Skip to main content
SANS Security Awareness

Utility nav

  • GDPR
  • Support
  • SANS.org
  • Contact
  • Request Demo

Main navigation

  • Products
    • Products Overview Column
      • Products

        Build and mature your security awareness program with comprehensive training for everyone in your organization.

        View Products
    • Security Training Solutions
      • EndUser Training

        Security Awareness training designed by experts.

      • Phishing Tools

        Tiered-template phishing simulation tool designed for all learners.

    • Products - Training Span
      • ICS Training

        Train all learners involved with Industrial Control Systems. 

      • NERC CIP Training

        Relevant Critical Infrastructure Protection training meeting compliance. 

      • Developer Training

        Protect web applications with secure coding practices. 

      • Healthcare Training

        Train learners following HITECH and HIPAA standards. 

    • Events
      • Courses & Summits

        Gain key insights and practical information in security awareness program building from experts in the field with our Summits and training courses. 

      • Summit Recap

        Review top talks from the 2019 SANS Security Awareness Summit in San Diego.

  • Why SANS
  • About
    • About Overview Column
      • About

        SANS has been around as long as the Internet. Learn about our history, experts and events around the world.

        Read About SANS Awareness
    • About Column 1
      • Our Experts

        World-class experts covering every aspect of security awareness and defense.

    • About Column 2
      • History

        Read about the SANS Security Awareness legacy.  

    • About Column 3
      • News

        Check out what’s going on with SANS Security Awareness in the news.

  • Reports
  • SSAP Credential
  • Blog
  • Resources
    • Resources Overview Column
      • Resources

        Looking to build and mature your security awareness program? These resources will enable you with the topics and techniques to improve your learner’s awareness in security.

    • Resources Column 1
      • Blog

        Read from subject matter experts and guest authors about the latest going on in security awareness.

      • Events & Webcasts

        Gain key insights and practical information in security awareness program building from experts in the field with our Events & Webcasts. 

    • Resources Column 2
      • Posters

        Developed by the community for the community. Download and share these awareness posters with your organization.

    • Resources Column 3
      • OUCH! Newsletter

        The world leading security awareness newsletter. Offered in multiple languages, created by a community of experts.

Mobile Menu

May 2017 • The Monthly Security Awareness Newsletter for Everyone

Securing Today's Online Kids

Background

The number of ways children today can go online and interact with others is staggering. From new social media apps and games to schools issuing Chromebooks, kids’ social lives and futures depend on their ability to make the most of technology. As parents, we want to make sure they do so in a safe and secure manner. However, this can be a challenge, as many of us never grew up in a technical environment like this. To help you, we cover the key steps to enabling today’s kids to make the most of technology safely and securely.

Education/Communication

OUCH! May 2017 Securing Today's Online Kids
The key to protecting kids online is to education them and make sure that you talk to them and they talk to you.

The number one step you can take is communication; make sure you are always talking to your kids and they are talking to you. Far too often, parents get caught up in the technology, asking questions such as, “What apps are good or bad,” or “What is the best kids’ security software.” Ultimately, this is not a technology challenge, but a behavior and values challenge. We want kids to behave online as they would in the real world. A good place to start is to create a list of rules or expectations with your kids on how they should use technology. Here are some things to consider: (Remember, these rules will evolve as kids get older.)

  • Times when they can or cannot go online, and for how long.
  • Ask your children who their online friends or followers are, and how they become friends. Do they actually know the people that they are connected to online?
  • Talk about the types of websites they should or should not visit, games that are appropriate or not, and why.
  • What information they can share and with whom. Children often do not realize what they post is permanent and public. In addition, they may think they are sharing a secret with just one person, but that secret can easily be shared with the world.
  • Who they should report problems to, such as if someone online is being a bully or creepy.
  • Treat others online as they would want to be treated themselves.
  • There is no anonymity online; people can find out who you are.
  • People online may not be who they claim to be.

For older children, one option is to tie these rules to their academic grades, completion of chores, or how they treat others. The better their behavior in the real world, the more they can do online. Once you decide on the rules, post them by the family computer or your child’s bedroom door.  Even better, have them review and sign the document.  That way, everyone is in full agreement. The earlier you start talking to your kids about your expectations, the better. Not sure how to start the conversation, especially with older kids? Ask them what apps they are using and how they work.  Put your child in the role of teacher and have them show you what they are doing online.

Technology

In addition to education, there are technologies you can use to monitor and help protect your kids. We find that technical solutions work best for younger children, especially protecting them from accidentally accessing inappropriate or harmful content. However, technical controls do not work as well as children get older. Older kids not only need more access to the Internet, but often use devices that you do not control or cannot monitor, such as those issued by school, gaming consoles, or computers at a friend’s or relative’s house. This is why education is so important.

Another step is to have a dedicated computer just for your kids. This way, they cannot accidentally infect your computer, which you may use for sensitive activities, such as banking online or taxes. In addition, keep their computer in a public, high-traffic area so their activities can be monitored. Just because they say they are doing homework does not mean they are actually doing homework. Finally, make sure the computer is secured, routinely backed up, and your children do not  have administrator rights to it. For mobile devices, consider a central charging station somewhere in your house.  Before your children go to bed at night, have all mobile devices placed at the charging station so your children are not tempted to use them when they should be sleeping.

Leading by Example

Do not forget that we also need to set a good example as parents. This means that when your kids talk to you, put your own digital device down and look them in the eye. Consider not using digital devices at the dinner table and never text while driving. Finally, when kids make mistakes, treat each one as an experience to learn from instead of engaging in an immediate disciplinary action. Explain “why” each time and remind them that you are only trying to protect them from the dangers they cannot yet see. Let them know they can come to you if and when they experience anything uncomfortable online, perhaps even have them take a screenshot to share with you. Make sure they also feel comfortable approaching you when they realize they themselves have done something inappropriate. Keeping communication open and active is the best way to help kids stay safe in today’s digital world.

License

OUCH! newsletter is under the Creative Commons license.  You are free to share / distribute it but may not sell or modify it.

In This Issue

Background
Education/Communication
Technology
Leading by Example

English
OUCH-201705_en.pdf
Arabic
OUCH-201705_aa.pdf
Bahasa Indonesia
OUCH-201705_ba.pdf
Chinese, Traditional
OUCH-201705_cn.pdf
Chinese, Traditional (Taiwanese)
OUCH-201705_ct.pdf
Danish
OUCH-201705_da.pdf
Dutch
OUCH-201705_nl.pdf
Farsi
OUCH-201705_fa.pdf
Finnish
OUCH-201705_fn.pdf
French
OUCH-201705_fr.pdf
German
OUCH-201705_de.pdf
Hebrew
OUCH-201705_he.pdf
Hungarian
OUCH-201705_hu.pdf
Italian
OUCH-201705_it.pdf
Japanese
OUCH-201705_jp.pdf
Korean
OUCH-201705_kr.pdf
Latvian
OUCH-201705_lv.pdf
Lithuanian
OUCH-201705_lt.pdf
Malaysian
OUCH-201705_ma.pdf
Norwegian
OUCH-201705_no.pdf
Polish
OUCH-201705_po.pdf
Portuguese
OUCH-201705_pt.pdf
Romanian
OUCH-201705_ro.pdf
Russian
OUCH-201705_ru.pdf
Serbian
OUCH-201705_se.pdf
Spanish
OUCH-201705_sp.pdf
Turkish
OUCH-201705_tr.pdf
Urdu
OUCH-201705_ur.pdf

Subscribe to OUCH!, our Monthly Security Awareness Newsletter

Get monthly content to keep you up to date on the latest Security Awareness News and Tips.

The SANS Institute provides training related to cybersecurity and the safe use of technology within your organization. To provide this training, the SANS Institute captures and processes personal data and as such has been identified as a “controller” of your information.

The information provided to SANS Institute for training purposes may include name, email address, phone number(s), address, company, department, job function, industry, organizational memberships, and geographic region. The SANS Institute may also collect data about devices and software used to access the training and training systems; this data includes browser version, operating system version, IP addresses, access times, connection duration, and other browser analytics. As training is delivered, the SANS Institute processes and stores data associated with training assignments, completion, and scores on any learning activity that is delivered. SANS may also utilize third party processors to provide these services.

If your information is provided by your employer, this information is used as part of the initial or ongoing training cycle. The purpose for collecting this data is to allow the SANS Institute and your employer to assign, deliver, record and report on your cybersecurity training. Your information and training records will be shared only with you and your employer.

At any time you have the right to receive a copy of the personal data you have provided to us in an electronically readable format.

A data protection regime is in place to oversee the effective and secure transmission, processing, storage, and eventual disposal of your personal data, and data related to your training. The SANS Institute will retain your data until you request that it be removed, after which it will be securely disposed of. The SANS Institute will never sell your personally identifiable data and will only share your personally identifiable data with SANS cyber security solutions partners when you provide agreement to do so.

When you consent to us using your information for the purposes of sending you information on SANS products or services you are providing us with your consent to send you materials detailing our products and services that we consider will be of interest to you, based on your use of the educational material that we provide as resources. We profile you this way to make the materials more relevant to you. We will only send you information on products from within the SANS services portfolio.

If, at any point, you believe your personal information to be incorrect, you may request to see a copy of your data, ask to have the errant data corrected, or ask that it be securely disposed of. If your information is provided by your employer, the SANS Institute will work directly with your employer to promptly address the matter. If you wish to raise a complaint or concern, or have questions relating to GDPR, please contact the Data Protection Officer via gdprprivacy@sans.org.

SANS has further committed to refer unresolved privacy complaints under the Privacy Shield Principles to the EU Data Protection Authorities (DPAs), or where applicable instead, to the Swiss Federal Data Protection and Information Commissioner. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit the following web site for more information and to file a complaint with the EU DPAs: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm

You may, at any time, withdraw your consent; to do so, please contact gdprprivacy@sans.org.

The SANS Institute is a U.S. company founded in 1989 that specializes in information security and cybersecurity training. All information provided to SANS Institute will be transferred to and processed in the United States. The SANS Institute is committed to comply with the Privacy Shield Framework which has been found adequate by the European Commission to enable international data transfer under EU law. For more information, please see www.sans.org or contact gdprprivacy@sans.org.

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.
SANS Security Awareness

301-654-SANS (7267)
Monday-Friday, 9am-8pm EST/EDT

Social

  • Facebook
  • Twitter
  • Linked In

Footer

  • Products
  • Why SANS
  • About
  • Reports
  • Resources

Footer utility

  • Support
  • SANS.org
  • Contact
  • VLE Help

Stay up-to-date on the latest security awareness news and tips. 

Subscribe to our monthly newsletter, OUCH!

Subscribe Now

Copyright Nav

  • ©2018 SANS™ Institute
  • Privacy Policy
  • Trademark Usage Policy
  • Credits