Adventures in Social Care: SSSC Open Badges 6

Doing the Digital Security badge encouraged me to do something that I have been meaning to do for a while, create an account with a password manager. Over the past few months several of my accounts have been compromised and I have received notifications from my email providers that although the hackers have not gotten into my account I should change my login details. Due to this I have been researching digital security for a while now.

There is a vlogger on YouTube that does videos on Digital Security called Computerphile (link below). I watched his video on choosing a password. When I signed up to a password manager site I then referred back to his video to create the password for that account.

I went onto howsecureismypassword.net and checked the password I created for my new password manager account.

I looked at Splashdata’s article on Worst Passwords and thankfully I have never used any of the passwords on the list. When I was first introduced to the internet I was living with a very tech savvy woman who worked in cyber security and so I was always taught to keep my passwords secure.

I checked the permissions that apps have on my phone. There wasn’t any permissions which necessarily surprised me however it is very frustrating that for most applications you cannot limit the amount of information that an app has access to without getting rid of the app. It should not be a given that just because I don’t want an app to have access to my location, microphone or camera that I do not want the app. However I do understand that for many apps there are permissions which are not directly related to the function of the app. Netflix is a good example of this. They may not need your location in order to play a video but they do need your location in order to determine which of their licenses applies in the country you are in so that they can limit your view to only videos that have a license to be shown in the country you are in otherwise they may be in breach of copyright law. This is why you have different movies and series on Netflix depending on where you are in the world.

I do back up most of the information on my devices onto a cloud so I save my preferences on the cloud accounts rather than on my phone and regularly check with the settings to make sure that they have not changed with updates.

I am very cautious of games online which ask for my details. I am also very cautious of sharing anything with says please copy and paste this and share to bring luck or to give prayers as this is a way for hackers to see who is vulnerable to cyber-attack. Another thing I try not to share is anyone with a picture of an individual saying that they are missing or that they have done something criminal unless it is from a police website. This is because there are people who are possibly in domestic violence situations or similar who are trying to escape their attackers and are found by well-wishers on the internet and the information as to where they are is delivered to their attackers. As for those who claim an individual has done something criminal, they may not have done anything and the individual who has started the post has a vendetta. I try to only share from credible sources.

I watched the video Wifi from the Metropolitan Police. They recommend either not sharing sensitive information on open wifi networks or using a VPN.

I did some research on VPNs and found it a very confusing subject. Many people use VPN’s for illegal purposes such as changing their location to get around the licencing on Netflix and other video platforms. This means that what VPNs are available are subscription based and the ones that are free have a data cap on them to prevent misuse. Government in various countries are also trying to crack down on VPNs.

This makes not sharing sensitive information across open Wi-Fi networks the best policy.

One of the threat to digital security that I as a support worker can help to combat is financial fraud. It is becoming more common for criminals to contact vulnerable people and pose as trusted people in order to gain the vulnerable person’s information. As a support worker I can make my clients aware that people from trusted organisations will not call and ask for your details over the phone or email you to ask for your information. I can advise them that they should not click on links from emails and instead go directly to the websites of trusted sites. I can advise them that if they feel dubious about who they have been contacted by from their banks that they should go into the branch.