A few weeks ago the first of (at time of writing) three batches of hacked private photos of celebrities was released to the general public on various internet forums, taken from their private phones via a suspected exploit in Apple’s iCloud. The sharing of these photos is in itself is a huge breach of privacy and the accompanying comments as these files were shared have caused as much upset to those involved as the theft in the first place.
The responses from security experts and Apple have been a mix of finger pointing and hurried patches, so the question is simply this: is it possible to remain safe online?
Below I share eight key tips for keeping your information under your control when interacting online- I hope you find them of use.
But it does bring me to a Scouting matter which is very pertinent to this matter: Project Compass.
Can you guess where this blog post is going? Are you ready for the tirade of why this system will be the scourge of everything we know and run by four administrators more usually recognised as harbingers of an impending Apocalypse?
I’m sorry to disappoint you. I’m in favour of it.
Scouting at a local level is often (not always, I hasten to add) lapse with data. This is a great step in fixing that and removing many of the steps where vulnerability can creep in. Let me take you to January last year and a typical chain for sending census data from section level to Gilwell.
- GSL asks section leaders for census data, including a spreadsheet for collecting it.
- One leader, or an administrator working with the section, gathers the data, puts it on a spreadsheet and emails it the GSL, copying in the 3 other section leaders so they know it’s been done.
- One of those leaders spots a minor spelling error in a surname and sends the file back to the administrator, who resends it out.
- The GSL sends this on to the county administrator, copying in the DC so they know it’s been done.
- The County administrator sends the data on to Gilwell.
Sound familiar? I spot thirteen points of vulnerability in six different accounts, which unless the emails are deleted (do you delete yours?) stay there for years. The ability for a section leader or administrator to input data into a system and upload that directly to the system without the use of email eliminates most of the vulnerability in this chain. A lot of our volunteers are not computer savvy (admit it, you can name a half dozen Scouters that fit that description without trying) and that knowledge (or lack of) plays a big part in how we interact with our members information.
That’s why I believe it is important that we make more leaders aware of some simple tips to help keep information secure.
Use different passwords
If your login to a single service, however minor, is available to someone and you use the same password on a more important service, you’ve just handed over access. Use different passwords for different services, even if it’s just appending the first letter of the site to the beginning or end of the password.
Know security settings and T&Cs
Signing up to a site? Sharing something with a select group of people on Facebook or G+? Know what sites are allowed to do with your data and if there are options you can tweak to protect data you don’t want in the public domain.
You can add a password to office documents with sensitive data, adding another layer of security. In Microsoft Office you can do this by clicking Save As – Tools – General Options – Password to Open
Tools with Gmail
If you have a Gmail account, you can find out which sites are sharing your data without your consent. Add a plus sign and any word before the @gmail.com when creating a logon eg- firstname.lastname@example.org and email replies will still reach you, but show which service has passed your data onto others. These emails are also then easily filtered to get rid of junk.
Preventing identity and physical theft
Releasing information into the public domain makes it easier to target you for identity theft or scams. Don’t share personal information online, don’t respond to unsolicited emails asking for details (a scam known as phishing), even if they seem legitimate and be careful in putting lots of information out there showing you’re away from home.
Keep notes of genuine phone numbers for services like banking and return calls only to those numbers, not any sent to you via email or text.
Delete redundant data
If you have data that is old and out of date and no longer needed, you aren’t just putting that data at risk, you may be in breach of data protection laws. Delete it.
Run virus/malware scanners often
If you don’t have one, get one. Avast! CCleaner and AVG are all useful free tools for this purpose.
If you wouldn’t want your grandma or employer to see it, don’t put it on social media
It’s a golden rule- keeping the information where you want it doesn’t always happen, so prepare for the worst and make sure that the image of you online is as you would be happy to be seen offline.