Privacy vs. security: what’s the difference?

As your Internet Service provider, EarthLink is committed to keeping you informed of technology tips to help manage your digital life. Below our partner Symantec shares information on how to manage mobile privacy across multiple apps. Article by Symantec.

______________________________________

When it comes to privacy vs. security, it’s a good idea to have both. Each can impact your digital health. But what’s the difference?

Privacy and security are related. Privacy relates to any rights you have to control your personal information and how it’s used. Think about those privacy policies you’re asked to read and agree to when you download new smartphone apps.

Security, on the other hand, refers to how your personal information is protected. Your data — different details about you — may live in a lot of places. That can challenge both your privacy and your security.

Some people regard privacy and security as pretty much the same thing. That’s because the two sometimes overlap in a connected world. But they aren’t the same, and knowing how they differ may help you to protect yourself in an increasingly connected world.

What’s the difference between privacy and security?

Here’s an example. You might share personal information with your bank when you open a checking account. What happens after that? Here are three possible outcomes, all related to your personal information (not to the money you may have deposited in the checking account).

  1. Your privacy and security are maintained. The bank uses your information to open your account and provide you products and services. They go on to protect that data.
  2. Your privacy is compromised, and your security is maintained. The bank sells some of your information to a marketer. Note: You may have agreed to this in the bank’s privacy disclosure. The result? Your personal information is in more hands than you may have wanted.
  3. Both your privacy and security are compromised. The bank gets hit by a data breach. Cybercriminals penetrate a bank database, a security compromise. Your information is exposed and could be sold on the dark web. Your privacy is gone. You could become the victim of cyber fraud and identity theft.

It would be great if your risks began and ended with that theoretical bank. But your personal information is likely all over the connected world — in government offices, at healthcare providers, at stores and restaurants, and in many of your online accounts. You might say it’s everywhere — not literally, but it’s certainly in enough places that it’s out of your control.

If a cybercriminal accesses that information, it could be off to the races. Your privacy and security could both get trampled.

What’s the difference between privacy and security in computer terms?

Cyber security products can help protect your privacy and security — sometimes at the same time.

For instance, consider a VPN — a virtual private network. It’s a security product that acts like a tunnel for your information and your activity on the internet, encrypting all the data that you send or receive on your device. It’s like an online version of sitting with your back to a wall when you don’t want someone else to see what you’re doing on your computer or phone when you’re at a café or airport.

Are some app developers adding features simply to gain access to permissions? It’s a possibility, but something we can’t provide a definitive answer to. Ultimately, it may be up to the user to ask if these additional features are essential to the function of the app and if it’s worth granting permissions for features that only provide marginal benefits.

Here’s how a VPN helps you win two ways:

  • Privacy: It helps to block websites, internet browsers, cable companies, and internet service providers from tracking your information and your browser history.
  • Security: It helps protect you from others accessing your personal information and other data.

Tips for protecting your privacy and security

  • It’s smart to do business with companies and organizations that value your privacy and take measures to protect your personal information. But there are things you can do, too, to help protect your privacy and boost your security.Here are some examples:
    • Limit what you share on social media and online in general.
    • Shred important documents before tossing them in the trash.
    • Guard your Social Security number. Keep it in a secure place and don’t give it out if possible. Ask if you can provide another form of identification.
    • Safeguard your data and devices. This might include enlisting the help of computer virus protection, a secure router, Wi-Fi protection, and identity theft protection services.
    • Understand how the information you’re giving away could be used. Read an organization’s privacy policy before signing up for an app or service. Remember, if the app or service is free, the company may make its money by selling your data. Consider taking a pass.

How long do I have to think about privacy and security?

Privacy vs. security will remain a hot topic. Why? Because your information will likely pop up in more and more places.

Your world is getting more connected, not less, and your information has value. People will try to profit from it in legal and illegal ways.

The best advice about privacy vs. security: Take care of both.

_____________________________________________________________________

For more information about protecting yourself with Norton products from EarthLink, go to  Security and Tools.

 

© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo,  Norton, Norton by Symantec,  are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries.


Mobile Privacy: What Do Your Apps Know About You?

As your Internet Service provider, EarthLink is committed to keeping you informed of technology tips to help manage your digital life. Below our partner Symantec shares information on how to manage mobile privacy across multiple apps. Article reposted from Gillian Cleary, Senior Software Engineer at Symantec. 

______________________________________

Just how much personal information are your apps gathering? And do they really need so much?

The average smartphone user these days has between 60 and 90 apps on their device. Most of these apps request some sort of information about you and the device you are using. They may want to know your name, your email address, or your real-world address. But because smartphones are so powerful, they can also get quite a bit more than that, such as your exact location. Some apps will even request access to the device’s camera or microphone.

While all of this is done with the user’s consent, you may be surprised at the level of access some apps have to personal data. Did you know that 45 percent of the most popular Android apps and 25 percent of the most popular iOS apps request location tracking, for example? Or that 46 percent of popular Android apps and 25 percent of popular iOS apps request permission to access your device’s camera? Some Android apps even ask you to give them access to your SMS messages and phone call logs.

Under the microscope

In order to find out what kind of data your apps may be looking for, we decided to put the most popular to the test. We downloaded and analyzed the top 100 free apps as listed on the Google Play Store and Apple App Store on May 3, 2018. For each app, we tried to find out two main things: how much personal information was the user sharing with the app and which smartphone features the app accessed?

Neither practice is inherently suspicious. In most cases, information is shared and device permissions are enabled with the user’s consent. And there is usually a very good reason why apps require either. For example, a taxi app will need to be able to access a user’s location in order to tell the driver where to go. Instead, we were more interested in whether any apps were requesting excessive access to information or if app developers were doing everything they could to protect users’ privacy.

Personal information

One of the first things we looked at was the amount of personally identifiable information (PII) that apps requested users share with them. Email addresses were the most common piece of PII shared with apps and were shared with 48 percent of the iOS apps and 44 percent of the Android apps analyzed. The next most common piece of PII was the username (which is usually someone’s full name as they’ve entered it on social networking sites or on the app), which was shared with 33 percent of iOS apps and 30 percent of Android apps. Phone numbers, meanwhile, were shared with 12 percent of iOS apps and 9 percent of Android apps. Finally, the user’s address was shared with 4 percent of iOS apps and 5 percent of Android apps.

However, these stats don’t fully account for the full amount of PII being shared with apps.

Several apps integrate with social media so that the user can log into the app using their social media account and allow the app to post directly to the social networking site. For the user, this means they don’t need to manage passwords for every app, can invite friends to play mobile games, and share app info on their timeline.

But this symbiotic relationship also allows the app to collect user data from the social media account, while also allowing the social media service to collect data from the app. In the case of iOS apps using social media integration, we were able to see what PII was being shared. However, in the case of Android apps, we weren’t. This was because the apps in question all employed Facebook’s widely used Graph application programming interface (API) and the Android version of Graph uses certificate pinning, which prevented us from seeing what PII was being shared (we’ll discuss certificate pinning in more detail later).

Therefore, when we say that email addresses are shared with 44 percent of the Android apps, that figure could be higher because some Android apps use the Facebook Graph API and this may share an email address with them too.

Facebook Graph may be familiar to some people because it was used by Cambridge Analytica to compile personal information relating to 87 million Facebook users. This information was reportedly then used in targeted social media campaigns directed at voters during the 2016 U.S. presidential election campaign. Facebook responded to this incident by significantly tightening up its API and restricting the amount of personal information that can be shared through it.

While Facebook Graph may be the best-known integration service, it isn’t the most widely used. Of the apps we analyzed, 47 percent of Android apps and 29 percent of iOS apps offered the Google integration service, while 41 percent of Android apps and 26 percent of iOS apps offered the Facebook Graph API service.

Some permissions are more risky than others

Aside from personal information, apps will also need permission to access various features on your mobile device. For example, if you want to take a picture using Instagram, the app will need permission to use your device’s camera.

There is a massive amount of permissions an app could request, but not all permissions are the same. For that reason, we took a closer look at what we term “risky permissions” - permissions that could provide access to data or resources that involve the user's private information or could potentially affect the user's stored data or the operation of other apps. Examples of risky permissions include access to the user’s location, contacts, SMS messages, phone logs, camera, or calendar.

What did we find? Camera access was the most requested common risky permission, with 46 percent of Android apps and 25 percent of iOS apps seeking it. That was closely followed by location tracking, which was sought by 45 percent of Android apps and 25 percent of iOS apps. Twenty five percent of Android apps requested permission to record audio, while 9 percent of iOS apps did. Finally, 15 percent of Android apps sought permission to read SMS messages and 10 percent sought access to phone call logs. Neither of these permissions are available in iOS.

Two things should be stressed when talking about risky permissions. Firstly, they require the user’s permission to access this data. And secondly, just because we’ve called them risky permissions doesn’t mean they shouldn’t be granted. As explained before, there’s usually a reason they’re required. Instead, they should be seen as permissions the user should exercise more caution about granting, asking themselves if the app really does need this permission and if they’re comfortable granting it to this particular app. For example, do you really want to give an app access to your calls and text messages simply to provide personalized alerts?

Interestingly, in cases where we were analyzing both the Android and iOS versions of apps, some Android apps requested more risky permissions than their iOS counterparts. Seven Android apps requested access to SMS messages, while their iOS versions did not. One Android app requested access to phone call logs, while its iOS version did not. While neither permission is available in iOS, it does beg the question of why these permissions were requested in the Android version while the iOS version can do without them.

Are all permissions necessary?

Do some apps request too many permissions? We took a closer look at several that seemed to request a lot. The first was the Android horoscope app “Zodiac Signs 101 – 12 Zodiac Signs & Astrology", which has been downloaded more than 1 million times. Among the permissions it sought were:

  • Precise user location
  • Access to user’s contacts
  • Send and receive SMS messages
  • Receive MMS messages
  • Permission to directly call phone numbers
  • Permission to reroute outgoing calls
  • Access to phone call logs
  • Access to camera
  • Read/write contents of USB storage
  • Read phone status and identity

The second example we looked at was the Android flashlight app "Brightest Flashlight LED - Super Bright Torch", which has 10 million installs. Included in the list of permissions it sought were:

  • Precise user location
  • Access to user’s contacts
  • Send SMS messages
  • Permission to directly call phone numbers
  • Permission to reroute outgoing calls
  • Access to camera
  • Record audio via microphone
  • Read/write contents of USB storage
  • Read phone status and identity

Do these apps really need all of these permissions? In each case, there were features in the app which made use of the permission. For example, Brightest Flashlight LED offers the user extensive customization options and the ability to make it flash in different ways when the user receives incoming calls or texts. In order to do that, it would need access to calls and messages.

Are some app developers adding features simply to gain access to permissions? It’s a possibility, but something we can’t provide a definitive answer to. Ultimately, it may be up to the user to ask if these additional features are essential to the function of the app and if it’s worth granting permissions for features that only provide marginal benefits.

Lax security practices

Worryingly, a small number of the apps we examined employed very poor security and privacy practices. Four percent of the Android apps and 3 percent of the iOS apps requesting risky permissions didn’t have any privacy policy. Ideally, every app should have a privacy policy which states clearly what data is being collected, where it is being stored, who it is being shared with, and so on.

Meanwhile, only a minority of apps implement certificate pinning at login: 8 percent of Android apps and 11 percent of iOS apps. What is certificate pinning? It’s a security precaution that helps prevent attackers intercepting supposedly secure communications. It does this by ensuring the app only communicates with a server using the correct security certificate.

However, there are differing opinions about certificate pinning. For example, Apple says it doesn’t recommend that apps do their own certificate pinning, as it’s an approach that can lead to overall fragility and problems in enterprise environments.

Bamboozled by privacy policies

Even when apps do have privacy policies, users can still find it difficult to keep track of what they are consenting to. While each app has its own set of permissions and privacy policies, there are several complicating factors.

  • While some apps are self-contained, there are many that require additional apps or links to third party websites to function correctly (e.g. display advertising) or provide additional functionality, such as installing themes or providing additional levels in games. Some of these may be third-party apps.
  • Each additional app may have its own privacy policy (or none) and the user cannot assume the top-level app’s privacy policy covers subsequent app downloads.
  • However, most apps will disclaim any responsibility for use of the data by third parties.

In short, while you may be sure of your ground when it comes to a single app with a single privacy policy, once additional apps are plugged into it, the picture becomes increasingly complex, particularly when it comes to third-party apps.

Is this something to be concerned about? A significant number of apps that request risky permissions are tied to third-party apps. Of the Android apps that require risky permissions, 40 percent have links to third-party apps. Either normal app functionality is interrupted with advertisements or there were links to third-party apps for normal functionality (for example purchase links to seller sites). Meanwhile, 16 percent of the iOS apps that require risky permissions have links to third-party apps.

Guarding your privacy

How to avoid granting excessive permissions

Before you install an app:

  • Read the permissions required for the app.
  • Think about why an app needs the permissions it requests. If the permissions seem excessive, ask yourself if it’s likely they are there simply to acquire data about you.
  • Read the privacy policy. If there's none, or if it's impossible to determine from it where your data will go, don't install the app.

If you have already installed the app:

  • In the case of Android apps, you can remove unnecessary permissions by going to the Settings menu and then clicking on Permissions. Removing permissions may cause a poorly designed app to stop working. Well-designed apps will indicate if they need a permission when you attempt to perform the function that requires it.
  • In the case of iOS apps, you can remove unnecessary permissions by going to the Settings menu and then clicking on Privacy.

How to protect your personal information

  • Read the privacy policy on each social networking site and app you use.
  • Ideally, don't sign into an app using your social networking site account. If you do, check what data the app will receive from the social network account.
  • If you do sign into apps using your social network account, be frugal about how much information you provide in your public profile on social networking sites.
  • When you post data to a social networking site from an app, think about whether you want the social networking site to have this information about your app.

How to check what apps are using data from your Facebook account

  • Go to the small down-arrow at the top right of the homepage and select Settings.
  • Select “Apps & Websites in the menu on the left to discover what apps are actively using your data.
  • Select each app to view and edit the permissions on the data it uses.

How to check what apps are using data from your Google account

You can also review and edit which apps are using Google for sign in and what information is being shared with them.

© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo,  Norton, Norton by Symantec,  are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries.


Clean up your phone for a better digital life

As your Internet Service provider, EarthLink is committed to keeping you informed of technology tips to help manage your digital life. Below our partner Symantec shares information how to keep your mobile phone working at maximum performance.

If you are guilty of having apps cluttered all over your screen then you are not alone. Smartphones loaded with too many apps can slow down your phone, allow third-party apps to access your data, shorten battery life or worse, crash your phone.

Every once in a while every phone needs a cleanup. This time of year  is a great time to take out the old and bring in the new. Here are a few tips to help you clean your phone.

1. Don’t want it? Delete it.

Apps are notorious for taking up space on your phone. Arrange apps in the order of usage. If you think you haven’t used an app in over a month then you probably don’t need it.

2. The backup plan.

As a general rule, regularly backup your data. This not only frees up space in your phone, it also speeds it up. If your phone is taken over by ransomware, you will still have your data.

3. How many people are in your phone?

You build contacts as you learn and grow in this world. You add them to your address book. As you move from one phone to another, you are carrying these numbers and details to the next device, and the one after that. Finally you end up with more contacts than the number of people you actually know. Go through your contacts and delete the ones you know you wont need.

4. Music, messages and maps

There was a time when music was downloaded and saved in phones. Now with Wi-Fi being available almost everywhere and apps that stream music, the need to save music has declined. Text messages take up a lot of space too. Memes, videos, gifs, etc, live in your feed and take up precious real estate. Delete them once you’ve read them. Apps like maps, ride sharing services, and other services that use geo location that run in the background and slow down your phone. Turn them off when not in use.

5. Time to change your password

Changing passwords regularly keeps your device safe from cyber attacks. Use unique passwords that use a combination of at least 10 upper and lowercase letters, symbols and numbers. The key is to make it difficult for attackers to access your information by changing your passwords every three months and not reusing passwords for multiple accounts.

6. Check for software updates and patches

Software patches and update notifications show up at the oddest moments. While it is highly recommended that you update your phone immediately upon receiving them, sometimes people can miss the notification. Check your phone’s settings, and make sure that you are running the latest version of the software. Ignoring security updates exposes your phone to vulnerabilities that can be exploited.

7. Clean on the inside and clean on the outside

Do not forget to remove your phone cover and wipe down your phone with a clean cloth. Read the cleaning instructions that came with your phone. Using wet wipes and alcohol solutions may damage the phone.

8. Safety first

Use a reliable security suite to keep your phone safe from cyber attacks. Norton Wi-Fi Privacy encrypts the data you send and receive when using an unsecured public Wi-Fi, protecting your information that may be vulnerable to attack.

Make sure you maintain the health of your phone with good cyber habits.

 

 

© 2018 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo,  Norton, Norton by Symantec,  are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries.


SSL certificate changes

In July 2018, Google will release an updated version of their web browser Chrome that will mark websites without SSL certificates as “not secure”. Other browsers, like IE, Edge, Firefox will also be adopting this policy.

What is SSL?

SSL (or Secure Sockets Layer) is a standard security technology for web browsers, encrypting information passed between a website’s server and a visitor’s browser. Websites with SSL certificates appear in your browser URL as “HTTPS” versus “HTTP”.

SSL helps create a safe and secure connection for your web pages, keeping customers’ information safe from hackers, criminals and other unwanted eyes.

Why use SSL?

Your business and website needs to look credible to your website visitors. Websites marked as “not secure” may cause potential customers to lose trust in your business, so it’s becoming increasingly important that every website is secured with SSL. If your website transits sensitive information like credit card details or personal information, it’s essential your business and your customers’ information is protected with SSL.

Secure your website and your Customer's information before July 2018. If your site does not have a SSL Certificate, you can learn more about EarthLink's SSL Certificate by calling 1-800-201-8615 or learn more here.


Security Alert: Wi-Fi Connections at Risk

As your Internet Service provider, EarthLink is committed to keeping you informed of important cyber security events being observed globally. Below our partner Symantec shares information regarding a recent vulnerability that impacts Wi-Fi networks and how you can protect yourself.

Security researchers1 have discovered a major vulnerability in Wi-Fi Protected Access 2 (WPA2). WPA2 is a type of encryption used to secure the vast majority of Wi-Fi networks. A WPA2 network provides unique encryption keys for each wireless client that connects to it.

The vulnerability, dubbed “KRACKs” (Key Reinstallation AttaCKs), is actually a group of multiple vulnerabilities that when successfully exploited, could allow attackers to intercept and steal data transmitted across a Wi-Fi network. Digital personal information that is transmitted over the Internet or stored on connected devices — such as driver’s license number, Social Security number, credit card numbers, and more — could be vulnerable. All of this personal information can be used toward committing identity theft, such as accessing bank or investment accounts without the users knowledge.

In some instances, attackers could also have the ability to manipulate web pages, turning them into fake websites to collect information or to install malware on user’s devices.

 What should you do?

Wi-Fi users should immediately update Wi-Fi-enabled devices as soon as a software update is made available. Wi-Fi enabled devices include anything that connects to the Internet — from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.

 Should you change your Wi-Fi password?

No. This vulnerability does not affect the password to your router’s Wi-Fi network. Regardless of if your Wi-Fi network is password protected, this new vulnerability still puts your data at risk because it affects the devices and the Wi-Fi itself, not your home router, which is what the password protects.

Are hackers already exploiting this vulnerability?

Not yet. But as with many newly discovered vulnerabilities, it is only a matter of time before hackers find ways to exploit this weakness to their advantage.

 What else can you do to help protect you connected devices while waiting for a software update?

Keep in mind that it may take some time for the manufacturer of your devices to come up with a security patch. In the meantime, there are extra steps you can take to help secure your devices.

We strongly recommend that you install and use a reputable VPN such as Norton WiFi Privacy on all your mobile devices and computers before connecting to any Wi-Fi network. By using a secure virtual private network (VPN) on your smartphones and computers, your web traffic will be encrypted and your data will be safe from interception by a hacker.  A VPN creates a “secure tunnel” where information sent over a Wi-Fi connection is encrypted, making data sent to and from your device more secure.

Norton WiFi Privacy uses the same encryption technologies that leading banks deploy, so you can rest assured that your information stays secure and private. You can also browse anonymously and protect your privacy with Norton WiFi Privacy. You can mask your online activities and location with this no-log VPN that encrypts your personal information but never stores your online activity or location.

Additionally, only using HTTPS-enabled websites means your web traffic will also be encrypted by SSL and may be safer from this vulnerability. HTTPS browsing adds an extra layer of security by using encryption via the website you are visiting.


TOP TEN CYBER TIPS

By Ben Halpert, Founder Savvy Cyber Kids, an EarthLink partner

In the Digital Age we are spending an increasing proportion of our day in cyberspace and less time IRL (in real life). From shopping, dating and sharing, to learning, buying and teaching, our interactions with the virtual world are having a greater and greater influence on how we and others see ourselves, how we think and how we see the world and our place in it. Regrettably, there is not a virtual justice system ensuring that those who use the Internet for good are rewarded and that those who do otherwise face appropriate consequences.

As parents, we need to help our children grow up understanding that, as Thomas Friedman of the New York Times put it, “the internet is an open sewer of untreated, unfiltered information, where they need to bring skepticism and critical thinking to everything they read and basic civic decency to everything they write.” Friedman cited a Stanford Graduate School of Education study published in November 2016 that found “a dismaying inability by students to reason about information they see on the internet.

So, what’s a parent to do?

Savvy Cyber Kids, a nonprofit organization whose mission is to enable youth, families and school communities to be powered by technology, recognizes that children may be ‘Digital Natives’ but they are also ‘Digital Naives,’ who, without intervention, completely lack an understanding of the implications of their digital actions. Founded in 2007 by Internet security expert, noted speaker and author Ben Halpert, Savvy Cyber Kids provides cyber ethics resources for parents and teachers to educate children as they grow up in a world surrounded by technology.

Here are Ben’s Top Ten Parent Tips for Cyber Safety:

#1 BE INVOLVED

Do you know your child’s favorite game, app, or social media community (and it changes often!)? If not, ask them! Children love talking about what they do with technology. Now that you know their favorite app, game or social media community, ask your child who they interact with in those digital spaces. Just as you ask about who your child plays with at school, you should ask who your children’s friends are online.

#2 HAVE THE “TECH TALK”

Much like the “sex talk,” the first time you introduce the “tech talk” is an important parenting hallmark. Since giving your child access to an Internet-enabled device is like taking the front door off your house and inviting in strangers, children need to understand that the virtual world can be a dangerous place and that they need to take steps to keep themselves safe. Help your child learn to distinguish between the physical world and the virtual world. Explain to your children that the physical world includes their home, friends they play with in their neighborhood, at school and on sports teams they play on. Teach your children to see strangers as strangers. As your children get older, the “tech talk” continues to evolve and delves into greater detail the inherent dangers of cyberspace. Start the talk — and don’t stop talking.

#3 BE A SAFE RESOURCE FOR YOUR CHILD

Let your children know they can approach you if something upsets them online, if they realize that they made a mistake, and that you are always available for them to help them understand what they are experiencing. Ask your child if they had ever seen anything online or in a game that made them feel uncomfortable or strange. Or if anyone has said anything strange to them in an app or a game. Ask them if anything online has made them feel funny, hurt their feelings or confused them. If they make a mistake, resist the urge to have a merely punitive approach. Help them to make better choices and sustain their willingness to communicate with you.

#4 ENCOURAGE YOUR CHILDREN TO STOP. THINK. CONNECT. TM

Encourage your children to use critical thinking skills and pause when they are about update social media or take any action on one—then think about what they are about to do, before potentially posting or forwarding something mean or suggestive. As a rule of thumb, have them answer a question like: What would my mother think about this? Help your children to understand why authorship, sources and sponsorship can influence the truthfulness of what they see on the Internet. Challenge them to not believe everything they see and to search for proof before accepting information.

#5 TEACH THAT STRANGERS ARE FOREVER.

To your children, anyone that reaches out to them via an app, game, or social media community seems like a good person just wanting to chat. Yet anyone that your child meets online is a stranger, FOREVER. You can’t definitively know who this person is, if they are misrepresenting themselves or if they are safe to engage with. Ask your children if they have ever received a message from someone in a game or an app that they don’t know in the physical world. Talk to your children about the concept of privacy and how they should not share personal information like names, addresses or phone numbers, if their parents are home, family schedules, or what school they attend. Make sure your children understand that they should NEVER meet someone they met online, through an app, game or social media community in the physical world. NOT EVER.

#6 UPDATE EVERYTHING.

It is important for you and your children to update all devices and software on a regular basis and when notified by the manufacturer or creator. Anytime an update (often called a patch) is available, a fix was made to a known problem with that device or software. Perhaps there is a way for someone to remove all the information off a computer or device. Maybe there’s a way for someone to remotely turn on the video camera on your device and take inappropriate videos. In addition to keeping up with the latest patches, install (and keep updated) an antivirus product. Antivirus products can protect you from certain attacks. And yes, even Mac computers should have antivirus software too.

#7 UNDERSTAND TECHNOLOGY.

Read the privacy policy for each device, app, game, or social media community that your grandchild is using to learn exactly what information about your grandchildren is been collected by the company providing the service and what they can do with that information. Next, look for the available parental controls for each. Some apps, games, and social platforms offer options that can limit who your grandchildren can talk to you, as well as who can contact your grandchild. If there is an option to create private profiles, direct them to do so and talk to your children about not allowing people they do not know in the physical world to connect with them.

#8 SET SECURITY FREEZES FOR THE ENTIRE FAMILY.

The reality is that credit monitoring services are not enough. Someone can still open an account in your name and ruin your credit history. Encourage all of your family members to contact each of the three credit reporting agency’s (TransUnion, Equifax and Experian) and place a security freeze on your credit files. With the security freeze on your credit file, no one can open a new account (take out a mortgage, a car loan or other financial commitment on your behalf) unless they have your secret pin.

#9 ENABLE 2-STEP VERIFICATION.

Every account you and your grandchildren use is secured by user ID, such as a nickname or email address, and the password. This is done to prove that you are the person that is supposed to be accessing the account you were attempting to log into. Due to the increasing number security breaches, encourage your family members to take an additional step, beyond a complex password. Enable 2-step verification, a security measure that typically involves a text message being sent to your phone, a one-time code sent to your email, a call to your phone and/or the use of a verification app (sometimes called an authenticator app).

#10 CREATE A PARTNERSHIP WITH YOUR SCHOOLS

Encourage your children’s schools to support your digital parenting by merging cyber ethics lessons across all learning disciplines and offering age-appropriate cyber ethics programming for students, parents and educators.

__________________________________________________________________

Savvy Cyber Kids educates and empowers digital citizens, from parents and grandparents, to teachers and students. Sign up for their free resources to help you navigate today’s digital world with cyber ethics.