DIM-00 Course Introduction

Introduction to The Digital Identity Management Course

We all use digital tools and services. Whether we use bank cards, smartphones or computers, we are exposing ourselves to way of storing, presenting or sharing information that can put us at risk.

The risks we face in the digital world are an extension of the risks we face in the physical world. Information in the wrong hands can lead to our identities being used by others for various reasons. Perhaps simply to get access to services we have access to, or perhaps for malicious purposes, reputational damage or financial advantage at our expense.

There are many ways in which we can reduce the risks of participation in a digital world. This course not only presents the risks, but also what we can do to minimise the risks.

What do we mean when we talk about our identity? How many identities do we have? How can we manage our identities and ensure we are in control of how we are represented in the digital world?

Digital Inclusion, in collaboration with the University of the Western Cape (UWC), developed this course and have established an online portal for facilitators to access.

A number of topics will be covered to help you, as a potential trainer, achieve the learning outcomes of this module. It is important to study each of these sections to ensure that you expand your knowledge in the subject. If you are a facilitator, you must be able to present on each of the sections when conduction public sessions.

 

Section 1 Privacy and security in a digital world
Section 2 Introduction to digital identity management
Section 3 Introduction to identity theft
Section 4 Bank card risks and prevention
Section 5 Device and application risks and prevention
Section 6 Network risks and prevention
Section 7 Service provider risks and prevention
Section 8 Data risks and prevention
Section 9 Information risks and prevention
Section 10 Password risks and prevention

Each section has a main page and one or more sub-pages with content to review.

DIM-07 Service Provider Risks and Prevention

Facebook, WhatsApp, Instagram, google drive and email applications are example of services we may use regularly. We may take it for granted that our information is in safe hands, without giving a thought to the risks of using internet hosted services.

What risks are there in terms of our private and confidential information falling into the wrong hands?

DIM-06 Network Risks and Prevention

With us using more mobile devices, we are on the move and want to connect to the internet where we can.

Using public networks is an affordable way of getting to our internet services. Are we exposing ourselves to risks when doing this? How can we protect our information when mobile and connected?

Our devices support multiple types of network connections. Bluetooth is an example of personal connections and is often used for transferring information between friends. How does this put us at risk?

DIM-09 Information Risks and Prevention

Any information that may assist in better profiling you is gathered by persons wishing to exploit you, or people you are connected with.

Learning more about you enables another person to better emulate you, and even replicate your authenticators through analysis, guesswork and deduction. Working out your passwords, answers to security questions, and information relating to your family, friends, associates and interests.

Where you go, where you shop or work may be tracked through monitoring and analysis of location data. What you post about yourself, or share in your online profiles, provides information threads to follow.

DIM-01 Privacy and Security in a Digital World

Lesson Overview

With the development and acceptance of information and communication technology and services over the past decades, we are all in some way living and participating in a digital world. As we have been brought up, coached and guided to effectively live in the physical world, so too do we need to conduct ourselves in the modern digital world.

This new world raises questions about privacy and our rights as citizens. What is privacy? What information is considered private? As we actively engage in a society and an economy which is increasingly digital, can we do so with a sense of trust?

Every morning we get up and face the realities of a physical world. We eat, drink, sleep, commute and interact with others. We gain access to and use services we are entitled to use once we have satisfied the service provider that we are who we claim to be – we do this by presenting our physical identity credentials. We need to protect our identities to ensure we can continue to use services and that no one else can claim to be us and act on our behalf. We look after our personal and business reputations as we engage with others by managing our behaviour, and by being conscious of what we do and what we say or share with others.

Every day, we exist in, and have to deal with, the ‘realities’ of the digital world. We use our smartphones, or computers to login, receive and respond to emails, interact with others online using instant messaging, chat rooms, blog posts and participating in online forums. We login to get access to and use online services we are entitled to use once we have satisfied the service provider that we are who we claim to be – we do this by presenting our digital identity credentials. We need to protect our digital identities to ensure we can continue to use digital services and that no one else can claim to be us and act on our behalf, just like in the physical world. Similarly, we look after our personal and business online reputations as we engage digitally with others by managing our behaviour, and by being conscious of what we do and what we say or share with others.

Time Estimate

30 minutes

DIM-08 Data Risks and Prevention

Data is captured, stored, transferred between systems and shared in various forms. Database records, documents, images, audio and video recordings are all examples of data stored on your devices as well an on service provider systems.

The key question is who has access to this data and how is it protected from unauthorised access?

DIM-10 Password Risks and Prevention

We all use passwords to protect our devices and information. Whether we are simply accessing our device, accessing specific application services, and even when opening certain files, we are expected to use passwords. The problem is that we end up having multiple devices, applications and services, each requiring a password, and it becomes difficult to manage.

If we can think of ourselves having multiple identities, each with their own authenticator/s, we can then consider how important it is to plan and manage our identities we use to access each of our devices and services.

What strategy can we take to ensure we can manage all our identities simply, without sacrificing the purpose of securing them?

DIM-05 Device and Application Risks and Prevention

With us using more mobile devices, we are on the move and want to connect to the internet where we can. Devices are at risk of being lost or stolen. There is also a risk of our devices being accessed by others and that they may gain access to applications and data.

Using public networks is an affordable way of getting to our internet services. Are we exposing ourselves to application risks when doing this? How can we protect our information when mobile and connected?

DIM-04 Bank Card Risks and Prevention

Today, we carry ‘cards’ for many purposes. We may have a VISA or MasterCard card linked to our bank, a SASSA card for social grants, or other specific transaction cards. To what extent are we at risk if a card is stolen? Is there enough information on the card for it to be used without further controls?

What are the risks faced in terms of using bank cards and how can we minimise or mitigate those risks? How do we secure our bank cards and ensure they cannot be used by others?

DIM-03 Introduction to Identity Theft

Why are we concerned about securing our identities

Why would anyone want to steal my identity? What would their motives be? As we embrace online services, more of our personal information records are stored online. As a result of pervasive networks and online application services, information can be leveraged for a variety of reasons. In the wrong hands, our information can be used and result in financial losses, reputational damage, and loss of service benefits. Our information is of value to us, but also to others.

If our identities are the keys that authorise and grant access to services, it is important that we protect them.