Our lives are increasingly spent on the internet. As we consume news, socialise and pay for services online and on mobile, at the back of our mind is, how safe are we?
Safe Internet Day is celebrated worldwide every February 5. The European Union initiative was started in 2004 to create public awareness on how to enjoy services online safely.
This year’s theme, “Together for a Better Internet”, is meant to inspire the conversation on how the Net can be used responsibly and respectfully. This means that all of us, not just information technology professionals, need to be concerned about our online security.
We access the internet at home through smartphones and fibre optic connections. This means that all our devices — computers, gaming systems, televisions, tablets and wearable devices — are now connected to the internet round the clock. Yet, to many people, it is an impossible task to understand how to secure it.
A security measures we can put in place at home is to ensure that our passwords are strong enough not to be easily guessed by an intruder. This might mean changing the default passwords provided by your service provider.
It’s always important to ensure that such devices receive software updates frequently, and this can be set to be an automatic task.
An increasing challenge at home is the access of harmful content. Most parents will struggle with content that is inappropriate for their children. One way to handle this is through parental control features, which are available as an opt-in with most devices.
Separately, one can easily download software that can restrict the type of content that is available. The Communication Authority of Kenya (CA) has provided a guideline on this.
Grade One pupils can now access digital tablets. This gives them access to an array of possibilities. As children start to use these gadgets, we need to start a conversation about their online privacy and how it needs to be protected.
As children access social media accounts, they might want to overshare on their daily lives.
Again, it is always important to make sure that they consider who they are sharing this information with and what the post will look like in 10 years when they will be out of school and in the job market. They should know that the internet never forgets.
Cyberbullying is an increasing menace and our children must know how to identify bullies online and how to report them.
Bullies, too, must know that the law is quickly tightening against them. The suspended Computer Misuse and Cybercrimes Act provides for a fine of Sh20 million or 10 years imprisonment or both for online bullies on conviction.
Traditionally, the task of securing an organisation fell to the IT team. But from the recent cyberattacks, we have learnt that end users could be the weakest link in any organisation. In fact, KnowBe4, a global company that tracks user awareness, estimates that 91 per cent of all attacks have an element of human failure to it.
It has emerged that it is important to ensure all staff understand the security implications of all the computing resources to which they have access.
Creating awareness among employees — like placing posters about cybersecurity on their desks, testing their understanding of security and identifying malicious intruders — will strengthen the organisation’s email and online accounts by adding extra layers of security beyond a username and password.
Internet of things (IOT) is an emerging topic of technical, social and economic significance. These smart devices — such as smart TVs, nanny cameras, smart locks in our offices and at home and smart vehicles — are all over the place. These items increase the attack surface and it’s always important to ask about security considerations before jumping into the latest fad.
Practising cybersecurity hygiene can help you to be safer while on the internet. This includes having data backups and, for smartphones, this is usually provided by companies such as Google and Apple, changing default passwords, and having strong passwords for your online accounts.
For social media, in addition to using a strong password, one can enable two-factor authentication, which ensures that one receives a verification code before being allowed to access the account.
Internet will remain part of our daily lives, and fraudsters will always try to exploit our online accounts, but we need to stay ahead of the crooks and secure our online presence.
Stay safe out there!
Mr Bett, a principal cybersecurity consultant at Stract Consulting Ltd, is the president of ISACA Kenya Chapter. [email protected]