The Notion of Security on the Internet

How do we define security? How do we ensure security on the Internet?

It differs in various colors among the different groups of people. The Internet is a grand hub of people from every walk of the society and from all over the world. If we consider how the common society perceives Internet security, the most common ideas we run into are, maybe not limited to, email account hacks, stolen credit cards, or social network account hacks. It is natural for people to perceive what they see. Therefore, a friend’s email account is sending funny emails, some transactions on your credit card which weren’t by you, or someone posting random stuffs on Facebook which they usually won’t are the perceptual notions of Internet security.

Unfortunately, this isn’t the end of it. Security and privacy on the Internet lie more behind the scene, much more than what can be seen. Predators on the Internet are prying on your personal stuffs, which you aren’t aware of. Child pornographers are saving your kid’s photos from your publicly accessible Facebook album photos. Your online profile is being used for committing online crimes which you don’t even know exist. Your email address is being used to send spam emails and thieve personal credit card and account information from numerous naïve users. Your online identity is being used by criminals and perverts to represent deceitful profiles. The list goes on for too many to mention.

The funny thing is that all of this happens because you allow it. Yes, it is us who allow such things to happen. The digital identity is a prized possession. Do not misuse it. Your current job, your future job, your credit lines, banks, loans, kids, spouses, friends, family, everyone is at the stake of being a victim, only because you are not careful enough.

So, the question remains: How to ensure secure practices on the Internet? Let’s consider the most basic criteria, passwords.

• Do not share passwords with anyone.
• Do not use ‘1234’ or ‘asdf’ (keyboard sequence) or similar naïve passwords.
• Try not to use the same passwords for all of your web accounts. An easy way to do it is to append the website name at the beginning, middle, or end of the common password that you use. For example, for Hotmail, hotmailfunnypass, funnyhotmailpass, or funnypasshotmail. The same password, for Google, can be, googlefunnypass, funnygooglepass, funnypassgoogle.
• Do not try to use ‘too’ complicated passwords either. Eventually, if you are not used to it, you’ll forget, and then prompt for a password reset, and then you’ll again go back to your older ‘simple’ passwords.
• Try to have small character, caps, numbers, and special characters in your password. An easy way to do is to only remember when you are holding the “shift” button so that you alternate between small and caps, and numbers and special characters.
• When enlisting the secret questions and answers, try to put in something which is not the exact response to the questions. For example, “What is your elementary school’s name?”. A friend of yours, or your cousin, is highly probable to know this info. So, put in the answer as something else. Maybe the name of your pet dog. A good way to remember what you answered is by selecting the 2/3 questions, and then put the answers in different order. That’ll help you remember the responses.
• Before you try to sign in into any of your web accounts, always look at the corner of the browser’s address bar. Does it have a lock symbol on it? If it does, it means that this is a verified and secure (HTTPS) connection. Most, if not all, service providers have HTTPS connections. So, in case you received a phishing email, before you try to sign in into the phishing website, verify the lock symbol. You can also click on it to see the server-side certificate.
• Take this little effort to type in your password instead of prompting for saving all of them on the browsers. Just to give you the picture, go to your Google Chrome browser and click on the menu on the top right. Go to settings, and then to Show Advanced Settings. Beside the “Passwords and forms” option, click on “Manage passwords”, and there you go, all of your saved passwords for all of your accounts! Now imagine that you naively trust someone with your PC and let them use it. It is as simple as that to get a password for any of your online accounts!
• Use an account password for the PC/Laptop and always remember to lock the screen EVERYTIME you get up from the desk. The same applies for mobile phones, given that everyone is using the same online services from the smartphones. Statistics show that 89% of unattended smartphones are compromised! So, be careful, and use a sensibly secure pattern/PIN for your phone.
• Do not post private information if you do not have the time and patience to manage the privacy policies in social networks. No one is interested to know your private day-to-day details, other than your closed ones, or a stalker. The closed ones can be reached over other possible means. Remember, whatever you post, can NEVER be deleted from the Internet.
• Maintain two email accounts: one for personal and important task-oriented communication, which you would end up using more, and a second one, for not so important and other “random” stuffs, including social networks and subscriptions. This helps you maintain a personal wall of abstraction from the public reachability from strangers on the Internet.

So, the take-away from the write-up, is that, your insecure practices on the Internet will harm you as well as the people around you. Secure practices do not require a high level of knowledge, but rather a wakeful usage of your credentials and private information.