New paradigm needed to stay safe online in era of work-from-home, say experts at ST webinar

Among the suggestions given at the webinar is segregating the use of devices at home by individual or workflow. ST PHOTO: GIN TAY
Lester Wong
Updated
Dec 10, 2020, 07:31 PM
Published
Dec 10, 2020, 06:39 PM

SINGAPORE - Say no when your child asks to use your work laptop to do his or her school work, or set up a different user account on the work laptop for different activities.

These are some ways to reset habits and practices for a more digitally secure 2021 as working and e-learning from home becomes the new normal even after Covid-19, said panellists at The Straits Times Reset 2021 Webinar Series: Digitalisation and Cybersecurity on Wednesday (Dec 9).

Employees who are also parents need to be aware of the key digital assets, such as e-mail access, that have to be protected when work has moved into the home environment, said Associate Professor Steven Wong, who is from the Singapore Institute of Technology.

"What are the key assets that you have in your home that, if compromised, will impact your family, your business and your work? It could be your e-mail, or certain approval processes," said Prof Wong, who was among the four panellists.

"Start to identify some of these (assets) and take a 'compromised-by-default' position, so that you are prepared and will not be caught at a loss when something happens. In corporate settings this is known as incident response, but very seldom does it happen at home because it's not our culture (yet) to do so."

The other three panellists speaking at the webinar were CSA chief executive David Koh, Associate Professor Chang Ee-Chien from the National University of Singapore School of Computing, and Mr Benjamin Ang, head of the Cyber Homeland Defence programme at the Centre of Excellence for National Security, a policy research think tank.

Prof Chang suggested segregating the use of devices at home by individual or workflow. For example, as far as possible, children should be using a different desktop or laptop from the one their parents use for work.

"If that is not possible, then try to segregate by setting up different user accounts on a laptop. Even if you have your own machine, you can segregate accounts for work, for family, or for playing games," he said.

"Segregation is about setting up security parameters, so that when something happens within that parameter it will not spill over to other (areas)."

But Mr Koh and Prof Wong also warned against thinking that technology can serve as a cure-all or silver bullet for protecting personal data and staying safe online .

Prof Wong said there is a worrying tendency for people who are more tech-savvy to assume that they are safe simply because they are familiar with the workings of the digital world, or because they have adopted certain newfangled technology like virtual private networks (VPNs).

A VPN anonymises users' Internet browsing activity by sending web traffic through an encrypted tunnel to a network controlled by the VPN service provider.

However, some VPN providers, especially those offering their services for free, may not be what they claim to be, Prof Wong said.

More On This Topic
Cyber security awareness must keep pace with rapid digitalisation: ST webinar panellists
Cyber security threats on the rise as more people work from home: Cisco survey

"It's as if today someone tells me, 'give me your wallet and I'll keep it safe for you. I'm free, reliable and easily accessible'. But you just don't do that in normal physical life... These are opportunities cyber-criminals will use," he added.

"The challenge with digital natives is that sometimes they think they know everything, but actually none of us know, because (being on your guard in the digital world) is not an inherent sense that we are born with.

"And that's a sense - a sixth sense - we need to develop because the physical and digital worlds operate in very different ways. In the physical world, there's a perimeter to nearly everything, but it's the opposite in the digital world."

Pointing to the nature of WhatsApp hijacking cases, where hackers pretend to be a friend of the victim in order to ask for their WhatsApp verification code, Mr Koh said the scam hinges not on technology, but "social engineering".

"Be suspicious. You have to ask, why are you contacting me and asking for a six digit PIN? And the easiest thing is just to pick up the phone and call the person and ask if it's really them," Mr Koh added.

"Not all technical problems need a technical solution. Sometimes a simple process or being a bit more careful can solve the issue."

More On This Topic
Beware of 'friends' asking for security codes on WhatsApp
Banking-related phishing scams see 20-fold increase in first half of 2020

Join ST's Telegram channel and get the latest breaking news delivered to you.

Available for
iPhones and iPads
Available in
Google Play

MCI (P) 066/10/2023. Published by SPH Media Limited, Co. Regn. No. 202120748H. Copyright © 2024 SPH Media Limited. All rights reserved.

Back to the top