Lack of information security awareness amongst children

Lack of information security
awareness amongst children
Dr MZ Ramorola
24 November 2010
Introduction





Information security – the protection of information and information
systems against unauthorised access of information (Luzwick, 2000;
Bar, 2008).
Information security management standards are among the most
widely used methods of security management. These standards focus
on ensuring that certain information security processes or activities
exist.
they are unconcerned about and fail to give advice on how these
security processes can be accomplished in practice.
It is however, not important that something is done, but what really
matters here is how well it is done.
We all know that users, including children should follow information
security procedures. The real problem here is how we actually ensure
children do in fact follow these security procedures.




Users are not well informed about security issues, they are
often told as little as possible because security department see
them as “inherently insecure” (Adams & Sasse, 1999).
One of the best practice of information security is to promote
awareness to all individuals who have access to the information
systems.
Furthermore, children should be educated and trained in
various aspects of information security to help inform how
systems are run and how to develop and apply information
security controls.
they should be provided with guidance to help them understand
the meaning of information security; the importance of
complying with the information security policy; and their
personal responsibilities for information security.
Children (digital kids, N-gene, 21st
century generation, YouTube)

Today’s children has grown up in a new digital
landscape. For most of them, there’s never been a
time in their lives when computers, digital video, cell
phones, video games, the Internet and all the other
digital wonders that increasingly define their world
haven't surrounded them. Constant exposure to
digital media has changed the way they process,
interact and use information (Jukes, 2008).
Risks children encounter online





The majority of children have access to the Internet and related
communication technologies such as cell phones, facebook, mixit,
twitter, etc.
While the internet is fundamentally a great place for children, there are
some areas of cyberspace that are not appropriate.
It is important to inform children about the types of risks that they may
encounter on the Internet.
These can include a heterogeneous set of intended and unintended
experiences which increase the likelihood of harm to the internet user:
content risks, contact risks and conduct risks (Jukes, 2008).
Risks can be accepted, mitigated or transferred, but they should never
be ignored.
Information theft






The right of individuals and organizations to deny or restrict the collection and
use of information about them (Shelly et al, 2008).
Children may unknowingly or deliberately share personal information without
realising they may be subject to identify theft, or that they are leaving behind
content that might not reflect well on them in future.
There are many ways children can lose their privacy on the Internet, e.g.
disclosing the address, telephone numbers, or even names to a stranger.
If children are in Facebook, they think that it is a closed room, so they
exchange information. Children need to be aware that it is not private.
They should not give their personal information such as IDs, family member
information to strangers. This can be dangerous as financial information
(Gerson, 2010).
To protect their information on the Net they may implement the user ID or
encryption codes (Shelly et al, 2008).
False information from advertisers, informal
web sites, newsgroups and chat areas



The most dangerous places on the Internet are chat
rooms, newsgroups and e-mail programs where kids
can disclose information about themselves.
Kids need to understand that not everything they see
on the Net is true, just as with print, TV and other
media, it is important to consider the source and
think for themselves (Magid, 1999:1).
Not all of the information on the web is placed there
by reliable sources (Shelly et al, 2008).
Fundraising and marketing



Sometimes companies and organisations collect
information about children for use in marketing,
fundraising, and other activities.
Children should be instructed not to give out
personal information to web sites of companies and
organisations, even if they have heard of them or
have good feelings about them.
They have to check first with their parents before
revealing their information.
Pornography



Child pornography consists of photographs, videotapes, magazines,
books, and films that depict children in sex acts, all of which are illegal.
These include some child nudity, simulated sex involving children and
material that is computer-doctored to look like child porn (National
Coalition for the Protection of Children and Families, 1999).
Child pornography is frequently exchanged via the Internet, and sexual
predators can use the site to try to reach out to children for sexual
purposes.
To avoid this, teachers and parents must make a priority to supervise
children on the Internet. Filtering programs can also be employed to
keep children out of the inappropriate site.
Software theft



Software theft takes many forms – from a child
physically stealing a CD to intentional piracy of
software (the unauthorised and illegal duplication of
copyrighted software).
Software piracy is by far the most common form of
software theft.
A lot of material posted on the Internet is
copyrighted, which means that it might be illegal to
reprint or post the material without permission.
Software theft cont.


Kids need to understand that they do not
have the right to re-post or distribute
copyrighted graphics, music, videos, and text
from web sites without permission.
This includes giving copies of the material to
friends.
What children should be aware of



When you purchase a software, you actually do not
own the software, instead you have purchased the
right to use the software as outlined in the software
license.
A software license is an agreement that provides
specific conditions for use of the software, which
users must accept before using the software.
The most common type of license agreement
included with software packages purchased by
individual users is a single user license agreement
(EULA).
EULA - Conditions






Users may install the software on only one computer. Some
licenses allow the user to install on one desktop and one
notebook computers.
Users may not install the software on a network, such as a
school computer lab network.
Users may make one copy for backup purposes.
Users may not give copies to friends and colleagues.
Unless otherwise specified by a software license, users do not
have the right to loan, rent, or in any way distribute software
purchased.
Doing so is not only a violation of copyright law, but also a
federal crime (Shelly et al, 2008).
Software piracy and software market



It increases the chance of viruses
Reduces users ability to receive technical
support
Significantly drives up the price of software
for all users.
File sharing risks




Just like you shouldn’t open email attachments from people you
don’t trust, you should be wary about downloaded files from
them as well.
Using file-sharing networks creates a risk that viruses or other
malignant code (spyware) could be spread to your computer
over the network.
Viruses may damage your computer or interfere with your files,
spyware may track your online activities and send that
information to third parties.
Children should be informed about the installation and updating
of reliable antivirus software.
Conclusion
Information security awareness, our children’s
future!
Thank You