ML-05-03 Managing the Risks

As with all things, benefits sometimes come with some risks. Being active in the digital world gives us many benefits. We need to be sure we understand and manage the following risks to the best of our ability:

  • When we connect to the internet, our computer or mobile device is now given an address on the internet. This address can be targeted by others to gain access to our devices and extract information, or even do malicious damage to data and applications on our device.
  • When our applications exchange data with web servers, and web service applications, the data goes across the internet, over many networks, and through many network nodes. While on their journey, the contents of our data could be inspected, and even changed if the data is not encrypted.
  • Data on our devices can be accessed over local networks like Bluetooth connections and Wi-Fi connections if we careless about the use of our device. Only turn on the network services when you are going to be using them.
  • Having an email address, and a phone number, means that we can be targeted by unwanted emails or messages. Always be cautious if emails request personal information or appear to threaten that action is to be taken against you if you don’t follow instructions. Askyourself if there is any reason you should be receiving the email, and if not, delete the emails without responding.
    • Bulk emails that promote products and services can be sent to your email address. While these are not malicious there are considered as Spam. Senders of these emails get you email address without your consent. While there is a consumer protection act, and other information acts that offer protection of personal information, it is sometimes difficult to stop these emails.
    • Persons with malicious intent may send us emails or messages, pretending to be someone we know, or pretending to be someone from a business we deal with. These emails or messages ask us to take action, share information etc. and give us a link to follow. These false requests are called Phishing emails.
  • Other people can get physical access to our device and use our applications to access our services and data. This could be quite dangerous as they appear to be us when they use our application that are connected to our web services like email, social media etc.

Minimising Risks

There are a number of simple things we can do to make our experience as a digital citizen less risky:

  • The first thing we should do, is use our mobile device to auto-lock after a period of inactivity and force the entry of a secure password or proof of identity to become active again. This means that if someone else picks up your phone, or finds it when lost, they have less chance of accessing your applications, internet services and your information records.
  • Always use secure password that are not easy to guess. 8 or more characters, combining numbers, alpha characters upper and lower case, symbols etc. Do not use patterns of numbers or characters, birthdays, names etc.
  • When accessing websites always check that they use encryption to send and receive data. You will see https://in the address or a lock symbol showing that transfers are secure. All banks, and other sites that expect you to share information of a personal nature use secure transfers. If a site shows address containing http:// or has no lock, be cautious and don’t share any important information.
  • Only share personal information when you have requested the interaction. Don’t respond to emails asking for confirmation of your ID, bank details etc. No banks will ever instruct you to do this.
  • When not using the internet, or sharing information with others over Bluetooth or Wi-Fi, we can disable connections. This not only helps from a security perspective, but also extends the battery life of our device.
  • When accessing Wi-Fi and other public networks, avoid doing high risk activities like online banking.

These are some basic guidelines. Use Google Search to find out more about how to protect yourself when working on the internet, using email, and other web services.