digital security Archives

Kids Home? Rethink Their Digital Security or it Will Bite You

July 22, 2020/0 Comments/in digital security /by Robert Siciliano

If you had asked me a few months ago what I felt about “screen time” and kids, I would have told you that I wouldn’t give my kids their own devices or allow social media accounts until they were 15. But things have changed. Now, I’m happy to let the kids on the family tablet, and even allow them to use things like FaceTime, games, and email. Why? Because I want to make sure that they have some type of connection to the outside world.

However, this didn’t happen without some ground rules, not only to keep the kids safe, but to make sure they don’t totally fall headfirst into cyberspace. Here’s some tips:

No Social Media

Oh you didn’t think I was gonna give you a pass did you? No, my 14-year-old is still not on social media, and she doesn’t complain about it, she doesn’t miss it, and she’s better off for it. First of all, it’s a time suck, it’s often a cesspool of BS, misinformation, disinformation, and just plain mean-ness.

Sure my kids might get the occasional TikTok video from one of their friends, but they don’t have the app, they’re not spending any time on it, and while they might learn a TikTok dance or two, they’re certainly not recording one and posting it online.

Teach Your Kids to Respect Digital Devices

There are a number of ways that you can do this, including setting a rule that they must ask permission before they use the device or go online. By doing this, you are making them conscious of their actions.

Set Rules on When They Can Have Access to Certain Apps or Devices

Another thing you can do is make sure that you set rules about when your kids can access certain devices or aps. For instance, maybe make a rule that they must use devices in common areas, or they can only use game apps after dinner. Whatever the case, you should be checking in on what they are doing.

Create a Schedule

Only allow your kids to use devices when you are available to help or when you know they can’t get in trouble. Allow them to watch Netflix while you are in an online meeting but bring the remote with you.

Create an Agreement

Also, think about a “tech agreement” for your kids. If they break the rules, there will be consequences, just like they have with other rules in your home.

Discuss Online Privacy and Tone

One of the most important things to do is discuss online privacy and tone. Kids don’t always realize that what goes on the internet can stay there forever. Suggest, perhaps, telling your kids not to do anything they wouldn’t do or say with grandma in the room. It works.

Tell Them Your Expectations

Talk to your kids about what you are comfortable with…or not…when they are online. For instance, if you don’t want them talking to strangers, there are email programs that allow you to approve and email that is sent and received. There are similar chat programs.

Is it Time to Talk About Pornography?

This might be the perfect time to talk about pornography, too. Experts say conversations about this should start around kindergarten. To minimize the chances your kid will access it, use parental controls or kid-friendly browsers.

Understand that Kids Will be Kids

Finally, take a deep breath and realize that kids will be kids. As long as they are being safe and polite, allowing them access to these things might be the best way to get through these nationwide quarantines.

ROBERT SICILIANO CSP, is a #1 Best Selling Amazon author, CEO of CreditParent.com, the architect of the CSI Protection certification; a Cyber Social and Identity and Personal Protection security awareness training program.

Your Kids Digital Lives Are in Shambles

January 17, 2019/0 Comments/in digital security /by Robert Siciliano

If you have a teenager, you probably have a battle in play: do you or do you not manage your teens mobile devices. Though some parents see this as an invasion of their child’s privacy,(which, frankly, is stupid) there are many reasons why you should start managing what they are doing online.

Some of these reasons make a lot of sense. Mainly, what your kid does at age 17 and under, is your responsibility, or in essence, your fault if they screw up. If they send a nude photo, that’s child porn, and that will come back to bite YOU and them.

And, the research data is out there, for instance, a teenager who has limits on how long they can sit on their phone will be better prepared to get into the real world because they can focus and unplug. Many people believe and research strongly suggests that too much screen time leads to addiction, which could definitely negatively affect the life of the child. There is also the fact that spending too much time on one activity, such as watching endless YouTube videos, causes other responsibilities to suffer. This leads to poor time management skills.

Time management is crucial for a child to develop in the younger years. Even the CEO of Microsoft believes that people are spending too much time focused on the screen. Microsoft actually did a study that showed the average attention span of a human is only about 8 seconds; shorter than a goldfish.

What does this tell you as a parent? It means that it might be time to teach your kids how to better manage their time and to avoid distractions from their cell phones. The best results start when they are younger, but it could still be worth it trying to enforce this as they get older. If not, you could see that your kids are being passed by others as they get older; others who know how to focus their attention.

Most parents don’t enforce these types of things because they don’t want to fight with their kids over it. They know that there is going to be a battle, and they are probably fighting their kids about other things, too, so they don’t want to add onto that.

If you are thinking about doing this, but having second thoughts, don’t think about it as a punishment for your child. Instead, think about it as time that they will have to focus on other things. You also might want to try it yourself and spend more time with them. Though you might not even realize it, many adults have issues with too much screen time, too, and this change could be positive for your entire family.

Robert Siciliano personal security and identity theft expert and speaker is the author of Identity Theft Privacy: Security Protection and Fraud Prevention: Your Guide to Protecting Yourself from Identity Theft and Computer Fraud. See him knock’em dead in this Security Awareness Training video.

Smart and Easy Ways to Protect Your Digital Life

June 6, 2017/in digital security /by Robert Siciliano

Even if you don’t realize it, your identity is all over the internet. Whether you posted to an internet forum in 1996 or you ever had a MySpace page, this information is still out there, and you have to protect it. Here are some simple and easy ways that you can protect your digital life:

Change Passwords – The first thing you should do is make sure you are regularly changing passwords. Make your passwords difficult to guess, and a mixture of letters, numbers, and symbols. Also, make sure that you are protecting your account when resetting passwords. For instance, you should have to answer “knowledge based authentication questions” before making a change.
Take a Look at Account Activity – Many companies allow users to check out their recent activity. Google, Facebook, and Twitter are three examples. If something seems out of place, report it, immediately.
Close Accounts You Don’t Use – Do you have an old MySpace page? Did you start a Blogger and never use it? If so, go and delete those accounts before they get hacked.
Don’t Share Too Much – What do you share online? Are you getting too personal? Hackers can use personal information, such as your birthday, or even favorite sports team, to get into your accounts. This is especially the case if you choose to use this information in your passwords or in your password reset or knowledge based authentication questions.
Use a VPN – With all of the talk about internet security making headlines, the safest way to access public Wi-Fi is through a VPN. A VPN, or virtual private network, encrypts your information.
Don’t share account passwords – STOP THE MADNESS! Though you might think it’s cute to share a social media account with your spouse, it’s also dangerous. The more people who have access to your accounts, the higher the chances of getting hacked.
Choose Trusted Contacts – Make sure to choose a couple of friends or family members as trusted contacts. That way, if you get kicked out of your social media accounts, they (meaning their email or mobile#) can help you get back in.
Update All of Your Software – Finally, make sure that you are updating all of your software such as your OS, apps, or even Office docs when prompted. Don’t let those updates wait. Many of them contain important security updates, too.

Robert Siciliano personal security and identity theft expert and speaker is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video.

Don’t pick up that USB Drive!

May 20, 2016/in computer security, computer virus /by Robert Siciliano

What a very interesting experiment: Researches randomly deposited 297 USB drives (aka USB stick, flash drive, thumb drive) around the University of Illinois Urbana-Champaign campus. They wanted to see just how many, and how soon after dropping them off, they’d be collected by people.

Turns out that 48 percent of the drives were taken and inserted into computers. The report at theregister.co.uk says that in some cases, this was done minutes after the drives were left in the public spots.

Picking up a USB drive off the streets and plugging it into your computer is akin to picking up discarded food off a sidewalk and eating it. You just never know what kind of infection you’re going to get.

And what you might get is a virus crashing your computer or stealing your data. That USB stick could contain malware—either left in public as a prank, or innocently lost or discarded without the original owner knowing it’s infected.

Or…it might have been left in a public spot by a hacker with full intent of gaining control of your computer to collect your personal data and committing fraud, such as opening lines of credit in your name or emptying out your bank account.

The USB sticks for the study contained HTML files with embedded img tags. The tags allowed the researchers to track the USB activity, which is how they new that, for instance, one of them was plugged into a computer only six minutes after it was left to be “found.”

Only 16 percent of the people who picked up the sticks actually scanned them to check for viruses before plugging them into their computers. And 68 percent simply inserted them without any regards to what they could get transferred into their computers.

Some users trusted that there was no harm.
Some plugged in the drive to seek out the owner.
Some intended to keep the stick.
Conclusion: A cybercriminal could easily take control of a business’s system by leaving a rigged USB drive in the parking lot, let alone get control of a personal computer by leaving the stick in any public place frequented by lots of people.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

Pay attention to your IoT Device Security

January 26, 2016/in device reputation management, digital security /by Robert Siciliano

Wow cool! A device that lets you know, via Internet, when your milk is beginning to sour! And a connected thermostat—turning the heat up remotely an hour before you get home to save money…and “smart” fitness monitors, baby monitors, watches…

Slow down. Don’t buy a single smart device until you ask yourself these 10 questions. And frankly, there’s a lot of effort in some of these questions. But, security isn’t always easy. Check it out.

Was the company ever hacked? Google this to find out.
If so, did the company try to hide it from their customers?
Review the privacy policies and ask the company to clarify anything—and of course, if they don’t or are reluctant…hmmm…not good. Don’t buy a device that collects data from vendors that fail to explain data security and privacy.
Does the product have excellent customer support?
Is it hard to get a live person? Is there no phone contact, only some blank e-mail form? Easily accessible customer support is very important and very telling of the product’s security level.
Does the product have vulnerabilities that can make it easy for a hacker to get into? You’ll need to do a little digging for this information on industry and government websites.
Does the product get cues for regular updates? The manufacturer can answer this. Consider not buying the device if there are no automatic updates.
Does the product’s firmware also automatically update? If not, not good.
Is the Wi-Fi, that the device will be connected to, secure? Ideally it should be WPA2 and have a virtual private network for encryption.
Will you be able to control access to the product? Can others access it? If you can’t control access and/or its default settings can’t be changed…then be very leery.
What data does the device collect, and why?
Can data on the device traverse to another device?
Ask the gadget’s maker how many open ports it has. Fewer open ports means a lower chance of malware slithering in.
Is stored data encrypted (scrambled)? If the maker can’t or won’t answer this, that’s a bad sign.
Ask the manufacturer how the device lets you know its batteries are low.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention

How to prevent your Pics from being lifted: Part 2 of 2

October 25, 2015/in identity fraud, Identity Theft /by Robert Siciliano

There are many reasons someone might right-click on your image and “Save image as…”

Porn, Sex and Dating Sites

A woman might steal your blog headshot and use it for her dating site profile.
A perv might take the picture of your child off your Facebook page and put it on a porn site.
A person who runs a racy dating site might take your image and use it to advertise his service.

Scams

Someone might use, without your knowledge, a photo of your house for a rental scam.
Your motorcycle, jet ski, boat, puppy…you name it…could be used for scam for-classified sale ads.
Your avatar may be used for a phony Facebook account to then be posted in the comments section of news articles pitching some get-rich-quick scheme.

Fantasy Lives

Your image could be used by a lonely person to create a fictitious Facebook account.
A person with a real Facebook account may be so desperate for friends that they use your photo to create a fake account to then add as a friend.
Someone you know may steal your photo (such as an ex-lover) and create a social media account in your name, then post things on it that make you look really bad.

How can you protect your digital life?

For your social media accounts, make sure your privacy settings are on their highest so that the whole world can’t see your life.
Watermark your images so that they have less appeal to image thieves, but keep in mind that they’ll have less appeal to you too.
It’s one thing when an image of your house was stolen for a rental scam, but it’s a whole new animal if an image of your naked body or you engaged in a sex act was stolen. So don’t put racy images online. Never.
Explain to your kids about the risks of stolen images.
Make sure their social media privacy settings are high.
It’s possible your smartphone automatically stores pictures you take online. Turn off this feature.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing identity theft prevention.

Dust off your digital devices inside and out

October 5, 2015/in digital security /by Robert Siciliano

Hackers know small companies are more vulnerable to data breaches due to limited resources. Cybersecurity should always be a high priority. But when a company’s IT staff consists of maybe 1-2 people who are provided limited budgets and are constantly solving other tech problems, the focus on security suffers. And hackers aren’t the only problem. One significantly overlooked part of the security process “cleaning” the IT infrastructure.

IT staff being and small business owners must keep on top of:

Networked systems
PC and mobile hardware
Multiple device software
Local and cloud data

The best way to manage the “cleaning” process is to keep a checklist and break the workload down into small bites. Complete the following tasks to clean up your business’s digital life and add layers of protection:

Rule #1: Automatically back up your data before, after and always. No matter what you are doing to your devices, make sure they are backed up.
Use automatically updated security tools including anti-virus, anti-spyware, and firewall software.
Use a virtual private network for public Wi-Fi activity. Check to see if the VPN auto-updates.
Take an inventory of your e-mail files. Depending on the nature of a business, it may be prudent to keep everything backed up for years. In other cases, consider deleting useless messages. Create folders for messages pertaining to certain topics. Delete old folders, etc.
Go through all of your devices’ programs and uninstall the ones you’ll never use.
Carefully sift through all of your files and get rid of useless ones.
Separate out media so that there are files specifically for images, video, docs, etc.
Integrate desktop icons that have a commonality. For instance you may have several related to a certain product or service you provide. Create a main folder and put all of these in it. Icon clutter may slow boot-up time and makes things look and feel, well, cluttered.
Take a look at all your passwords. Replace the crackable ones with long and strong ones. An easily crackable password: contains real words or proper names; has keyboard sequences; has a limited variety of characters. If you have a ton of passwords, use a password manager.
Have multiple backups for your data including on premise and cloud storage.
Defragment your hard drive.
Reinstall your operating system. Of course, first make sure all your data is backed up beforehand.
Operating systems pick up temporary files over time, slowing the computer and making it vulnerable. The free CCleaner tool will clean up your system’s registry.
Install program updates. Your OS should automatically do this, but check just to be safe.
Review the privacy settings of social media accounts to make sure you’re not sharing information with more people than you’d like.
Make sure your business is protected by a security alarm system that includes video surveillance. Hackers get the spotlight, but we can’t forget about the common burglar.

The prevention tactics above apply to businesses and really, everyone. Be sure to train your employees on proactive security and inform them about tricks that cyber thieves use. For more information visit: http://www.dhs.gov/national-cyber-security-awareness-month. If you’re looking for a secure backup solution, check out Carbonite. Sign up before the end of October and receive two free bonus months when you enter code “CYBERAWARE” at checkout.

#1 Best Selling Author Robert Siciliano CSP, CEO of IDTheftSecurity.com is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). He is a four time Boston Marathoner, Private Investigator and is fiercely committed to informing, educating, and empowering people so they can be protected from violence and crime in the physical and virtual worlds. As a Certified Speaking Professional his “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders. Disclosures.

How to prepare for Digital Disasters

September 21, 2015/in Data Security, digital security /by Robert Siciliano

Editor’s Note: In this week’s guest blog security expert Robert Siciliano explains how to protect your IT systems and your business from hardware failure. To learn more, download our new e-book, “5 Things Small Businesses Need to Know about Disaster Recovery.”

It is September and that means National Preparedness Month: an ideal time to get involved in your community’s safety. Make plans to stay safe, and this includes keeping ongoing communications alive. National Preparedness Month culminates September 30th with National PrepareAthon! Day.

I can’t believe that people who heavily rely on a computer for business will still suddenly report to clients, “My computer crashed; can you resend me all the files?” What? Wait!

Why aren’t these people backing up their data on a frequent basis? If your computer is central to your business you should back up your data a minimum of once a day to protect against the following threats:

Computer hack
Unintentional deletion
Theft
Water or fire damage
Hard drive crash

To make daily data backups less daunting, carefully sift through all of your files to rid old, useless ones and organize still-needed ones. A mess of files with a common theme all over the desktop can be consolidated into a single folder.

Protecting your data begins with keeping your computer in a safe, secure, locked location, but this is only the first (and weakest) layer of protection. The next step is to automatically back up data to the cloud. The third layer is to use local backups, ideally use sync software that offers routine backups to multiple local drives. It’s also important to use antimalware security software to prevent attacks from hackers.

Additional Tips for Small Businesses Make de-cluttering a priority by deleting unnecessary digital files. This will help the computer run faster and help your daily backups run more quickly. Take some time to sift through your programs and delete the useless ones.

It’s also a good idea to clean up your disk regularly. Windows users can find the disk cleanup tool by going to the Performance Information and Tools section under the Control Panel.

Go to the control panel and hit “Hardware and Sound.” Then click “Power Options.” Choosing the recommended “balanced” power setting will benefit the hard drive.

Every two to three years, reinstall your operating system to keep your hard drive feeling like a spring chicken.

The prevention tactics above apply to businesses and really, everyone. Employees should be rigorously trained on proactive security and tricks that cyber thieves use. To learn more about preparing your small business against the common accidents of everyday life, download Carbonite’s e-book, “5 Things Small Businesses Need to Know about Disaster Recovery.”

#1 Best Selling Author Robert Siciliano CSP, CEO of IDTheftSecurity.com is a United States Coast Guard Auxiliary Flotilla Staff Officer of the U.S. Department of Homeland Security whose motto is Semper Paratus (Always Ready). He is a four time Boston Marathoner, Private Investigator and is fiercely committed to informing, educating, and empowering people so they can be protected from violence and crime in the physical and virtual worlds. As a Certified Speaking Professional his “tell it like it is” style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders. Disclosures.

Coming up, Your Phone contains your Driver’s License

June 26, 2015/in iPhone GPS /by Robert Siciliano

Gone are the days of the fat wallet bursting at the seems, since smartphones can now contain most anything that a wallet does—except the driver’s license. But don’t write that possibility off just yet.

Forbes.com reports on a story from the Des Moines Register that the Iowa Department of Motor Vehicles is hot on the trail of getting driver’s licenses into smartphones: an app that would contain all the applicable data, a scannable bar code and a two-step verification which would include a biometric.

The technology isn’t quite with us, but we all know it will be here soon enough. And needless to say, the smart driver’s license will bring with it security concerns.

The Forbes article points out that a digital identity expert sees the glass half full. In other words, today’s security features are reliable enough to go ahead with confidence in developing the technology to get a driver’s license into a mobile phone. “I believe all the technologies to make this a high-security operation are already in play,” the expert states, “and just need to be orchestrated effectively.”

If anything, perhaps the driver’s license inside the smartphone will reduce the potential for fraud involving driver’s licenses.

Thus far, digital driver’s licenses are used at airports, and the feeling is that policies regarding the digital driver’s license are more important than figuring out a way to perfect the technology.

A good start for Iowa would be to get things rolling with the private sector, says the Forbes article, by letting it use digital licenses for minimal transactions such as age verification when purchasing liquor.

Let’s first see how these smaller-scale transactions go over, is the thinking, before diving head first into using cyber licenses for full-scale transactions such as “showing” it to the police officer who pulls you over for speeding, or using it for making a large purchase with a check.

Nevertheless, it’s not probable that cyber technology will replace all hardcopy/physical documents, especially since there will always be that segment of the population who insists on doing things “the old-fashioned way.” The power of paper.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing identity theft prevention.

How to plan for Digital Disasters

June 16, 2015/in digital security /by Robert Siciliano

In this day and age, we should never hear someone proclaim, “Oh my God, my computer crashed! I lost everything!” You can’t lose something that’s been properly backed up.

So many people, including ones with businesses that rely upon cyber communication, continue to avoid backing up their digital data.

Nobody is exempt from the No. 1 rule of backing up your data. Anything could happen:

Hard drive crash
Accidental deletion
Water damage
Fire
Theft (offline)
Ransomware

The planning for digital disasters begins with first going through all of your files to clear out any “junk” or data that you know for sure you no longer need. Then delete it.

Next, make sure all of your files are organized, not scattered haphazardly, and properly labeled. See if you can consolidate some files.

You then must commit to regular backups, and this may be every day for some files. There are programs that can make the hassle of backing up much easier. They will automatically perform backups on everything, keeping a spare copy of all your files.

But what if your computer is physically stolen? A lot of good the prior-mentioned backups will do. And carrying around with you a flash drive is cumbersome and you may forget it at home—the day your computer is stolen—along with the flash drive.

This same principle applies to fire or water damage. The flash drive could be destroyed or lost. Furthermore, it’s not realistic to think you would place your computer in a fireproof safe every time you log off, though maybe every time you go out, that’s more realistic.

You could keep your computer located in a safe place that’s least likely to be damaged by a flood or fire, but that’s a thin layer of protection.

It may seem that the obvious tactic is to back your data up in a cloud service. And you’re right; this would be part of a multi-layer plan. A cloud service may also offer incremental backups.

As for that flash drive, it will sure help to make it a habit to back everything up every day—just the files you changed for that day. What are the odds that your flash drive will get stolen or burned to a crisp?