Explaining Technology Security to Parents

IMG_4938-editAs a parent in this Internet of Things (IoT) age we have to find a balance with allowing technology in our homes and protecting our kids from the dangers of being connected online 24/7. A new series of blog posts I will be writing about here at St. Louis Dad will be all about security and how it relates to technology and parenting.

With everything being connected to the Internet it is important to understand the potential risks involved with being connected 24/7 with the devices you and your children use everyday.

Each post will highlight a particular technology and will hopefully be explained in plain English for any parent to be able to understand how that technology works and why it is important to know about it. I will be providing tips on how you can keep your devices secure and functioning to their full potential. This will not be a fear based series of posts, but more along the lines of an informative and example based type of post. While it may seem scary, fear not as the topics are important and are more for education rather than trying to get you to throw out your gadgets.

There will be some new terminology that you may not be aware of. Don’t get yourself frustrated over complicated terminology. Some of those words will be defined in each post as I continue on with this series. At the end of each post will be a list of words that will be clearly defined.

The first topic that I will be discussing in my next post in this series will be about PII and what can be considered PII. What is important for many parents to know is that their child’s personal identifiable information is worth more to a hacker or scammer than an adults. This is because the info is new and the kids are young. So before they even know what a credit card is they could already be signed up for 15 cards by a hacker. A 9 year old isn’t going to know to check their credit report for fraudulent activity. So the hacker gets away with it for much longer than say if it were yours or my info.

So I will be getting into topics such as this and will expand in them as much as possible. I think the information could be helpful and if you have any particular topics or questions you would like me to field then just drop a comment below.

Finally, before I get to your parental homework (it’s easy, I swear)… Let me mention one more thing that I feel involves not only your children’s security but also your own. Congress is working towards modifying Rule 41 to allow local law enforcement to “hack” into your computer legally. This will have a huge negative impact on many technology applications and devices we all love and use everyday. We need to be sure to stand together and make sure congress knows that we will not stand for this. We need to stop the modification of Rule 41 and EFF.org has a few ideas on how you can help.

The EFF (Electronic Frontier Foundation) has pointed out some of the biggest issues with modifying Rule 41. Here are the biggest takeaways.

  • Government agents hacking into computers more frequently is a recipe for disaster. Law enforcement will increase their exploitation of security vulnerabilities in common software products, meaning vulnerabilities that could affect millions will be left open instead of patched.
  • Law enforcement will forum shop, finding government-friendly magistrate judges to sign off on warrants with a loose connection to the judicial district.
  • Law enforcement will pressure judges to sign off on remote searches of thousands of computers with a single warrant—a direct violation of the Fourth Amendment and a pattern we’re already seeing.

rule-41-banner4

Parent’s Homework

Definition of PII
PII (Personally Identifiable Information) – or Sensitive Personal Information (SPI), as used in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. PII can be sensitive or non-sensitive. Non-sensitive PII is information that can be transmitted in an unencrypted form without resulting in harm to the individual. Non-sensitive PII can be easily gathered from public records, phone books, corporate directories and websites.

Sensitive PII is information which, when disclosed, could result in harm to the person whose privacy has been breached. Sensitive PII should therefore be encrypted in transit and when data is at rest. Such information includes biometric information, medical information, personally identifiable financial information (PIFI) and unique identifiers such as passport or Social Security numbers.

Take a look around your computer, if you search your social in your computers local search box will you find it? How about health records or any other PII type of data? Do a few local searches so you can feel comfortable looking up this information on your computer. When I say search, do not search Google or Bing. Use your local search box. Don’t know where to find it? Just hold tight and I will cover all things PII in my next post.

search-screen

Definition of Internet of Things (IoT)
The Internet of Things is a proposed development of the Internet in which everyday objects have network connectivity, allowing them to send and receive data. “If one thing can prevent the Internet of things from transforming the way we live and work, it will be a breakdown in security”.

Think of anything that has access to the Internet or cloud for it to function. Your SmartTV, Amazon Echo, a Nest thermostat. Devices like that are all considered Internt of Things. These devices are our future and IoT will only be included more and more. A consumers we need to demand security on these devices. Real security and not a plain text password.

Extra Credit: Know Your Apps
Your child may have hundreds of apps on their phone. You may not have heard of any of them, but you should. There are some apps that have hidden features that could potentially enable your child to hide data from you. Take some time to go through your child’s device and write down all of the apps that have been installed or better yet purchased. Some apps that may have been installed may not longer be on the device, but they are still tied to an account, so knowing what has been installed along with what is installed will be super helpful as I continue this series.