Skip to 0 minutes and 13 seconds Security and privacy are personal issues. As we end this week, we’ll leave you with a discussion that I had with members of the course team around the strategies that we make use of from day to day. When I’m registering for a new account on a website somewhere, when I’m asked to create a new password, clearly it’s a bad idea to create the same one, to use the same one over and over again. And you don’t want to write the passwords down either. So an alternative is to use a password manager, which takes away all the worry of remembering all those different passwords but maintains them and keeps them secure.
Skip to 0 minutes and 50 seconds Charles, do have any other suggestions for what you would do to manage your risk? Yes. So in a similar way that you can use different passwords, I tend to use different email addresses. So at the moment, I’m usually managing around 15 different email addresses. And each email address will be associated with the level of security or for the level of sensitivity. So on a website I don’t really trust, I’m going to use a specific email address that if this one is compromised or leaked, it’s not a big issue. But for my bank, for instance, or for my work email, I’m going to use email addresses that are very sensitive in that they are not shared everywhere.
Skip to 1 minute and 30 seconds Another way that you can compartmentalise security is to use different credit cards for different purposes. One simple way to do this, which I like to do, is to use one card for domestic purchases and one for purchases abroad. That way it’s very easy to see yourself that an unusual payments appeared, for example, a payment abroad on your domestic card or a domestic payment on your card abroad. And it also makes it easy for the bank’s fraud detection algorithm as well. Yes.
Skip to 2 minutes and 0 seconds Picking up on that point, another example that I can think of is when you want to send some private information to a friend, for example your bank account number, then it would make sense to split it into two, send half of it via SMS and half of it by another app, like WhatsApp. That way if one of them gets compromised, you at least lose only half of your private info. So is it possible for communications to ever be 100% secure? That’s a good question. I think for me it’s about understanding what level of security and what properties each of these tools provide.
Skip to 2 minutes and 48 seconds So for example, if you’re using encryption, that means your communication is safe between the sender and the receiver only in transit. But that doesn’t guarantee what’s going to happen on the other side or it doesn’t guarantee if, indeed, you’re talking to the person you think you are. A good example of how that could be a problem is something that happened to me recently. I was staying at a hotel in Bangkok. And I’d made the payment securely over the website. For this payment, the end to end security was fine. However when the hotel received the payment, a receptionist simply printed out the details and stored them on a piece of paper in a folder in reception.
Skip to 3 minutes and 34 seconds So the online security was fine. But when the details got there, they weren’t secure at all. Yes. I think the key word here is trust. So how much do you trust the website or the services you’re communicating with? So if I do some purchases on Amazon or EBay, I tend to trust them very much because I know that they have mechanisms for refunds. If anything goes wrong, I can talk to someone and I know it’s going to be sorted out.
Skip to 4 minutes and 3 seconds But if I need to use a website on a far point in the world or a small website I never used before, what I want to do is, I don’t know, maybe search for this website plus some keyword like trust or fraud or incident. And if anything comes up, it can be a good signal that something wrong has happened in the past with this website. So that covers a lot of our interactions online. Is there anything that you would do to increase the security for your own personal data? Yes. I think you first have to understand what is the most sensitive data you have. I mean, you can have some music or video that might not be very sensitive.
Skip to 4 minutes and 45 seconds But for instance, I have to deal with exam scripts that are very sensitive. And for this, I will create a special folder on my laptop that I can encrypt. It’s very easy to do on most modern system. And I would only encrypt and decrypt this particular folder. If anything happens to my laptop, if it’s stolen or lost, then I know at least this particular sensitive information is secure. Another thing that’s important to think about when it comes to personal documents is the balance between security and reliability. In some cases it may be more important that you have access to the document than stopping other people from having access.
Skip to 5 minutes and 21 seconds So then you need to also think about strategies to do with backups, both for the data and the passwords, even if that slightly reduces your security. So those are some of the things which the course team do to increase their security. There may be things that you do as well. Why don’t you tell us about them.
Staying safe online: personal perspectives
As we reach the end of this week we will leave you with a conversation between some of the course team about how they stay safe online.
We will see you next week when we explore online payments with the help of our colleague Dr Martin Emms.
Before you move on, you might like to check your progress, and ensure you have marked all of this week’s steps as complete.
© Newcastle University