iCloud Hacking- What lessons Does It Hold For Parents Everywhere?

A couple of weeks ago, global media was abuzz with the news of iCloud hacking where hundreds of personal photos of celebs were hacked and publicly shared. With iPhone cloud storage being a popular option with most Apple device users, it’s but natural that the layperson is worried and confused.  Even those using Android and Windows phones are wondering what this means and how this could happen.

 Friends are baffled. They shoot a myriad of questions at me– What is iCloud? Exactly how has it happened? I store photos online, can they be hacked? What do I do?

A young friend confided that she has been trying to read up more on this online but is rather baffled by all the high-falutin terms being thrown around, including “brute force”; “social engineering”; “2-step verification”; “encrypted data’; “malicious user” etc. All she wants to know is (a) Is her cloud-stored data under threat (b) what she can do to ensure her account is more securely protected.

I suspect there are many more in the same sea, especially those who are scared off by anything tech. Already some mothers, whose teens own/use iPads and iPhones, have approached me for clarifications of their doubts. They want to know what’s safe and unsafe and what should they advise their children.

Is there any safety in storing data online and what tips should they give their teens?

Yes, it is still safe as long as you take the most basic but necessary precautionary measures. Storage without proper security is like locking up a safe and leaving the key around. The service providers will be working round the clock to offer maximum security, but you have to do your bit too. There is a reason why users are often referred to as the ‘human bug’ for they are the weakest link in the security chain. The user has to be careful, judicious and not too-trusting.

Consider the scenario: Your bank calls up to say that the system has been affected by a bug and they need to reset all user info. They will need certain details to authenticate your phone number and id. You believe and blindly answer questions posed to you.

You trusted the caller. You did not verify the reasons provided nor check back with the bank. So you will definitely be the main reason behind any future financial frauds you suffer, not the security system of your bank, get it?

This is called social engineering, a very popular way to obtain details from a person on account (social and financial), your date of birth, maiden name of mother, pet’s name, favourite holiday destination etc. Some of those personality quizzes you so love taking online are also designed to gather as much information on you as possible.

The user is therefore often the weakest link and therefore the user has to be learn and practice online safety.

Here’s what you should teach your child (and practice yourself):

  1. Strong and Unique Password: Be the owner of strong and long passwords. More than strength, the secret of a good password is its uniqueness. Don’t please include your full name and birthday or your pet’s name. Be origin, use a passphrase if you like. Use a password manager to store your passwords for you.
  2. Different passwords for different accounts: This is oft said but most unheeded. The login information for your bank account, your online storage account or your social media accounts must in no way be common. Don’t make it easy for the thieves to steal from you.
  3. Enable Two-Step verification on all online accounts: This is a very easy to implement safety measure that I follow and recommend. For eg, when I, or anyone else, tries to access my Facebook account from a different computer, I am notified and a verification code is sent to my mobile.

Similarly, for online banking, security questions/ OTP (One-Time Password) help protect your account from fraud.

Apple has also rolled out 2-factor authentication, use it.

  1. Disable auto backup: Sometimes you have a lot of photos and messages on your gadgets that you would not like to store. However, auto backup means all data gets stored. So if you delete them from your gadgets, they don’t get deleted from your cloud storage accounts. It’s a good idea to check your storage and do a cleanup from time to time.
  2. Free isn’t a good idea always: Ponder well before signing up for a free Cloud service. Will it offer max security without levying any charges? I would be doubtful about that. It’s a very good idea to read the T&Cs carefully before clicking on “I Accept”
  3. Think before you post/share/store: To McAfee’s security mantra of STOP.THINK.SHARE. I would like to add another word-STORE. Consider what you would like to stay online. You can consider an external storage device to store very personal content. And then keep it in a SAFE place.

This is what security firm McAfee suggests, “…users should avoid setting up passwords that are too obvious to be guessed by hackers. These passwords are “personal information, like your birthday, pet’s name, or a favorite color“.

Incidentally, McAfee LiveSafe is an award-winning product that covers all your gadgets and offers protection including Secure Cloud Storage, Password management, Identity protection and cross-device antivirus. Get it today!

Online data storage still continues to be a boon, regardless of the recent hack. Data is sent and stored in an encrypted format and requires secure tokens for authentication. This implies that it isn’t easy to access this data without access to proper credentials. Which in turn indicates that it is easier for hackers to acquire the login information of the users from the users themselves.

So lock up your data using your own, unique key and keep the key in a very, very safe place. And sleep soundly at night without worries J

Stay safe online folks!!

Is your teen using mobile banking facility?

Mobile banking is the new age smartphone revolution. While the computer and laptop brought the bank to our homes, the smartphone made it possible for us to take our bank along, wherever we go. So convenient it is that the global populace is rapidly opting for this method of banking.

Though mobilebanking is not strictly an issue that is related to parenting tweens and teens, it is nevertheless important for both parents and children to know its pros and cons. I realized this first hand when my son joined college. He was instructed to install a mobilebanking app on his phone to enable him to pay fees, hostel bills etc. I had to give him a rapid course on mobile banking safety. This brought to my mind the large number of children leaving home at 16 to pursue higher studies. These kids will be on their own for perhaps the very first time in their lives, managing their finances along with their academics. They will be aware of mobile banking but may not be fully cognizant of all the precautions to take. And it will be the parents’ duty to teach them that.

So if you are a regular user of the app, well and good, you know the stakes. But it sure helps to have a clear idea of the merits and demerits just so you can clarify your child’s doubts and provide him the right tools to help him stay safe online.

As I keep saying, this is the internet age and everything will soon become internet-oriented. It’s best therefore to know than to repent. Agree?

Now here are some simple DOs related to mobile banking:

  • Mobile Security software: It goes without saying that having the latest security software running on your computer is a huge safety measure. It actually safeguards your phone, your data and warns you if it finds anything amiss. Try the highly recommended McAfee Mobile Security
  • Auto-lock on: Keep your phone locked, with Wi-Fi & Bluetooth turned off, when not in use
  • PIN-protect phone: The 4-digit PIN to unlock your phone should not be an easily guessable set of numbers. AND never the same sequence you use for your ATM transactions
  • Strong Password: Use strong passwords for account login. A passphrase is a better option. AND don’t store your passwords on your phone or draft e-mails. Anyone with access to your phone will be able to acquire it eventually
  • Official app: Always download the official mobilebanking app from your bank’s homepage and use it
  • Security checks: Before doing financial transactions, ALWAYS ensure that the web address starts with https//: and NOT http//:. In addition, the green padlock symbol should be visible
  • Beware of Phishing attacks: Do remember that banks will never send unsolicited emails or text messages asking for personal details like date of birth, address or mobile banking password. Report such mails as Phishing mails. Contact branch in case of doubt.

Things you should ask your teen to do:

  • Use only the official apps provided by your bank
  • Don’t use an unlocked phone for carrying out banking or any financial transactions, as it might be running an untrusted software
  • Take printout of each transaction or save every message received.
  • Request your bank to send you monthly account summary and review them thoroughly
  • Give standing instruction to bank to send alerts on phone and email, everytime a transaction is carried out
  • Use only trusted and verified websites to do online shopping
  • Do not share mobile banking details with friends
  • Regularly check all apps running on your phone and uninstall those you don’t use or those that want permission to access a lot of data on your phone

 

For more tips, click here

STOP.THINK.CONNECT