One issue, which is becoming more obvious while speaking to children, teens and parents, is how ignorant everyone appears to be, in relation to their level of vulnerability online. We frequently see tremendous over confidence, in the amount faith people have placed in how protected or secure their online data is. Most have actually put all of their data eggs in the one basket, without realising the dangers.
It is almost like watching a re-run of the Titanic story, so many people mistakenly believing that their online lives, are also unsinkable. We have found that the use of the Titanic as a learning aid is an excellent example for helping people to understand their level of online vulnerability. So this is why, we have decided to share it with you in today’s #cotdage blog.
On the 15th of April 1912, the Titanic sank after being struck by an iceberg. The ship, believed unsinkable at the time, sank with an incredible loss of life. The ships designer, Thomas Andrews had designed a ship with numerous watertight compartment and bulkheads, which enabled the Titanic to stay afloat, even if four of the compartments were flooded. Unfortunately, reports say five or six of the water tight compartments were compromised. This ultimately led to the ship sinking.
If you were to consider your own online presence, how many watertight bulkheads compartments have you put in place to protect yourself from going under? The more that you create and put in place, the longer you will not only stay afloat, and the greater the chance of rescue, if something does go wrong.
One Watertight Compartment
At all cost we need to avoid this. A single watertight compartment is similar to using a single email address, which is then used to sign in to all of your other online accounts, Facebook, Instagram, Amazon, EBay, Hotel Booking sites, etc. Another example would be the use of a single password across all of these accounts. If just one of the accounts are breached, then all of the accounts are compromised. You may then find that your access to the accounts has been blocked. The attacker choosing to change the password to lock you out. Perhaps even worse, they may choose publish the content, alter or erase or accounts. Unfortunately, the potential for permanent harm or loss is very real.
Two Watertight Compartments
We now begin to realise all of our eggs in one basket is not ideal, so people begin to separate their private content from their public content online. We introduce more than one email address for our other individual online accounts such as Work, Financial, Messaging and Social Media sites. Immediately we observe, that a single breach will not bring down our entire online life, however we will only be able to assess the damage caused by the personal and private nature of the content which has been accessed.
The use of a weak or single password across all the platforms or accounts, make the likelihood of a catastrophe high. After speaking to hundreds of students and parents nationwide, we frequently see exceptionally poor password hygiene. In the majority are those, who only use eight character passwords. The same individuals, also use a capital letter as the first character in the password, then six lower case letters and a number. These are exceptionally weak passwords are no real match to a brute force attack.
Four Watertight Compartments
Having this level of security awareness, will greatly strengthen your online life, but it will also begin to become frustrating. Now we are utilising several email addresses for our online accounts. We separate private, personal, public and social. For each account we are now using two-factor authentication upon sign in, for both our email addresses, and our online accounts. We have also introduced stronger passwords, by using 16 characters or more. These are a mix of capital letters, small caps, numbers and special characters. We now have separate passwords for all of our individual accounts, this will greatly enhance the security and level of protection.
The Titanic, a ship not even God himself could sink, used this is the number of watertight compartments as its greatest safety feature. However, it still sank. We might also, having to remember more than one password is difficult. Remembering several is next to impossible. It can also be difficult to create strong passwords, which need to tick so many boxes to keep them secure. People end up writing them out and keep them near the device for easy reference. Perhaps it is easier to save all the passwords in the internet browser we use. Soon we realise the possible implications of someone getting access to these passwords as we tried to secure all of the accounts but failed to secure the passwords.
The Unlimited Watertight Bulkhead Option
It is only once we reach this level of awareness, that we realise how truly vulnerable our online accounts actually are. We do need to have our online lives compartmentalized in order to secure it. We do also need have Two-Factor authentication activated on every online account. We also need to have separate and original strong passwords to protect our online accounts. It is not such an arduous task as it may at first seem. By using a Password Manager, we only need to create one single strong password. The Password Manager does the rest of the hard work for us. We can also use code generators like Authy, to verify a log in to the account. Even if a single or multiple breach, we still have the ability not only to stay afloat but also to repair and restore a targeted account.
The loss of the account in this instance will again be as a result of human error, if an account has been targeted for example in a Phishing attack, and the user opens an attachment, or shares the log in information with someone.
The use of a visual aid like the Titanic and how it came to sink beneath the waves despite the very modern safety features it employed, shows how vulnerable our online lives are. How easily these can be lost. It can quite be difficult for an adult, who is just an average online user, to accept that all of these security features which are now required to protect against the many threat vectors online. The most important question is, how much of this information are children or teens aware of? It pains us to say very little, if any.
Like the advice given on a boarding a plane or a ship, we would ask that you review your own safety features first, before addressing it with your children. Then again you may be fortunate enough to discover, your child is not only aware of their online security needs, but also in a position to assist you in strengthening yours.
Hope you had a great weekend guys