Tag: education

Will the Internet Ever Be Safe?

No.

No, the internet will never be safe.

Erik Saas recently posted commentary on the Sony PSP security breach and how almost immediately after correcting the security hole, another breach was created.

The bottom line here is that the internet will always have security breaches and safety issues. This is primarily a result of two issues:

1. Criminals work at hacking into systems after those systems are created. The builders of the systems can only use the latest system tools and best practices to prevent known types of security threats. They do their best using algorithms and modern techniques to attempt to proactively restrict/reduce potential threats. However, criminals can then develop new ways to compromise these systems. So, the onus is then on the architects to go back and provide patches.

2. Not all systems will be engineered to be perfectly safe. It is too expensive. Companies have to strike the right balance between safety and cost. To lock down certain systems, they might otherwise have to restrict access or features, or even add additional tools, such as software and hardware. These costs can quickly add up, meaning that things you take for granted such as free online gaming, free banking, and other services might not be free.

Education is the key to success. Computer safety is still not taught at any level in the public education system (K-12 or higher ed), with the exception being higher education programs that focus on computer-related majors. This is due to educators not being savvy enough to update scholastic programming, and the fact that most educators don’t understand proper computer safety anyway. The result is that the overwhelming majority of adults don’t understand phishing emails, what the “lock symbol” means in their browser, or that a pop-up add saying “you have a virus” is really just an advertisement.

Until education catches up with modern computing, the criminals will continue to have the upper hand, regardless of how much time and resources are put into locking systems down like Sony’s PSP.
Social Media Policy & Education: Case Study of Australian Defence Ministry

Erik Sass at MediaPost reports that the Australian Defence Ministry is revisiting (investigating) how it should govern social media in light of several recent incidents involving a number of personal, including homophobic remarks in a public forum, streaming sexual encounters without consent, and so on.

This brings to light the fact that probably 99% of the service members are not using social media improperly; it’s just a select few bad apples – clearly spoiling the bunch though. This demonstrates that you need a strong social media policy so that members in your organization know exactly what they can and cannot do; and how to understand and address things construed as “on the fence”. It also underscores how important it is that when launching a social media policy, it absolutely must be accompanied by education. If your employees don’t understand the policy, and you don’t train them to do so, then the policy will be unsuccessful at protecting your organization. However, swift and stern handling of incidents should also be performed to demonstrate that the policy should not be taken lightly.
Social Media Targeted by Malware Threats
From MediaPost:

In 2010 Symantec identified over 286 million varieties of malware, which carried out a total 3.1 billion attacks on computers around the world, with the number of attacks conducted over the Web increasing 93% from 2009. Facebook is obviously one of the main targets, and Symantec illustrated the chinks in Facebook’s security armor with an app (created using Facebook APIs) that lets hackers see personal information on profiles which are supposed to be closed to the general public.

The bottom line here is that as new technologies emerge, so too, will those who exploit them. You cannot rely solely on the security companies to protect you. We must educate users – starting at a very young age. Education must include topics such as:
- sharing information
- posting information
- phishing techniques
- trust
- common scams
- malware
- attachments
- device security
- password security
- and so much more…
As you can see, it’s not a “30 minute conversation”, or a piece of software you buy at OfficeMax for $29.99. Rather, its education, that will protect the end user. And, the bottom line is that schools are not teaching this properly, and it has to change, because the technology will continue to evolve, exposing users to new types of threats each day.

Tag: education

Will the Internet Ever Be Safe?

Social Media Policy & Education: Case Study of Australian Defence Ministry

Social Media Targeted by Malware Threats