Thing 6 on SSSC's 23 Things Digital concerns digital security. This is an area I am naturally nervous about and my children do laugh when I get nervous about an unexpected email or push notification and tell me 'don't worry you have not been hacked!'
The first area to consider was passwords. This is a difficult area because trying to remember which password belongs to which account-especially as I get older-is a feat in itself. I know when prompted by my work account for example to change my password I often feel I have just got to grips with the present one and now I am going to have figure out something I haven't used before, that is strong and memorable for me. aaargh!! The splashdata 'worst passwords list' is a good resource for starting to think about the passwords you use and may have used in the past. I certainly made some of the mistakes mentioned in this list and in the SSSC info on Thing 6 in the past. When I first had to set up passwords for digital devices and accounts-possibly about 20 years ago now!- I had had no education or training in this area and was just picking things up as I went along. I suppose I also felt embarrassed at the time to ask for help. I am more confident now about the strength and security of my passwords but I will be extra vigilant when changing or setting up new ones and will look at the advice and tips again when doing so. I did not know about password manager apps so this will be something else to add to my repertoire of security measures if I can get over the worry that the password manager app itself may be compromised! I do think that password management is a challenging area for a variety of people using services. There can be cognitive issues such as memory which may make it more difficult for people to keep changing passwords. We need to be creative in helping people come up with aide memoirs that are also secure from staff and others who may know a lot about a person.
App permissions is another area about which I knew little. I duly had a look at my phone to see which permissions apps had on my device. I don't think this is something I have ever done before. I was relieved to see that many had no permissions and some had a few like access to camera and location. I did change some. With some apps I found that changing any of the permissions on the app meant that basic features would not work.
Updates on your device turning your preferences off was another interesting piece of learning from Thing 6. I was aware- and have made staff colleagues aware-that updates on platforms such as Facebook can mean an individual users privacy settings may be changed, but I had not really thought of this on a device like a smart phone where my preferences can be returned to default without my knowledge. This is information I will be sure to tell colleagues. I think information such as this is also crucial for supporting people who use services to operate their digital devices safely. I think if staff have a good standard of knowledge then great, they will probably already be advising service users accordingly, but I think we have to be aware of the range of knowledge and skills in the staff group and ensure all of us are up to speed with things like digital security in line with our duty of care-safeguarding nowadays also means online as well in the real world. I am becoming more and more aware of that.
I was amazed to hear that on some platforms users may be prompted to play games to get to know each other where typical account security questions may be asked and answered. I think this is quite frightening as if you are not really on your guard you could easily provide information about yourself that puts personal information out there for others to use. This makes me concerned about not only staff colleagues but also younger people and vulnerable people who use our services who may be more trusting or less wary. It would be good if perhaps SSSC or Care Inspectorate did a campaign to reach all services-users and staff, to make them more digital security aware.
Wi fi security is also a big area for concern. I feel there have been some awareness raising campaigns from time to time over the years in the media about this. However like lots of things if people are not reminded about it they can easily forget and slip into habits of old where they may access wi fi in a café and then do some online banking or email a report to a work colleague containing sensitive information. Maybe public places that offer wi fi should also have signs up reminding people not to carry out any personal transactions over their wi fi. I learned that using a VPN can scramble your personal information over wi fi. I did not know this before and this is something I will do and encourage others to do.
Reflecting on all of my learning above I think making changes for myself to be more safe and secure digitally may be relatively easy and advising people I see. Getting the information to lots of staff colleagues and people who use services may be more challenging. I think it is important that '23 Things Digital' is promoted to more of my organisations workforce. At the moment we are dealing with a pandemic and I know that direct support and care is priority, however it can mean that we are all more digitally vulnerable at the moment as criminals will be taking advantage of the fact that around the world we are all distracted by the pandemic. I think as well as myself updating the information I give to new staff colleagues perhaps as an organisation we can make this vital information more readily accessible to all. We could do that through an update to safeguarding training materials, through our own digital learning resources, using the Learning Management System , through the intranet and through the use of push notifications.
