U-LEAD has launched a series of outreach activities to improve digital security in municipalities. The first of them focused on the legal framework for the concepts of cybersecurity and cyber hygiene, the basic rules of Internet safety, information security at the workplace, protecting gadgets from fraudsters and hacks, etc.
Olha Petrova, Digitisation Expert at U-LEAD with Europe, stated the following, reaffirming the importance of the issue:
“If you have a mobile phone or an email, if you use messenger apps, communicate online, you need to be aware of the danger you face. Everything that has a digital component at its core always has digital risks.”
According to her, it is important for employees of local self-government bodies to be well-versed in the legislation on cyber hygiene and information security. She explained that information security and cybersecurity are components of Ukraine’s national security.
“Cyber hygiene is a component of cybersecurity. These concepts are not interchangeable. Cybersecurity covers the fundamental processes of protecting information. Cyber hygiene refers to rules and recommendations on how to behave in the digital world in order to strengthen your cybersecurity at work and at home to the greatest extent. The most important task of local self-government employees is to protect the workplace and the information they work with every day,” said Olha Petrova.
When using the Internet, keep in mind that it monetises absolutely everything:
“If you don’t pay for the product, you are the product.”
She explained this using an excerpt from Google’s Privacy Policy:
“We use your personal information to make our products more helpful to you. It’s how we can autocomplete your searches, get you home faster with Maps, or show you more useful ads based on your interests.”
Particular attention was paid to passwords and personal data protection. For instance, simple rules such as “Do not put up stickers with passwords at the workplace”, “Do not take photos of your workplace”, “Do not write down passwords and logins on the last page of your work log”.
The speaker explained how to use password generators and password managers and reminded the key rules for creating passwords: “Strong combinations of numbers, letters and symbols — preferably at least 12”, proper storage, digital means of generation and switching them up quarterly:
“Do not use personal information in passwords; do not share them with your friends and family.”
As Olha Petrova noted when speaking about digital security at the workplace, local self-government employees have a duty to “protect” their workplace, as well as official and confidential information. Different email addresses should be used for personal correspondence and work correspondence. A constant threat, including during correspondence, is phishing, i.e. fraudsters sending emotional and “important” messages, aiming to obtain users’ personal information and further use it for personal gain.
The expert reminded the basic rules of safe use of Wi-Fi:
- Do not transmit any information you don’t want to be disclosed via messenger apps;
- Disable automatic download of files, especially for contacts that are not in your contacts;
- Do not click on links, especially shortened URLs, that did not come from trusted sources;
- Update your messenger apps.
In fact, there are dangers and risks for gadget users everywhere. By allowing cookies, we allow websites to store information about us, our preferences and desires. When we take a photo and share it through messenger apps or on social media, we might give more information than is necessary. After all, these images contain metadata that can “give away” the geolocation where the photo was taken.
Summarising the info session, Dmytro Vasylenko, head of the Regional Office of U-LEAD in the Khmelnytskyi Oblast, noted:
“Almost any smartphone or computer user can be affected by online fraud or other digital threats. It is vital that local self-government employees have critical thinking, information hygiene and digital security skills, since their mistakes online can affect not only their personal lives, but also the performance of local authorities. That is why we are holding a series of events on digital security, and we invite all local self-government employees to join them.”