Reading time
10 minutes
What will you learn?
You will learn several key terms relating to working securely and reliably, both at home and at school.
Summary
Encrypting files, messages and your internet connection is an important step on the way towards working securely and reliably, at all times and everywhere. One of the ways you can do this is by encrypting your connection and hard drive, but also by using a VPN connection. The software required for both of these protection methods can be obtained from the ICT department.
Very securely, right? Well, not everyone's is actually... Have a look at how easy it is to discover large quantities of personal information about anyone within just a few minutes:
[alternative video clips which may be relevant to this: https://www.youtube.com/results?search_query=jake+vale+pranks+social+media]
If it is that easy for a coffeehouse worker to discover personal data how easy would that be for a malicious hacker? And how risky would it be if it not only concerned your personal data, but all of the personal data of employees and students, sensitive research data or our school's financial data?
While it seems logical to assume you probably cannot access sensitive data, or can only do so to a limited degree, just imagine the following steps:
Sound far-fetched? It happens, unfortunately ... each year, many organisations fall victim to this kind of fraud. A well-known example of this is CEO fraud, whereby employees believe they are receiving instructions from their manager via email, whereas these have actually come from a hacker using a hacked email account.
The good news? Most of these types of incidents can be prevented by ensuring you work securely and reliably, at all times and everywhere.
Many popular applications, such as WhatsApp and Microsoft Teams transmit all messages in encrypted form. This means that these messages are useless to anyone who intercepts them, because a decryption key is required in order to read the message.
Encryption is a very old concept; it existed long before the arrival of the first computers. A 'Caesar's cipher' is an early example of encryption, which was named after the Roman emperor Julius Caesar. He replaced each letter of the alphabet with another letter in order to send secret messages to his generals.
Other well-known examples of encryption include the German Enigma and the Lorenz cipher machines, which enabled army units to communicate with each other. Whereas Julius Caesar only succeeded in achieving 25 possible combinations with his Caesar's cipher, 2000 years later, these machines were already capable of generating 16 quadrillion possible combinations!
Nowadays there exist many forms of encryption, made suitable for a wide variety of purposes. One well-known example is the message that appears on WhatsApp when you send a message to a new contact for the first time: ‘Messages to this chat and calls are now secured with end-to-end encryption’. That sounds good, but what exactly is end-to-end encryption?
The first online communication services did in fact encrypt the messages transmitted between the sender and the central server, but on the server itself, the messages could be read in unencrypted form. If you had access to the server, you could also access all of the messages. That is no longer the case: thanks to ‘end-to-end’ encryption, messages are encrypted from the moment they are sent until they reach their destination. So if you intercept a message, it is useless to you, unless you have the decryption key. Want to know exactly how it works? Watch the video clip below:
The next big step in the realm of encryption was the arrival of quantum computers. Whereas in modern computers, each bit can only contain a value of 0 or 1, the qubits in a quantum computer can also have a value of 0 and 1 at the same time. As a result, the number of calculations which can be carried out in parallel increases exponentially. This leads to a gigantic increase in the possibilities for encryption and for the decryption of that same encrypted data.
Much of our work is done via internet these days. Each website (therefore also any cloud-based services you may use for storing your data) can choose to use a secured (encrypted) connection. This is indicated by the padlock icon next the website URL in your browser.
When a padlock icon appears next to the URL, that means that the website URL is preceded by ‘HTTPS://’. The ‘S’ in ‘HTTPS’ stands for 'secure’; this indicates that the website transmits all traffic in encrypted form. By clicking on the padlock icon, you can find further information about the website and check whether you are dealing with the right website.
But take care: malicious parties can of course also have a padlock icon added to their website. If you doubt the authenticity of a website, always also carefully check the URL itself, because no matter how many padlock icons there are on websites such as facebook.info or abnamro.net, these are definitely not the official websites!
Suppose you have to send a file containing sensitive data to a colleague abroad. You could send the file via email, but then it will end up on your colleague's laptop in unencrypted form. If someone intercepts the file, they can easily read it. One solution for this is to encrypt individual files; this is easy to do using one of the following methods.
1. Send the file via the SURF service SURFfilesender [our school has a licence to this]. You can choose to encrypt files when sending these via SURFfilesender. More information about this possibility [can be found here].It is even safer if you encrypt your entire hard drive. In this way, no one will be able to access your files without the special key. [If you use a school laptop, it is already encrypted as standard.] If you also use a personal device to do your work, we recommend that you encrypt that hard drive, as well; you should not notice any disadvantages in terms of speed of encrypting your hard drive.
Do you work on a Windows computer in your private life? Then we recommend you encrypt your hard drive with [Bitlocker]. Do you have a Mac? Then we recommend you use [Filevault]. [For more information about the steps to be followed, please contact the ICT/Helpdesk.]
Please note that if your computer is only protected with a password, that does not mean that your hard drive is encrypted! In that case, malicious parties can easily remove the hard drive from your computer, connect it to a computer for which they do know the password and in that way will still be able to read all the data on the hard drive.
VPN stands for ‘virtual private network’ and it ensures the connection between your device and the internet is secure. Using a VPN connection has the following advantages:
Anonymity
Security
Freedom
Watch the video clip below to find out exactly how a VPN connection works:
Therefore, a VPN connection ensures that all of your internet traffic is transmitted via an encrypted virtual tunnel. That means that, depending on your location, you can ‘pretend’ that you are in the Netherlands. That is useful, for instance if you sometimes have to work in countries where certain services are blocked. It also means you can safely log in to our internal services from anywhere in the world.
Some internal services are only accessible via a VPN connection. Those are [...].
We strongly advise against using public WiFi networks, since all of the internet traffic on those networks is unsecured. If you work a lot on the go, then we recommend you use your mobile hotspot, or if you want to connect with a public WiFi network to do so only via a VPN connection. Our school offers you the VPN software [name of application] for free. You can download and install it here [link]: [space for step-by-step plan / screencast with explanation of the steps to be followed].
NOTE: you are no longer able to gain access to one of the applications offered by the school, please contact [contact details of ICT/Helpdesk] immediately.