Why do cyber security courses seem to bear little resemblance to the reality of sometimes complicated lives?
Work is becoming embedded into more and more parts of our lives. Every year surveys circulate about people working on holiday or not taking a holiday at all. We know people are working late at night and look at their emails first thing in the morning. For me, merging everything works better than trying to separate it out, although there are obvious downsides.
The other day, however, I did a cyber security course, which seemed to assume that everyone still works a more standard way, shutting down at a certain hour and not checking emails while doing Facebook or the like. I use social media for both work and personal reasons. I am told I need 2FA on practically everything. Unless you pay extra, Twitter only allows you to do that on an app rather than through your phone which is so much easier if you have multiple jobs. I have an authenticator app for my other job, but was locked out of all apps for over a week when I changed my phone due to apple taking eons to check my identity. I couldn’t get into anything that required 2FA.
I fear that we are relying way too much on apps and phones these days. What happens if you lose your phone – something I think is increasingly likely with older age? Your life will disappear down the drain. My daughter left hers in the toilet at the GP the other day. It was a major disaster, even though she is too young for 2FA…
How many authenticator apps can you have on one phone or should everything fit into the same app? I have 2FA for so many systems, for instance, all the different and proliferating social media and communications platforms. It’s getting ridiculous. As it is I spend a lot of time deleting all the apps that children randomly download on my phone which clogs up space.
On the other hand, text messages are not necessarily the solution. In our house the phone coverage is not great. Sometimes it drops out altogether and I am forced to run upstairs and wave the phone around in a corner of my daughter’s room where there is usually coverage in order to get the code for 2FA.
I was sent a form to okay on cyber security the other day. I had to verify that I never leave my computer open when I am not at it. I work from home – usually alone. Does it make sense to log off every time I step away? I have more than one job so have emails open for both because in journalism news happens all the time, not just on one or two days a week. It works well for both employers – I cover the news as and when it happens. According to cyber security rules, I would need at least two computers – and a whole lot more office space [I work on the table in our lounge]. I also have my personal email open in case there are messages from the school since everything is now online and due to phone reception issues. Do I need a third computer for that? Maybe I should have three phones too while we’re at it and I could cart them around everywhere and find chargers for all three when I am on the move.
I was told the other day that I have to change my passwords for Facebook because I use it for work as I am an admin on a work site. They are suggesting some impossible to remember password instead of the very personal one I have now. I sometimes log into Facebook while on the move – on holiday, for instance. I feel unreasonably annoyed that my employer can basically control my access to my own personal Facebook page. Ironically, the person who contacted me about it emailed at around 7pm, assuming that I would be picking up emails in my supposed spare time when I was trying to finish off work stuff and organise my partner’s birthday. Maybe I’m an absolutely hopelessly chaotic worker who has built up bad habits as a freelancer, but I’m willing to bet I’m by no means the only one.
I can understand that cyber security is a huge problem, but cyber security experts seem to be way behind the curve. They need to come up with solutions that make sense for people’s complicated lives and not assume that everyone is working in the same way they might have done 10 or 20 years ago.