Chapter 8 Internet Safety

Just like driving a car, there are inherent risks to using the Internet and doing data analysis on the cloud. These risks shouldn’t mean that you should always be fearful about your online safety, however, they should make you more aware that there are consequences if you are not cautious. Internet safety (or online safety) revolves around being knowledgeable about what these risks are, knowing how to deal with risks that arise when working online, and working hard to increase personal safety against security risks associated with using the Internet.

The goal of Internet safety is to maximize personal safety and minimize security risks. We’ll discuss the basics of this below, but know that there are people whose entire careers are dedicated to Internet safety, so this will simply touch on the basics.

8.0.1 WiFi

WiFi is the technology that enables you to wirelessly connect to the Internet. Computers, smartphones, video-game consoles, and TVs are among the many types of devices that are WiFi-compatible. As is often the case, increased access to the Internet comes with increased risk to network security.

8.0.1.1 Public WiFi

Completely-open and free public WiFi, or Internet access that does not require a password or a screen to login from is the least secure type of network. When connected to public WiFi, be extra vigilant. Avoid working with sensitive data while on a completely open and public network, and do not make online purchases while on this network.

8.0.1.2 Semi-Open WiFi

Semi-open WiFi networks are networks potentially open to everyone, but that may require a password (maybe one that is printed on your receipt at a coffee shop) or may require you to login by providing an e-mail address. When given the choice, opt to connect to these networks rather than completely-open public WiFi networks.

8.0.1.3 Password-protected WiFi

The most secure option, however, is when you connect to a password-protected WiFi network, so use password-protected WiFi whenever you have the option. WiFi at your home should absolutely be password-protected.

8.0.1.4 Use HTTPS Whenever Possible

The “S” in HTTPS stands for secure. So, what does HTTP stand for? HTTP refers to “Hyper Text Transfer Protocol.” You’re likely most familiar with these letters as being part of your website. When you type “www.gmail.com” into your Chrome browser, Chrome redirects you to “https://mail.google.com/mail/u/0/#inbox.” HTTP refers to how the data are sent from your browser (where you typed “www.gmail.com”) and the website to which you’re trying to connect (www.gmail.com). When the web address starts with https:// rather than http://, this means that the data sent over your Internet connection are encrypted. Encryption is a process that generates a message that cannot be decoded by anyone without a key. Thus, if someone were to intercept your encrypted data as it were transferred over the Internet, they may be able to intercept your data, but they wouldn’t be able to decipher the information, as they wouldn’t have access to the key. When a website is using encryption (https://), there will be a padlock to the left of your web address bar to indicate that the HTTPS connection is in effect.

When sharing sensitive information on the Internet (ie a credit card number or personal health information), it should only ever be done on a secure (encrypted) network.

8.0.2 Passwords

In the age of apps for everything and technology being everywhere, you likely have a lot of requests daily for passwords. While they may seem like an annoyance, using passwords, and importantly, using good passwords is worth the effort.

8.0.2.1 Strong Passwords

Strong passwords may be harder to remember, but that’s the point. You don’t want someone else to be able to easily guess your password.

Characteristics of Strong Passwords:

Use a combination of random letters
Use both capital and lower case letters
Include numbers, letters, and symbols
Disperse the letters and symbols throughout the password (not just at the beginning and the end)
Has at least 12 characters

What to Avoid when Creating A Password:

Avoid using names of you or anyone in your family
Do not include the words “Passcode” or “Password”
Avoid using sequential numbers (i.e. 123)
Avoid using your telephone number
Don’t make obvious substitutions to words (i.e. avoid simply replacing the letter “o” in a word with the number “0”)

8.0.2.2 Utilize Passwords

When given the option, use a password. Do not opt out of using a password to log in to your phone or your computer. When asked to set a password, do so, and make it a good one.

In addition to setting passwords, make sure you have multiple different passwords. Do not use the same password for all your most important accounts. If someone were to log onto your WiFi network, you wouldn’t also want that person to be able to gain access to your credit card, Gmail, bank account, and/or Facebook account. Use different passwords for different accounts.

8.0.2.3 When to Change Passwords

If your password was set by a third-party company (say your Internet provider), you should change your password right away.

Otherwise, it’s a good practice to change passwords to your most sensitive information (i.e. WiFi, credit cards/banking, etc.) at least every six months.

8.0.3 Good Internet behavior

On the Internet there are few basic guidelines to follow that will help you be a good citizen and help keep you safe. This list is surely not exhaustive, but it’s a good start. When online: * Don’t be a jerk * Never share your passwords * Think before you click * Don’t click on links sent to you from people you don’t know * Don’t click on links from someone you do know if it doesn’t seem like something they would send (i.e. an email with a weird subject line that doesn’t sound like them or a link in an email that says “Vacation Pix” when they wouldn’t normally send those pictures, wouldn’t use the word “Pix”, or haven’t recently been on a trip)

8.0.4 Online Scams

While we would love if everyone on the Internet behaved well (and most people do!), there are of course bad actors. To avoid getting caught up in an online scam, beware of:

people/websites posing as people from a trustworthy company who attempt to obtain your private information - emails asking for credit card numbers or passwords are scams
people who call and ask for passwords to accounts and who seem to know a lot about your family and claim to be from law enforcement. This is likely a scam. You can always hang up and call your local law enforcement directly to be sure.
people/websites offering prices that are way too low for housing or big purchases on the Internet. These are likely a scam.

8.0.5 Malware & Spyware

Finally, malware and spyware are software designed to be malicious. The goal of malware and spyware is to collect your private information (usernames, passwords, credit card numbers) without you ever knowing. This software often acts through e-mail or other software. By avoiding clicking on suspicious links and not downloading software with which you’re not familiar, you can avoid the issues caused by malicious software.

8.0.6 Security on a Chromebook

Because Chromebooks do not run a typically operating system, they are much more secure than other laptops. While explained in greater depth on Google’s support documentation, Chromebooks have certain advantages over other laptops when it comes to security:

Automatic updates - ensure that your Chromebook is never behind on security updates
Sandboxing - each web page runs in its own environment (sandbox), so if one page is infected, that page won’t affect other tabs or apps running at the time.
Verified Boot - every time the Chromebook starts up, it does a self-check to detect any issues with security.
Encryption - web apps on a Chromebook store all data safely in the cloud with encryption, making it resistant to tampering

8.0.7 Slides and Video

Automated Videos

Slides