SSSC Open Badges 6

Doing the Digital Security badge encouraged me to do something that I have been meaning to do for a while, create an account with a password manager. Over the past few months several of my accounts have been compromised and I have received notifications from my email providers that although the hackers have not gotten into my account I should change my login details. Due to this I have been researching digital security for a while now.

There is a vlogger on YouTube that does videos on Digital Security called Computerphile (link below). I watched his video on choosing a password. When I signed up to a password manager site I then referred back to his video to create the password for that account.

I went onto howsecureismypassword.net and checked the password I created for my new password manager account.

I looked at Splashdata’s article on Worst Passwords and thankfully I have never used any of the passwords on the list. When I was first introduced to the internet I was living with a very tech savvy woman who worked in cyber security and so I was always taught to keep my passwords secure.

I checked the permissions that apps have on my phone. There wasn’t any permissions which necessarily surprised me however it is very frustrating that for most applications you cannot limit the amount of information that an app has access to without getting rid of the app. It should not be a given that just because I don’t want an app to have access to my location, microphone or camera that I do not want the app. However I do understand that for many apps there are permissions which are not directly related to the function of the app. Netflix is a good example of this. They may not need your location in order to play a video but they do need your location in order to determine which of their licenses applies in the country you are in so that they can limit your view to only videos that have a license to be shown in the country you are in otherwise they may be in breach of copyright law. This is why you have different movies and series on Netflix depending on where you are in the world.

I do back up most of the information on my devices onto a cloud so I save my preferences on the cloud accounts rather than on my phone and regularly check with the settings to make sure that they have not changed with updates.

I am very cautious of games online which ask for my details. I am also very cautious of sharing anything with says please copy and paste this and share to bring luck or to give prayers as this is a way for hackers to see who is vulnerable to cyber-attack. Another thing I try not to share is anyone with a picture of an individual saying that they are missing or that they have done something criminal unless it is from a police website. This is because there are people who are possibly in domestic violence situations or similar who are trying to escape their attackers and are found by well-wishers on the internet and the information as to where they are is delivered to their attackers. As for those who claim an individual has done something criminal, they may not have done anything and the individual who has started the post has a vendetta. I try to only share from credible sources.

I watched the video Wifi from the Metropolitan Police. They recommend either not sharing sensitive information on open wifi networks or using a VPN.

I did some research on VPNs and found it a very confusing subject. Many people use VPN’s for illegal purposes such as changing their location to get around the licencing on Netflix and other video platforms. This means that what VPNs are available are subscription based and the ones that are free have a data cap on them to prevent misuse. Government in various countries are also trying to crack down on VPNs.

This makes not sharing sensitive information across open Wi-Fi networks the best policy.

One of the threat to digital security that I as a support worker can help to combat is financial fraud. It is becoming more common for criminals to contact vulnerable people and pose as trusted people in order to gain the vulnerable person’s information. As a support worker I can make my clients aware that people from trusted organisations will not call and ask for your details over the phone or email you to ask for your information. I can advise them that they should not click on links from emails and instead go directly to the websites of trusted sites. I can advise them that if they feel dubious about who they have been contacted by from their banks that they should go into the branch.

Computerphile: https://www.youtube.com/watch?v=3NjQ9b3pgIg

How Secure is my Password: https://howsecureismypassword.net/

Worst Annual Password List: https://www.teamsid.com/worst-passwords-2015/

PC Mag review of Password Managers: http://uk.pcmag.com/password-managers-products/4296/guide/the-best-password-managers-of-2017

Metropolitan Police Wifi: https://www.youtube.com/watch?time_continue=30&v=hJ5-3vDOsAA

Tech Radar Best free VPNs: http://www.techradar.com/news/the-best-free-vpn

SSSC 23 Things Digital – Thing 5: Social Media #1

On 23 August 2017 I re-familiarised myself with my company’s policies on Social Media. The policies were centred on conducting yourself in a professional manner when online. There is a section in the company’s policy that makes reference to having an awareness of your digital footprint and highlights that this may have an effect, not just on the individuals image, but also the company image.

This policy is useful as the people who use our service or their families can look up their support workers on google and having an awareness of your digital footprint can inform you on what your online reputation is and look to change it if necessary.

The policies also adhered to data protection and right to privacy by stating that employee must not post anything on the internet which could be considered confidential.

This policy is necessary in a social care setting where support workers are dealing with sensitive information surrounding the people they work with on a regular basis. Sharing sensitive information online could not only lead to disciplinary action but could also be a criminal action.

The company policy makes employees aware that allowing use of social media to interfere with working may lead to disciplinary action.

Use of any distracting activity during working hours has a negative impact on the care provided as it distracts people from their task that they have been employed to do.

Overall the policies from my organisation regarding social media are very basic. This is because the organisation I work for doesn’t use social media often. They do have a Facebook page and a website however the Facebook page mostly just shares news and updates from training providers and organisations like the SSSC and the website is out of date. The organisation I work for is a small business and does not have the resources both in money and manpower to maintain a strong presence online.

I read the article “How to Separate the Personal and Professional on Social Media” on Harvard Business Review on 23^rd August. From the article I have identified that I use a content strategy for my social media posts. I rarely post my own content and mostly share content created by other people. In my blogs and website I have a beta reader – someone who checks over all of my content before I post it online in order to make sure the information I post reads the way I want it to and to check that it is less likely to be misconstrued by others.

Although the custom strategy would probably be a better strategy I feel this would be a lot more complicated for me to use as I am not organised enough to keep separate accounts for my personal and work life, particularly as I have two professional lives to balance as a support worker and as a costume maker. I feel the custom strategy would be more suitable for someone more tech savvy than me.

I read the article “Social workers cannot ignore the role of social media in the profession” on The Guardian website on 23^rd August. I agree with the article saying that there is a “climate of fear” surrounding the use of social media in social care. Maintaining a professional boundary when a person who uses the service requests to be your friend on Facebook is difficult especially when you know that that person has full capacity and is capable of making their own decisions.

I feel that the main concern for support workers and other social care staff is data protection. It would be useful for example to have a way to communicate with all of the workers who are involved in the care of one individual to pass messages such as “Mr X needs milk” however in order to do this there may be some staff who work with more clients who would end up with many different communication channels which would be hard to regulate. Also if all of the staff of an organisation were involved in the communication it would run into problems with data protection as the staff would need a way to refer to their client without using any personal details such as their name. It would also have to use a secure encrypted server in order to ensure that the data was protected and small businesses could not afford this.

For now the way of passing messages is that everything is passed to the supervisor/manager and they pass the message on to the relevant parties through telephone calls or face to face interactions. This is time consuming.

Social media is greater used regarding training and personal development where data protection is not as much of an issue. I feel confident using social media for my own development and training but I do not feel confident in using social media to help create a person centered service for my clients as I am very cautious of the data protection laws surrounding social care and I am unclear in how I could use social media in that regard.

Link for Harvard Business Review article: https://hbr.org/2015/03/how-to-separate-the-personal-and-professional-on-social-media

Link for the Guardian article: https://www.theguardian.com/social-care-network/2016/apr/07/social-workers-social-media