One of our founders recently spoke about how to be safe online with PS Show. Here are the videos along with transcript.
So, you know there is digital India, there’s the entire universe, there’s cyber attack, there’s wannacry malware, So, how do I as a common person, you are an expert when it comes to security. But I as a common person keep myself safe.
I want to give you the way we look at it first, before we go into tips and tricks, right! Just like in real world when you lock your homes lock, you are just not relying on one lock right? There is a lock on the gate, there is a lock on the house main door and then there is godrej cupboard where there is another lock. That’s what I mean by Layered security. In online world also, there is a lot of tool available for layer security. One famous one is two factor authentication for everything you should simply go and enable two factor authentication without even thinking about it. So the second way to approve this is what is called resilience because technology is only as good as the humans manage it, and as you know humans are fallible…right! So, resilience means assume whatever the system that you are using are hackable. And make sure that you don’t store anything that destroys your life if it gets hacked.
with technology so progressive, why are we still able to hack things u know, that is something I find little difficult to understand.
Its, not the technology that is getting hacked, yes there are extreme cases where super specialise cyber warfare tea are involved with the break inscriptions and all that. Most of other news that you see, people losing Money, getting online harassed or even this recent wannacry thing, its exploiting human emotions.
Right, You Know prudence for example discipline, you need to always patch your system. You need to have a basic antivirus. People just don’t do that. It doesn’t take any money all these tools are free. But many people either ignore or they are in this ok this won’t happen to me. It’s there but it won’t happen. It’s as simple as people not wearing helmets.
so, that’s what is getting exploited in most of the cases. Technology hacking is there, but that is very rare.
But having said that, you know there is social media, I want to be on social media and you know everybody wants to be there, everybody wants to talk about the work that they are doing or even just post some photographs. But there is a part of me which want’s to be there and doesn’t want to be there also, because of everything that’s happening. So, how do I strike a balance of being visible yet not being there.
And part 2,
Right, So you know the idea of being secure or being safe does not mean you curtain yourself. That’s not I am advocating at all. No, on the contrary what I am saying is, there is a way to exist anywhere.
right, you can be as free live a bondless life, but you need to do certain precautions. Right. Lets say you want to be an adventurer both offline and online right. You know offline you do, you do take certain precautions right. When you are adventurer, in-fact one of the adventurer who live crazy life are some of the most responsible people that I have met.
Because they understand and they take precautions
PS_ Safety First Right, Safety First
I would say same thing applies to social media right, you need to be visible, but you can also control what people you are visible to
And there are always tools of blocking reporting, and you know in some cases you can’t do much because these people are creating. For example if you are using twitter you have always new fake account that come into, you can’t do much…but you know i you look at the norm, everybody just ignores them
That’s Ok, you know the issue comes when people share sensitive information, I am not talking about the looks and the life, I am talking about somebody taking a selfie with the credit card and posting it online.
Boarding pass, yes
But that has that BARCODE, and the BARCODE has lot of information right, and if you have good resolution and you can scan and get lot of information about you. So things like that, ok
So there is a balance that you can, and also its not a good idea to share credential related information like your complete date of birth or you know your PAN card or things like that
yea, those are things you cant change at all.
Change at all and people can misuse and create artificial identity or do an identity theft
I know I have blocked about 100 people from my facebook account, yea, so that’s what I understand when it comes to now social media that still somewhere under my control right I can always delete my account, or else I can always like a set block people. But now when it comes to say financial aspects of my life, be it a banking account, that’s not under my control, So is there some measure that I can take in ter of being safe
ME- right, so there are couple of things right, and again these are some common sense thumb rules that its not perfect. But one good thing about financial world is it is highly regulated. So even if some hack happens, more than 90% of the people have got the money back, So other than, I mean, if it is not your fault there are many instances where money has been returned to the account holder. Always use a sort of assign computer for your banking transaction, right. Don’t visit some torrents and then come back to your banking site and do things. I mean if you can afford have two computers. Also don’t connect to random wifi, just because its free.
we all love things free things
for banking related transactions or any financial related transaction make sure you are on a very secured network. Use VPN, if you are really paranoid use VPN. Or you know some official Wifi, or your home wifi which you subscribe to. That’s good enough.
Ok, OK, so i understand this part not that you made this clear having a sandbox or a VPN for that matter. But having said all of this, there is still lot of online harassment happening, you know, how do I protect myself. Or only women prone to it, I know maybe I am speaking because I feel lot of women speaking about it on social media. So what do you think about that.
So, So I actually don’t think women are prone to it because based us on my own research. There are people of all sorts which get harassed online, and there was a recent case in Bombay also where this media guy was getting stalked down by this woman, right. But apart from that especiaaly when you come to raomeware or what they call to honey trapping, men are the primary targets for them. And you know unfortunately they can’t even come out and say because people will laugh at them.
for women at least do get sympathy.
because of the sensitivity
ya, u get sympathy and there are lot of people trying to fight for you. But for men some of this thing are even more difficult. And also you know apart from this if the crime is not of personal nature, if it is a random harassment, random hack, financial hack, there is no distinction between men and women.
have you personally helped any people you know in ter of tracking who has hacked there account and are there any examples
So there have been many examples, I mean I have put it on my blog. Ammm…So in one case there was this business guy, who was getting harassed by his business partner, Ex- business partner. They had some fall-out because of some financial issues. And he was sending Fake emails. Saying pseudo thing, your daughter will die, your son will die, or things like you have cheated this person, and he used to also send mails to the government officials claiming to be ne of the customer for him and saying he is cheating and things like that. Amm based on lot of the email traces and also based on some circutantial clues we were able to identify that team and then he send them legal notice and that stopped.
You know Manjula, all that sounds so interesting and I would like to dig a little more deeper into this. But before that I would like to take a short break.
You are watching the Prathibha Sastry show and lets take a short break.
10.34- Welcome back everyone, we are still with Manjula Sridhar and I think you know we have focused so much cyber security. We have focused on, online harassment, know I would like to ask a little bit about the laws, you know the laws and the legal aspect of it.
What kind of, you know service do we have in this area.
yes, so legal system is prity complete in ter of dealing with all sorts of prevalent issues right. For example, IT act 2008, that has a detailed provisions for online harassments. For example, even if you receive any sort of messages you can go to cyber crime cell, police station and lodge a complaint , even if it is very frivolous one right. Because law is very very clear on that right. And this is a message to the wrong doers out there also, many of them are not aware that sending some of these messages is illegal. But it is illegal and you could be easily caught. I would also request all these people who are going through certain level of harassment to file a complaint because what happens is these people who are doing these crimes they are habitual offenders, right. The more data one has more easier to attack them and get them behind bars. So its very very important that you atleast you lodge in a complaint. It’s not very difficult now a days with the cyber crime police station and online FIRs and something like that.
So you know anything that happens on the mobile, wrong doing that happens on the mobile and the laptop would come under the cybercrime..
any electronic communication, right…
like email, mobile, or even pager somebody sends you. It says any electronic communication which falls under that purview. IT Act I think 66A covers it, 66C, there are many variations of it. All of these comprehensively cover these kind of issues. And same applies to financial crimes also. There is a special provision to deal with financial crime. Like they say there is special powers issued to IT secretary and there is a separate appellate dealing, for dealing with speedy reimbursement of the money.
So IT Secretaries of the State you Mean?
Yea, IT Secretaries have some special powers with respect to refunding the money, that is hacked.
Oh! That sounds interesting. I am sure people will defiantly take notice of this. You know now that you have given us so many tips tricks, and tricks of the trade if I say so, but one of the thing you know with the changes you creating it and so many digital trends that are coming up every other day. I mean how do I keep track of them, how do I keep myself updated and is, I am sure its necessary to keep myself updated. But how do I go about it.
_ So its very simple right. Many of the platfor that you day to day interact with, what is it, Google,
Facebook and your bank. These are the three major touch points for you with respect to internet right. All of them are actually doing lot of campaigns. Right. If you go to google .com/security
or facebook.com/settings/security or even your bank…bank keep on sending these emails…right
which we ignore,
Don’t ignore them..I think just like health and nutrition, digital prudence has become a thing for you to keep attention on. It is, everything is going digital, So you can’t afford to ignore it. And you know, the the myth about you say technology is hard, I don’t understand it, all I think Self created
Even as a person, I mean, I can think like a normal person, not as a teche, if you can read, I think you can understand technology. And And now a days, many of the technology platfor they actually take lots of pain to make it user friendly. Because the whole domain called UX has come into existence
So, I think people need to get out of this fear of technology and embrace it.
I mean easier said than done, you know I know you are making it so simple for us to understand, you know but then again I will go back to that, you are a teche, I am non-teche, So So the user experience is the importance part of this what you are recommending.
I think one of the things if one point that people want to take away from this segment would be how to enable two factor authentication and its very simple and there is no reason why you should not do it. There is absolutely no reason. I can’t think of one single reason why everybody shouldn’t have a two factor authentication on there gmail. Because if your gmail gets hacked everything else gets hacked, because all your information all your OTPs all your password reset comes to gmail right.
I think that would be one good ways to look at it.
OK, that would be the minimum that you can begin with it actually.
Ya, right, that’s the first layer, or the second layer that you can have. I want to show you how to enable two factor authentication on google. Its part of you know the layered security that I talked about. So, Simply go to WWW.google.com/2 step…2 number and STEP…and it will take you to a place that explains what I already told you and its very simple…you just go to get started button, at the bottom of the screen and then it will ask you to login and there is a button which says enable two fact authentication and that’s it, you just make it onn…and from then onwards whenever you login…you will get either a OTP as S for your mobile…or you know you may even enable an option of call where someone calls you and tells you what the OTP is…and then you enter the OTP when you are logging in…and to make it convenient you can even make it devise specific, so if you are operating a very very safe computer and you don’t worry about entering OTP everyday, because it becomes quite irritating if you have to enter OTP everytime you login to Gmail,…then you enable that, so you only if you are logging in from somewhere else a friend’s computer or a cyber center or somewhere else then it becomes active otherwise for you its very simple its like you are logging into your account normally only something is happen then it comes into effect so you add a layer of security without losing inconvenience. So now i will show you about face book as i think it is one of the concern about people because lots of people are on face book they share lot of personal information on that…So again Facebook has made it very simple to enable all of them, you can go to facebook.com/security
And it will give you set of options including to see who is logged into accounts, what kind of authentication you can enable you can deactivate, delete and all that. Just follow the steps, I mean you don’t need any technical understanding ….you just need to understand English….go and click those buttons and there you should be able to make it secure …these are very simple things you can do without any additional money, time, or investment in understanding, because these guys have made it easy for you.
I think I’d be interested to know more about the following layers that would come out, may be in the following segments we can defiantly touch upon them …thank you manjula for joining us today and sharing this…I think I will go first and ensure all my two factor authentications are set …that’s the right word to use..
Yes, yes that is the right word..
Maybe I will focus on that, and thank you once again…
Thanks Prathibha, Thanks for having me.