Much of online education directed at students focuses on internet safety and privacy – and rightfully so. But it’s important that equal attention be directed towards teaching the next generation how to keep their accounts and identities safe online.
That starts with helping them know how to spot the most common scams and threats, and sharing what preventative measures they can use to reduce their risk.
The first week of school is the perfect time to introduce students to online security. As they get acquainted with school devices and set up new accounts it’s a great time to talk about risks and how they can be proactive about avoiding them. But security should be an ongoing conversation. Invite your students to approach you with any questions they have about security – if you don’t know the answer you can always find out together with your student.
Security should be an ongoing conversation.
Create a positive space for students so they feel safe sharing threats they’ve encountered, and even scams they might have fallen for. Talking about how they faced or avoided these challenges can be a learning opportunity for the whole class.
Identifying common threats
There’s no shortage of scams on the internet. Making students aware of what to watch out for helps protect them as they navigate digital spaces. Some of the most common threats include:
Social engineering manipulates people into sharing their secrets, like passwords, logins, and payment information. An attacker leverages human psychology and people’s emotions – like fear, trust, and anxiety – to deceive victims and steal their information. We’ve previously talked about the different types of social engineering attacks in our Hacking 101 series.
Phishing is a social engineering attack that involves sending fraudulent communications, usually emails or text messages, to trick the recipient into sharing sensitive data or information. To learn more about phishing and how to protect against these attacks, check out the “What is phishing?” post on our blog.
There are billions of stolen passwords floating around the internet from past data breaches. Reusing passwords, or using easily guessable passwords, leaves people vulnerable to brute force attacks. A brute force attack tries to guess a person’s login information by trying various combinations. Having strong, unique passwords for each account greatly diminishes the risk of a password attack succeeding.
Malware is a malicious software that can be used to steal data or corrupt software. Common malware includes viruses, ransomware, and spyware. Some malware looks like a legitimate app, which can result in students accidentally downloading it onto their device. Encourage your students to avoid downloading unfamiliar software or plugins, especially on their school devices.
6 security tips to teach your students
Keep devices and apps updated
While device updates take time, it’s important they’re done sooner rather than later as many are security updates patching known exploits. So, whether it’s a school issued laptop or a personal smartphone, your students should update their devices as soon as possible. Switching on automatic updates is a good idea as they won’t miss important updates and they won’t have to remember to keep checking for available updates.
Use caution when choosing apps
There’s an app for everything, but not all apps are made equal. When it comes to functionality, privacy, or security, some apps leave a lot to be desired. Firstly, encourage your students to stick to software from the App Store/Play Store/Mac App Store wherever possible, as Apple/Google/Microsoft vet what’s added to them.
Teach your students to check who developed an app before they download it.
Secondly, teach your students to check who developed an app before they download it. If an app is by a well-known company, it’s probably trustworthy, whereas if you’ve never heard of the developer, it helps to do a bit more research before downloading.
Be mindful of what is shared online
Online privacy and security go hand in hand. Privacy is about protecting your students’ identity, while security is about protecting their data. By encouraging strong privacy controls in your students' online life, they can significantly reduce the risk of their data being compromised.
Use a password manager
While we encourage young people to share, passwords aren’t included in that adage. Every account should have a unique, strong password protecting it. A password manager like 1Password remembers all the passwords so your students can focus on remembering their lessons!
Enable multi-factor authentication
Many websites and apps encourage two steps of verification to sign in these days. The password is something they know, and the multi-factor authentication (MFA) relies on something they have – typically a device or app that provides a time-sensitive code to verify the sign-in. By turning on MFA for all accounts, your students will be able to stay more secure than just using a password. 1Password acts as an authenticator, and stores and recalls codes whenever they’re needed.
Be aware of the physical element of security
When it comes to protecting yourself online, there’s also the important step of physically securing your devices. Encourage your students to lock their devices – laptops, smartphones, tablets, etc. – when they leave them unattended. Otherwise, anyone can access whatever is unlocked on their device.
On that note: Teach your students to be careful who they share their devices with. They might trust their parents, but loaning a device to an acquaintance they don’t know well or letting someone “look something up quickly” could have consequences.
Don’t forget to follow your own advice!
Helping your students identify common security threats and how they can protect against them will set them up for success. But don’t forget to follow your own advice, and keep yourself protected as well!