as they start using the internet with greater independence, below are some tips to help them (and you!) keep themselves and their information protected.
1. Does it pass the grandmother test?
It can be easy to get swept up in the moment, and suddenly without realizing you’ve said or done something you regret and that you can’t take back. It’s even worse on the internet, as that thing you’ve said or done lives online forever – yes, even if you think you’ve deleted it.
Think for a moment before you post something, and remember that once it’s online it’s out there for everyone to see. If you wouldn’t be comfortable with your grandmother, a teacher, or future employer reading that post, perhaps it shouldn’t go online in the first place.
2. Who are you talking to?
You can’t always be sure of who you’re talking to online, and you definitely can’t be sure of who’s watching or reading.
If an unexpected message pops up from someone you know, be careful. It might be someone pretending to be that person.
3. Protect your information
Whether you’re talking to someone or using an app or a service, it’s crucial to protect your personal information (your full name, your birthdate, or where you go to school), and your location (like where you live, or where you frequently hang out with your friends).
If someone or something is asking for your details, ask yourself why. Who are they, and why do they want this information? What do they want to do with it? Follow your gut instinct: If something feels off about the website or app that’s asking, trust that gut instinct and stop what you’re doing.
4. Don’t be lazy with passwords
It might seem like the easy thing to do – less typing and remembering, right? – but using the same password on every service and app is a really bad idea.
Sites and services get hacked pretty frequently, and hackers will often post a big data dump of all the email addresses and passwords they gather during that hack. Then they take those email addresses and passwords and try them out on other sites and apps, and sadly it often works.
So if you use the same password on a harmless free gaming app and a social media account, if that harmless app gets hacked you may find yourself locked out of your social media account the next day, as your profile has been hacked too.
The solution is really easy: Use unique, strong passwords on every site and app you use.
You can use your browser or mobile device’s built-in password manager, or a third-party manager to do this. Any of these password managers will do two important things: Generate a strong password (one that a hacker couldn’t guess on their own easily) and remember it for you.
5. Use 2FA on your accounts to keep hackers out
For the accounts that are really important to you, taking an extra step to keep them out of a hacker’s hands is really worth doing.
A lot of services, like email, social media, and games offer what’s called multifactor or two-factor authentication. This is an additional measure of security to add to your account that goes beyond passwords. Sometimes the multifactor authentication comes in the form of a numerical code the service texts to you, in other cases the service will help you set up multifactor authentication with a third-party authenticator (like Google Authenticator).
Other services may have their own authenticator app or key generator they will ask you to use – if a service offers multifactor authentication, they’ll walk you through how to set it up and use it.
6. Think before you download
You don’t want to do anything that might make your phone stop working properly, or that could put it under someone else’s control. Download apps or browser extensions from trustworthy sources, otherwise they could allow someone to take control of your device, steal your information, compromise your accounts – and even demand ransom money to release control of the devices and its contents back to you.
7. Check permissions on apps
Take a good look at any permissions the app asks for – does it really need all those permissions? Ask why it needs all that access if it seems excessive, and if you can’t find out why, it might be best to remove it.
8. Don’t share accounts with friends
This one might sound like a no-brainer, but don’t share your passwords with friends either. If your friend gets hacked, then you’re locked out too! (Or if you and your friend have a fight, they might change that shared password in a moment of anger.)
If your friend wants to use the same app or service you’re using, they should get their own account that’s under their control.
9. Remember to log out!
If you’re at a public computer or using some other kind of shared device, like at a library, store, or a lab, remember to log out of any accounts you log in to! (Unless you really want other folks at the Apple Store reading your email.)
These tips are just a part of the ongoing conversation you should be having with your kids. Yes, parental controls exist to set limits on screen time, app access, and even transactions as you feel appropriate, and these can be very useful.
However, they are not foolproof – and one day, like training wheels, they have to come off. That’s why it’s vital that, when that day comes, your kids are well equipped with the knowledge to allow them to safely take control.