A Parent's Guide to Online Safety for Children
There is a lot of information about online safety for families on the internet. In this blog, we discuss seven major areas of concern for parents as well as two major steps to help protect your children online.
ONLINE SAFETY FOR FAMILIES
by Todd Swartzman, RealTime Chief Information Security Officer
image courtesy of ron lach
I have been asked multiple times recently about this very subject, to the point that I feel like I need to research and understand this subject much better from a parental perspective. There is a ton of information out there on the subject, but so far nothing that covers it all.
MAJOR AREAS OF CONCERN
When it comes to online safety, these are the top seven significant areas of concern for parents in regard to their children’s safety:
Social media and the manipulations these platforms engage in online.
Bullying online will typically occur on social media platforms.
Recognizing scams and threats and knowing what actions to take (or things to not do).
Objectionable materials online - websites, videos, ads, pictures, etc.
Are kids communicating with older kids or even adults on social media, in games, email, texts, or in apps?
Texting or sexting…I know this is a cringy topic, but it is necessary.
How do I as a parent monitor/manage/protect my child online and on their phones?
STEPS TO PROTECT YOUR FAMILY
STEP ONE: CONTROL ITEMS IN YOUR HOME
The first step is to better control what things are in your home and what children can access using them. These steps can cost you nothing but maybe 30-45 minutes of your time and are foundational to having a safer experience. Here are four simple steps to reduce some of the risks for your family:
AV and Firewall on your computer.
This is easy for Windows 10 and newer and better than just about any free antivirus you might try and use. Just use the built-in Windows Defender and Windows Firewall with the default settings. Your internet provider most likely gives you a commercial AV product if you just hunt it down on their website.
Spectrum: https://www.spectrum.net/support/internet/security-suite-windows-installation
Comcast: https://www.xfinity.com/support/articles/downloading-the-norton-security-suite?view=app
CenturyLink: https://www.centurylink.com/home/help/internet/security/mcafee.html
Turn on automatic updates and let the computer install them automatically.
This might cause a problem when a bad patch is released, but that is very rare, and it is better to be up-to-date. You can choose to manually install patches, but you would physically need to do it. This applies to the operating system and any applications you have installed.
Use a DNS Filter.
There are a few providers worth a look, all have set up guidance on their websites, and these generally work by changing what DNS servers your home router uses.
Cloudflare - https://blog.cloudflare.com/introducing-1-1-1-1-for-families/ This one is pretty slick in that they have a few options – We like that choosing different DNS servers provides different filters to include blocking of malware and adult content.
OpenDNS – The original with 4 flavors for home users - https://www.opendns.com/home-internet-security/
CleanBrowsing - We had never heard of this one before, but it looks like it ticks more boxes than a DNS filter.
If you have a Windows 10 or 11 computer, there are parental controls built-in, outlined in this article by Microsoft: https://news.microsoft.com/en-in/features/windows-10-parental-controls-feature/
Please understand that none of these recommendations are 100% foolproof, rather they all play a part in reducing the likelihood of problems.
Finally, if you need to backup anything important that you store on your home computer, you can choose to store important stuff in the cloud in a place like Google Docs/Photos or Microsoft One Drive. Using these cloud storage services doesn’t guarantee that you will never experience something going wrong, after all, these are free services. If it’s important, keep at least 2 copies of anything important, one of those offline.
STEP TWO: EDUCATION
Now that we have the foundations in step one set up, let’s train ourselves and our kids on some online safety concepts.
Be Internet Awesome Learning.
Google has “Be Internet Awesome”, an online portal where anyone can interactively learn and apply simple concepts to improve their families’ awareness of potential problems and learn how to respond appropriately in various situations online. This is a simple way to teach your family about some of the problems online and how to respond to them.
Social Media awareness.
The Social Dilemma film, https://www.thesocialdilemma.com/ is a documentary/drama presentation of how social media, search engines, and the like operate under the hood. It’s sometimes a bit overly dramatic, but the central themes are accurate. I am recommending that parents and teens watch this together to understand better the playing field.
Stay tuned for part two where we address monitoring online activities and how to keep up with what is happening on smartphones!
###
IT Breaches for July 2020
This month, healthcare data breaches keep climbing, Twitter apologizes for its breach and more. Read some of the incidents in the articles below:
CYBERSECURITY NEWS
Social Media, Healthcare and Higher Education struggle in cybersecurity
This month, healthcare data breaches keep climbing, Twitter apologizes for its breach and more. Read some of the incidents in the articles below:
Industry: Social Media
Exploit: Accidental Data Sharing
Twitter sent a notification to business clients last week acknowledging a data breach that exposed the personal and billing information of some users. The breach occurred due to an issue that led to some users’ sensitive information being stored in the browser’s cache. Twitter explained that it recently became aware of this issue. Business users were warned that prior to May 20, 2020, if you viewed your billing information on ads.twitter or analytics.twitter your account’s billing information may be at risk.
Twitter did not release an estimate of the accounts affected, but it did specify that only business customers were at risk, and only a percentage of business customers had any details exposed. The leaked information potentially included email addresses, users’ contact numbers, and the last four digits of credit card numbers used for Ads accounts. Twitter business customers should monitor potentially affected payment accounts.
Industry: Healthcare
Exploit: Internal Email Account Compromise
AMT Healthcare revealed this week that it had experienced a data breach affecting a large pool of customers in December 2019 that was discovered through suspicious activity on an employee email account. The California-based company recently completed an investigation into the incident and contacted those who were affected. Potentially compromised data includes patient names, Social Security numbers, medical record numbers, diagnosis information, health insurance policy information, medical history information, and driver’s license/state identification numbers.
Anyone that may be at risk of compromise was informed this week. Extremely sensitive data was compromised in this breach, and those affected should beware of the potential for fraud, identity theft, and spear phishing attempts that this stolen data creates. A filing of the account posted to the breach portal at the U.S. Department of Health and Human Services noted that potentially affected patients are being offered free credit monitoring services.
When clients choose to do sensitive business with a company, they’re also trusting that company to guard their information. This imperative is even stronger for companies that collect health information. Not only does a data breach cost healthcare organizations patient confidence, but it also costs a fortune in HIPPA-related fines.
Industry: Higher Education
Exploit: Ransomware
The University of California San Francisco (UCSF) confirmed this week that it paid cybercriminals $1.14 million to decrypt data following a ransomware attack. Although UCSF was able to detect the incident quickly, it was not fast enough to allow cybersecurity teams to quarantine the affected servers, and a significant portion of its medical school and research data was encrypted. The ransom was demanded to free essential COVID-19 research data that was captured in an intrusion on June 1. Reports indicate that UCSF was one of four academic institutions targeted in a single week by the Netwalker ransomware group.
Ransomware is a growing menace to every organization, and it’s not just sensitive business or financial data that Dark Web criminals are after. Research data has become an increasingly hot commodity. Paying ransoms to cybercriminals to decrypt research data sets a dangerous precedent. Collecting large sums will embolden other groups that can take down big fish to score big paydays.
4 STEPS TO A HEALTHY ONLINE REPUTATION
Ensuring that you have a large online presence with a controlled message is very important. We have four ways to help your business protect its online reputation.
1. Be in control
Ensuring that you have a large online presence with a controlled message is very important. Below are several ways to ensure that your business has its best foot forward.
- Company Website
- Social Media Channels: Facebook, LinkedIn, Twitter, etc...
- Company Blog
- Online Advertising including Google Adwords or other sponsored content
2. Follow Review Networks
The following list is just a few places to check for reviews to monitor your online presence. Some are industry-specific and you can certainly do a search to find more review-based sites:
- Yelp
- Google Reviews
- Angie's List
- Zocdoc
- WebMD
- Angies List
3. Setup google alerts
This is a great free tool that allows you to monitor what is being said about your company online. You can set it up to monitor different ways and frequency based on your preferences.
- Enter a term you want to monitor (i.e. company name, high-level employees, etc.)
- Prioritize alerts (i.e. "company name + fraud")
- Use it to monitor everything from your competitor to current industry topics
4. Research and Maintain
- Do a general Google search of your company to see where you appear
- Use yext.com, a free tool that will discover online directory listings for you. Use this to claim your listings and be sure to maintain.
- Be sure to check your own social media site reviews on a regular basis
FINALLY
Being aware of what is online about your company is key to creating and maintaining a healthy online reputation. If, and when, you run across negative feedback (you will, because it happens to the best of us) be sure to respond in a prompt, professional manner.