Information security for the new normal: 3 Staying in touch

May 4, 2020

3 minute read

The third and final in this series of blog posts looks at some of the risks and benefits of working in new ways with children and young people. Read the previous posts here: phishing, videoconferencing.

Connecting digitally

Face to face meetings across the world have been replaced by connecting digitally. Now that teachers and other children’s workers are becoming accustomed to these new ways of working it is timely to consider security and data privacy concerns.

Working from home

Working from home has a number of risks that we should be aware of and think about ways of mitigating:

  • Home networks (broadband/wifi) and home computers are much more likely to be out of date in data security terms. At work your IT department ensures that your computers are constantly protected, but at home your computers are more vulnerable to attack simply because they are less secure. (Cyber criminals also know this, as attacks on computers have increased exponentially during this crisis.)
  • While working from home you are more likely to save data on your own computer, where it won’t be protected by the organisation’s security systems. This makes the data more susceptible to being hacked and stolen.
  • If you are able to access your organisation’s networks, you should be using a secure system such as VPN. If you already had VPN set up on your home computer for remote access to your organisation’s network, that is great, but if you had to install it yourself in a hurry, it’s possible that it has not been done correctly.
  • Most of us share our home with other people – friends, partners, family members. These people perhaps share your home computer and it is important that they do not have access to any personally identifiable data (PID) that you have access to for work. This includes people being in the room with you and looking over your shoulder as well as those who may use your computer when you leave it for any reason.

Staying in touch

Staying in touch with your young people is extra challenging and many people are turning to messaging apps. SMS is not very secure and should not be used to share anything sensitive. The ever popular WhatsApp (for age 16+ only) uses end to end encryption, which protects the data in transit between phones, but as soon as you download a message it is only as safe and private as your device. Ultimately how do you know what is happening to information stored on your messaging apps? The digital giants such as Google and Facebook are known for selling our data. Our advice is to be very, very careful about what you allow young people to say in text messages. See a comparison of messaging apps here.

Be aware of the risks and vulnerabilities

The first step in keeping digital information secure is to be aware of the risks and vulnerabilities. The next is to take whatever mitigating actions you can. These are fundamental:

  1. Change the default name, or SSID of your broadband router
  2. Use a strong password for your router and don’t share it
  3. Enable network encryption – this usually means allow WPA2
  4. If you don’t understand the above, call your broadband provider and ask them to help you
  5. Go into the privacy settings of every app you use and set them to the highest level
  6. Always close down your computer and every app/website that was open, before allowing someone else to use it. That person should be logging in with a different ID.

Safest option

The safest option when working with children is to use apps that have been designed with privacy and safety in mind from the start.