By: Ryan Cloutier, principal security consultant at SecurityStudio
As if a global pandemic, an unstable economy and social unrest weren’t enough to keep parents and teachers up at night, there’s also one more concern that has to be on our minds: cyber safety. Or, more accurately, cyber risks. These hazards are always present, but they’ve skyrocketed in 2020 as our children have started spending full school days on the internet and other digital applications.
While one more worry may make you feel like closing your eyes and sticking your head in the sand, there’s hope. You can effectively decrease your kids’ cyber risk if you know what to do. To help you get started, here are four tips toward a safer online world for your children.
Increase their awareness.
The first step in most situations is simply to make someone aware of possible issues, and the same is true with internet safety. Students may not even realize there are risks to being online, or that some people use technology to manipulate others and commit crimes. So, be honest with your student. Depending on their age and maturity level, have a conversation about digital risks. Include basics like what personal information is and that they should never share it without your permission. Discuss the fact that someone talking to them through the computer may not be who they say they are and that even though a conversation online or through a gaming platform seems fun and innocent, it might not be.
Help them to recognize that dangers exist, and to keep their eyes open for anything that feels like a red flag or just doesn’t feel “right.” Encourage them to be curious about their own cyber safety and protecting themselves. Then, help them take a personal risk assessment. Tools like S2Me are free and offer a score that gives insight into an individual’s risk level as well as a roadmap for improving their security. This is a great starting point to see where individuals currently are, and how far theyneed to go to adequately protect themselves.
Teach them to trust, but verify.
When we teach kids and teens about cyber safety, we want to empower them, not alarm them. This is why it can be helpful to say things like, “Most people who use the internet don’t have bad intentions, but some do.” This is also why it’s a good idea to train students in the concept of trust but verify. Teaching kids to confirm who they are talking to or validate that a request for information is real is, in today’s world, a basic life skill. Our students are going to be online the rest of their lives, so now is the time to teach them not to click links they are not expecting, or to pick up the phone and verify that someone really is asking for personal information via an email.
Even if the person appears to be an authority figure or a friend, they must always verify that. Younger kids should ask a parent or teacher for help, while older kids can learn to verify for themselves. If the request came via a messaging service, they can confirm whether it’s legitimate by sending that person an email. Or if the request came through email, a good option is to send that person a text message to make sure it was really from them.
Kids are having technology placed in their hands almost as soon as they can hold a phone or tablet. Given that, we have to ensure they know how to protect themselves from a very young age. To do so, we must teach them to think critically about the messages in front of them: headlines, advertising messages, and communications with other people – both known and unknown.
Start conversations about digital ethics – early.
Digital ethics go beyond basic knowledge of security and encompass broader ethical issues like online cheating or posting sensitive information or images that belong to someone else. But kids often have little concept of online morality unless we include them in regular conversations about it. Help them to understand what constitutes private information. Identify for them those things that are clearly private (school names, financial information, medical records) and those things that a child might not consider personal such as photos of Mom in a bathing suit at the beach. Ethics is a big concept for anyone, so we have to help kids understand what not to share and why.
Let kids know that there are some ethical gray areas they may have questions about, and that they can and should come to you or a trusted adult when they encounter that middle ground. The more we talk to students early about digital ethics and safety, the more comfortable they’ll be coming to uswith concerns as they get older.
Work together to apply baseline security measures.
In addition to the three previous steps we’ve recommended, parents, in particular, also must work with their children to take action. There are some relatively small but effective security measures anyone can take to improve their cyber security posture, so bring kids into the process. Here are some we suggest, to start:
- When you install your WiFi router, change the password right away and make sure you update the device regularly. Also, set up guest networks so visitors in your home can use your WiFi without increasing threats to your network.
- Enable parental controls on devices your kids will use, and let them know why you do this. They may not like it, but it’s important to be honest about why it’s necessary.
- Always put a password on your smartphones or tablets. Remember, don’t recycle passwords and make them hard to break with capital and lowercase letters, special characters and numbers.
- Reduce the number of vendors you work with, and question whether you need another app or tool every time you go to download one.
Remember that cyber safety is really about identifying, assessing and reducing risk, not about eliminating it entirely. By teaching our students to understand digital dangers, trust but verify, embrace online ethics and put security measures in place, we empower them to protect themselves now as they participate in school online – and throughout their entire lifetime.
About the Author
Ryan Cloutier, CISSP, is the principal security consultant at SecurityStudio, which works to fix information security industry problems through simplification. A passionate cybersecurity thought leader Ryan is an advisor on the Consortium for School Networking (CoSN) Cyber Security Advisory Panel and can be reached at email@example.com.