A couple of weeks ago, global media was abuzz with the news of iCloud hacking where hundreds of personal photos of celebs were hacked and publicly shared. With iPhone cloud storage being a popular option with most Apple device users, it’s but natural that the layperson is worried and confused. Even those using Android and Windows phones are wondering what this means and how this could happen.
Friends are baffled. They shoot a myriad of questions at me– What is iCloud? Exactly how has it happened? I store photos online, can they be hacked? What do I do?
A young friend confided that she has been trying to read up more on this online but is rather baffled by all the high-falutin terms being thrown around, including “brute force”; “social engineering”; “2-step verification”; “encrypted data’; “malicious user” etc. All she wants to know is (a) Is her cloud-stored data under threat (b) what she can do to ensure her account is more securely protected.
I suspect there are many more in the same sea, especially those who are scared off by anything tech. Already some mothers, whose teens own/use iPads and iPhones, have approached me for clarifications of their doubts. They want to know what’s safe and unsafe and what should they advise their children.
Is there any safety in storing data online and what tips should they give their teens?
Yes, it is still safe as long as you take the most basic but necessary precautionary measures. Storage without proper security is like locking up a safe and leaving the key around. The service providers will be working round the clock to offer maximum security, but you have to do your bit too. There is a reason why users are often referred to as the ‘human bug’ for they are the weakest link in the security chain. The user has to be careful, judicious and not too-trusting.
Consider the scenario: Your bank calls up to say that the system has been affected by a bug and they need to reset all user info. They will need certain details to authenticate your phone number and id. You believe and blindly answer questions posed to you.
You trusted the caller. You did not verify the reasons provided nor check back with the bank. So you will definitely be the main reason behind any future financial frauds you suffer, not the security system of your bank, get it?
This is called social engineering, a very popular way to obtain details from a person on account (social and financial), your date of birth, maiden name of mother, pet’s name, favourite holiday destination etc. Some of those personality quizzes you so love taking online are also designed to gather as much information on you as possible.
The user is therefore often the weakest link and therefore the user has to be learn and practice online safety.
Here’s what you should teach your child (and practice yourself):
- Strong and Unique Password: Be the owner of strong and long passwords. More than strength, the secret of a good password is its uniqueness. Don’t please include your full name and birthday or your pet’s name. Be origin, use a passphrase if you like. Use a password manager to store your passwords for you.
- Different passwords for different accounts: This is oft said but most unheeded. The login information for your bank account, your online storage account or your social media accounts must in no way be common. Don’t make it easy for the thieves to steal from you.
- Enable Two-Step verification on all online accounts: This is a very easy to implement safety measure that I follow and recommend. For eg, when I, or anyone else, tries to access my Facebook account from a different computer, I am notified and a verification code is sent to my mobile.
Similarly, for online banking, security questions/ OTP (One-Time Password) help protect your account from fraud.
Apple has also rolled out 2-factor authentication, use it.
- Disable auto backup: Sometimes you have a lot of photos and messages on your gadgets that you would not like to store. However, auto backup means all data gets stored. So if you delete them from your gadgets, they don’t get deleted from your cloud storage accounts. It’s a good idea to check your storage and do a cleanup from time to time.
- Free isn’t a good idea always: Ponder well before signing up for a free Cloud service. Will it offer max security without levying any charges? I would be doubtful about that. It’s a very good idea to read the T&Cs carefully before clicking on “I Accept”
- Think before you post/share/store: To McAfee’s security mantra of STOP.THINK.SHARE. I would like to add another word-STORE. Consider what you would like to stay online. You can consider an external storage device to store very personal content. And then keep it in a SAFE place.
This is what security firm McAfee suggests, “…users should avoid setting up passwords that are too obvious to be guessed by hackers. These passwords are “personal information, like your birthday, pet’s name, or a favorite color“.
Incidentally, McAfee LiveSafe is an award-winning product that covers all your gadgets and offers protection including Secure Cloud Storage, Password management, Identity protection and cross-device antivirus. Get it today!
Online data storage still continues to be a boon, regardless of the recent hack. Data is sent and stored in an encrypted format and requires secure tokens for authentication. This implies that it isn’t easy to access this data without access to proper credentials. Which in turn indicates that it is easier for hackers to acquire the login information of the users from the users themselves.
So lock up your data using your own, unique key and keep the key in a very, very safe place. And sleep soundly at night without worries J
Stay safe online folks!!