There’s no hiding it. The days are getting cooler. The sun’s setting earlier. And the leaves are beginning to change. Summer’s gone as quickly as it came, which means one thing and one thing only: it’s back-to-school season.
Soon, kids around the world will be starting up a new year of classes. That means they’ll be chatting on line, looking for school supplies, and using social media to connect with new classmates.
Fun, but not entirely safe.
Digital attackers are after people’s information, and they have no problem tricking children into giving up their banking credentials and other bits of personal information. With the threat of identity theft on the line, it’s up to parents, teachers, and older siblings to share their wisdom and help children protect themselves while surfing the web.
Towards that end, here are 12 tips that can help keep every child safe online during this back-to-school season.
Bob Loihl, Principal Software Engineer
“As you return to school and establish new online accounts or new friends, the best thing you can do to protect yourself online is to protect your accounts and their passwords. Use a reputable password manager and different passwords for every account. Most importantly, never share access to any account with anyone. It really is your identity, online.”
Nick Santora, CEO of Curricula | @Curricula
“Be cautious of offers that look too good to be true, because in reality, they probably are. When it comes to buying clothes to books, be cautious. I remember a friend of mine in college was scammed out of a few thousand dollars trying to buy a car. The fraudsters set up everything from a fake shipping account to the fake company selling it. So when you’re shopping online this fall, make sure you order from trusted websites and be aware of scams like phishing attacks.”
Lori MacVittie, Security Evangelist | @lmacvittie
“As many kids start a new year school and become active on social media for the first time, it’s important that parents lay down some basic safety rules. Good rules of thumb include:
- Don’t share personal information (like your home address) on social media.
- Be careful of what’s visible in the photos you share. Attackers can replicate school IDs, driver’s licenses, and other identification cards using today’s high-definition photos.
- Turn off location services when you don’t really need them, or enable them per-application. Only parents really need to know where you are at any given moment.”
Andrew Agnes, Global Information Security Manager | @sirjester
“Going (back) to school means you will be asked for ways to stay in touch with other students when you can’t talk face to face. This will be via your phone number as well as connection requests from Facebook, Instagram, and Snapchat, amongst others. To stay safe, you need to resist the temptation to build the biggest list of ‘friends.’ Popularity isn’t everything! Whichever platforms you use, always enable the settings that require you to approve connections and only accept requests from people you know. Some strangers will pretend to be friends on the Internet so they can look at your photos and talk to you. Don’t buy it! Don’t meet with strangers who contact you via the Internet, and don’t be afraid to use the Report button if people send inappropriate content. “
Travis Smith, Senior Security Research Engineer | @MrTrav
“Taking your homework on the go may seem like the perfect work-life balance to meet deadlines and enjoy friendship at the same time. If you need to access the internet from a public location, understand that anything you say or do can be monitored by everyone else. Avoid going to sensitive websites, such as your bank, until you get home. If browsing is necessary, use a VPN. Additionally, most websites offer a secure version of their website. Look for either the green lock or make sure the website begins with https, as opposed to just http, in your browser’s address bar.”
James Wright, Security Researcher | @James_M_Wright
“I have two pieces of advice for students going back to school:
- Encrypt You Devices: We lose $7 million dollars a day in cellular phones! That’s a staggering amount of data that is in jeopardy of compromise. Students need to enable whole-disk encryption as an essential measure that protects against physical theft and disclosure. In the tablet and mobile phone arena we have the major players of Android and Apple operating systems. Setting a passcode on the Apple iPhone enables encryption, while Android devices are nearly as easy to activate.
- Data Restoration: First, we protect the passwords that guard our accounts; then we ensure the protection of data at rest with encryption. It’s a likely possibility that students will suffer a device loss, so having a viable file backup plan is necessary for recovery. This tip is one of the most frequently overlooked. Zero-knowledge providers are the approach I recommend for cloud data storage. It ensures that even if a hacker were to liberate your confidential data from the cloud provider, it would be mathematically impossible to understand without your password. A data backup service will also protect students from ransomware attacks. File corruption by attacks or a failed disk is no match for a good backup plan.“
Brad Winckler, DevOps Researcher | @
“This year, when collaborating on projects with peers, remember to do so safely! The easiest way to accidentally spread malware when working on a project with others is by sharing documents on physical media such as USB drives or as e-mail attachments. Instead, try using the collaborative editing capabilities of online services, such as Google Docs. This provides a safe and effective means of collaboration because you never have to directly share anything.”
Matt Pascucci, Security Architect | @MatthewPascucci
“A few things students should remember before this school year starts up:
- If you’re downloading new software from the internet to install on your laptop, use urlquery.net to validate the site and www.virustotal.com to verify the download.
- Keep everything patched. Make sure your mobile device, tablet, and laptop are running the latest operating system and application patches.
- Since most kids will be using the internet for research, it helps to install browser tools like mywot.com or web filtering products like www.opendns.com.”
Angus Macrae, CISSP | @AMACSIA
“Whilst technical parental controls, AV, content filters, and general cyber hygiene all play a vital part, there can be no substitution for good old fashioned ‘real life’ communication. Kids need to feel they can talk openly about their use of technology and online services to adults they can trust. Those adults should, in turn, be able to advise how today’s young can make the most of this new world safely and without sharing too much information.”
Mandy Huth, Director of Cybersecurity | @cyberfortress
“It is imperative that we have a conversation with our children about basic online rules such as how to behave on line or joining a new social network. That includes highlighting the following two tips:
- Report online abuse. Cyberbullying is real. If you see something, say something. Don’t reply to the bully but instead enlist the help of parents or a trusted adult to help you.
- Be cautious in chatrooms, especially ones created specifically for teens. They are collectors for online predators.”
From all of us at The State of Security, we hope students everywhere have a great start to the new academic year, succeed in their studies, and stay safe online.