Internet Safety PDF

Summary

This document provides information on improving online security and discusses various aspects, including administrative security, technological security, safe browsing, and preventing online threats. It serves as a guide to online safety, covering topics like securing websites via HTTPS, using strong passwords, and practicing safe online behavior. The document also touches upon techniques to detect malicious code, such as using antivirus software to mitigate malware and phishing attacks.

Full Transcript

INTERNET
SAFETY
IMPROVING SECURITY
Given the trends in security threats and attack
technologies, a robust defense requires a flexible strategy
that allows adaptation to the changing environment, well-
defined policies and procedures, the use of appropriate
security technologies, and constant vigilance.

Administrative security
Administrative security consists of an
information security strategy, policy and
guidelines.
 An information security strategy
sets the direction for all information
security activities.

An information security policy is a documented high-level
plan for organization-wide information security. It provides a
framework for making specific decisions, such as an
administrative and physical security plan. Because an
information security policy should have a long-term point of
view, it should avoid technology-specific content and
include effective business continuity planning development.
Information security guidelines should be established
according to the information security strategy and policy. The
guidelines should specify regulations for each area related to
information security. And because the guidelines must be
comprehensive and national in scope, they must be developed
and delivered by the government for observance by
organizations.
Information security standards must be
specialized and specific so that they can be
applied to all security information areas. A country’s
information security strategy, policy and guidelines
should be in compliance with related law. Their
scope should be within the boundaries of national
and international laws.
Information security operation and process

1.Information security education and training programme – There are
many methods to improve an organization’s level of information security,
but education and training are the basic activities. The members of an
organization must appreciate the need for information security and
acquire related skills through education and training.
2.Strengthening promotion through a variety of events – Employee
participation is important in the successful implementation of information
security strategy, policy and guidelines. Information security should be
promoted among employees through various daily activities.
3.Securing sponsorship – While there may be high levels of information
security awareness among employees and they have a strong will to
maintain information security, support of the executive officers should be
obtained.
 Technological security

Prevention technologies protect against intruders
and threats at the storage or system level. These
technologies include the following:

1. Cryptography – Also referred to as encryption, cryptography is a process
of translating information from its original form (called plaintext) into an
encoded, incomprehensible form (called ciphertext). Decryption refers to the
process of taking ciphertext and translating it back into plaintext.

2. One-time passwords (OTPs)

3. Firewalls
4. Vulnerability analysis tool – In computer security, a vulnerability is a
weakness that allows an attacker to violate a system. Vulnerabilities may result
from weak passwords, software bugs, a computer virus, a script code
injection, an SQL injection or malware.

Detection technology is used to detect and trace abnormal states and
intrusion in networks or important systems. Detection technology includes the
following:

1. Antivirus – An antivirus software is a computer program for identifying,
neutralizing or eliminating malicious code, including worms, phishing attacks,
rootkits, Trojan horses and other malware.

2. Malware sand box system – A "malware sandbox" is a security system that
separates execution of programs, usually in an effort to mitigate malware
from spreading.
SAFE BROWSING
A secure website creates a safe
connection between the website and the
web browser so that entered data, such
as personal information, credit card
details, banking information, etc, is not
accessible to unauthorized entities. When
the browser opens a secured connection,
"https" can be seen in the URL instead of
just http. To know if a website is secure
or not, look for the locked yellow colour
padlock symbol on the lower right corner
of the browser window.
How do I know if a website is secure?
To know if your browser is viewing a secure web site, you can
look in the lower right part of the window. There is a small box in
the frame of the window to the left of the area that describes
which zone you are in (usually the Internet zone, with a globe
icon). If you see a yellow padlock icon, the web site you are
viewing is a "secure web site." If the box is empty, the web site
does not have a secure connection with your browser.
TIPS FOR BUYING ONLINE
I. Pay securely: Don‟t make any payment unless:
You are on a secure website, and
You can make a secure payment.
This will protect you against fraud and unauthorised credit card
transactions. A secure website address will always:
begin with „https://‟, not „http://‟
display the image of a closed padlock (usually in the bottom
right corner of your browser window).

Only make a payment if you can see both of
these things. Never give out your bank account
details, credit card number or other personal
details if you are not certain that the business is
a reputable trader.
TIPS FOR BUYING ONLINE
II. Know the business: Only buy from websites you know and trust.
Check that the company has a physical street address and
landline phone number. If the company operates from overseas,
you might have trouble getting a refund or repair.

III. Know the product: Make sure you check whether:
the product is legal
the product will work in your country
any warranties or guarantees offered are valid
within your country
the product has an authorized repairer nearby.
TIPS FOR BUYING ONLINE
IV. Check the contract: Make sure you read and understand:
the terms and conditions of sale
the refund policy
the delivery details
returns and repairs policies, including any associated costs.

V. Check the full cost: Be aware of the full cost of
your purchase. Additional costs may include:
currency conversion
taxes
postage and delivery fees
packaging
TIPS FOR BUYING ONLINE

VI. Protect your privacy: Only buy online if you
are comfortable with a business‟s privacy
policy. Do not give out information unless they
require it to complete the sale. Remember, if a
deal sounds too good to be true, it probably is.

VII. Keep records: Always write down any reference numbers and
print out copies of:
the order form (both before and after you confirm the order)
receipts (can come by email or in a pop-up window).
TIPS FOR BUYING ONLINE

VIII. Online auction sites: Most online auction
sites (like eBay) offer a dispute resolution
process for buyers and sellers. This should be
your first step to resolve a dispute if:
you did not receive the items you bought
you did not receive payment for items
you sold
you received items that were significantly
different from their description.
The eBay website has an example of this
facility.
CLEARING CACHE FOR BROWSERS
Your internet browser's cache
stores certain information
(snapshots) of webpages you
visit on your computer or
mobile device so that they'll
load more quickly upon future
visits and while navigating
through websites that use the
same images on multiple
pages so that you do not
download the same image
multiple times.
 SAFE BROWSING GUIDELINES FOR SOCIAL
NETWORKING SITES
Remember that social networking sites are
owned by private businesses, and that they
make their money by collecting data about
individuals and selling that data on,
particularly to third party advertisers.
When you enter a social networking site, you
are leaving the freedoms of the internet
behind and are entering a network that is
governed and ruled by the owners of the site.
 SAFE BROWSING GUIDELINES FOR SOCIAL
NETWORKING SITES
Remember that social networking sites are
owned by private businesses, and that they
make their money by collecting data about
individuals and selling that data on,
particularly to third party advertisers.
When you enter a social networking site, you
are leaving the freedoms of the internet
behind and are entering a network that is
governed and ruled by the owners of the site.
 SAFE BROWSING GUIDELINES FOR SOCIAL
NETWORKING SITES
Privacy settings are only meant to protect you
from other members of the social network, but
they do not shield your data from the owners of
the service. Essentially you are giving all your
data over to the owners and trusting them with
it.
If you work with sensitive information and topics,
and are interested in using social networking
services, it is important to be very aware of the
privacy and security issues that they raise.
GENERAL TIPS ON USING SOCIAL NETWORKING
PLATFORMS SAFELY
Always ask the questions:
Who can access the information I am putting online?
Who controls and owns the information I put into a
social networking site?
What information about me are my contacts passing
on to other people?
Will my contacts mind if I share information about them
with other people?
Do I trust everyone with whom I'm connected?
 GENERAL TIPS ON USING SOCIAL NETWORKING
PLATFORMS SAFELY
Always make sure you use secure passwords to
access social networks. If anyone else does get
into your account, they are gaining access to a
lot of information about you and about anyone
else you are connected to via that social
network. Change your passwords regularly as a
matter of routine.
Make sure you understand the default privacy
settings offered by the social networking site,
and how to change them.
GENERAL TIPS ON USING SOCIAL NETWORKING
PLATFORMS SAFELY

Consider using separate accounts/identities, or
maybe different pseudonyms, for different
campaigns and activities. Remember that the
key to using a network safely is being able to trust
its members. Separate accounts may be a good
way to ensure that such trust is possible.
Be careful when accessing your social network
account in public internet spaces. Delete your
password and browsing history when using a
browser on a public machine.
GENERAL TIPS ON USING SOCIAL NETWORKING
PLATFORMS SAFELY

Be careful about putting too much information into your
status updates – even if you trust the people in your networks.
It is easy for someone to copy your information.
Be particularly careful when integrating your social network
accounts! You may be anonymous on one site, but exposed
when using another.
Never rely on a social networking site as a primary host for your
content or information. It is very easy for governments to block
access to a social networking site within their boundaries if
they suddenly find its content objectionable.
Posting Personal Details
Social networking sites ask you for a
good deal of data about yourself to Ask yourself: is it
necessary to post the
make it easier for other users to find following information
and connect to you. Perhaps the online?
biggest vulnerability this creates for ⚬ birth dates
users of these sites is the possibility of ⚬ contact phone
identity fraud, which is increasingly numbers
common. ⚬ addresses
⚬ details of family
The more information about yourself members
you reveal online, the easier it ⚬ sexual orientation
becomes for the authorities to ⚬ education and
identify you and monitor your employment history
activities.
Friends, Followers and Contacts

The most important thing to understand is
what information you are allowing this
online community to have.
When using a social network account such
as Facebook, where a lot of information
about yourself is held, consider only
connecting to people you know and trust
not to misuse the information you post.

How many friends do you have in FB? or followers in IG or X?
Status Updates
On Twitter and Facebook and similar networks, the
status update answers the questions: What am I doing
right now? What's happening? The most important thing
to understand about the status update is who can
actually see it.
There have been many incidents in which information
included in status updates has been used against
people.
Teachers in the US have been fired after posting
updates about how they felt about their students; other
employees have lost their jobs for posting about their
employers.

How many friends do you have in FB? or followers in IG or X?
Sharing Online Content
If you share (or "like") a site that opposes
some position taken by your
government, for example, agents of
that government very might well take
an interest and target you for additional
surveillance or direct persecution.
If you want your contacts (and of course
the administrators of the social
networking platform you use) to be the
only ones who can see the things you
share or mark as interesting, be sure to
check your privacy settings.
Revealing your Location
Most social networking sites will display
your location if that data is available.
This function is generally provided when
you use a GPS-enabled phone to
interact with a social network, but don't
assume that it's not possible if you aren't
connecting from a mobile.
Be particularly mindful of location
settings on photo and video sharing
sites. Don't just assume that they're not
sharing your location: double-check
your settings to be sure.
Sharing Videos and Photos
Photos and videos can reveal people's
identities very easily. It's important that you
have the consent of the subject/s of any
photo or video that you post.
If you are posting an image of someone else,
be aware of how you may be compromising
their privacy. Never post a video or photo of
anyone without getting their consent first.
Photos and videos can also reveal a lot of
information unintentionally. Many cameras
will embed hidden data (metadata tags),
that reveal the date, time and location of
the photo, camera type, etc.
Instant Chats
Many social networking sites have tools
that allow you to have discussions with
your friends in real time. These operate
like Instant Messaging and are one of the
most insecure ways to communicate on
the internet, both because they may
reveal who you are communicating with,
and what you are communicating
about.
It is more secure to use a specific
application for your chats, which uses
encryption.
Joining and Creating Groups, Events and Communities

What information are you giving to people if
you join a group or community? What does it
say about you? Alternatively, what are
people announcing to the world if they join a
group or community that you have created?
How are you putting people at risk?
When you join a community or group online it
is revealing something about you to others.
On the whole, people may assume that you
support or agree with what the group is
saying or doing, which could make you
vulnerable if you are seen to align yourself
with particular political groups, for example.
RESOURCES

1.Pande, J. (2017) Introduction to Cyber Security
2.Academy of ICT Essentials for Government Leaders.
(2021). Information Security and Privacy