Safety is a slippery term and highly personal. When I was an active rock climber, safety meant that we were “protected” from falling, either by a rope belay or by clipping a carabiner into a piton or other protection device in a crack of the rock. Despite the use of safety procedures and practices, some would consider the entire idea of climbing cliffs to be unsafe.
Doing genealogical research would seem to be the polar opposite of rock climbing as far as safety is concerned. This may have been the case a few years ago, but now, with our extensive use of online records and resources, as genealogists, we are confronted with another, far more insidious, risk than merely the physical risks of rock climbing. While the risks involved in rock climbing would seem to be fairly evident, the threats to our safety online are far less obvious.
The Wikipedia definition of Internet Safety is as follows:
Online safety is trying to be safe on the internet and is the knowledge of maximizing the user’s personal safety and security risks to private information and property associated with using the internet, and the self-protection from computer crime in general.
One of the fundamental issues with determining safe practices is evaluating the risks involved. A risk is something that exposes someone or something valued to danger, harm, or loss. In our society, the entire insurance industry is based on getting people to recognize risks and pay for protection against those risks. We manage our risks by identifying them and then evaluating the necessary procedures to avoid or minimize their impact. Unfortunately, those who benefit from increasing the fear of some kinds of risks are usually the most vocal about the danger involved. Today, almost any human activity has its own list of risks. Here is a sample Risk Assessment Diagram from the U.S. Department of Homeland Security.
Identifying and evaluating online risks is really difficult because most of the entities involved in providing information about the risks are directly involved in selling “solutions.” Most news articles that talk about online risks begin with an extreme example of someone who was harmed in a major way and it is becoming almost impossible to distinguish between those risks that are actually associated with online activity and those that are part of the risks involved in simply being alive.
For example, right now sitting in my home office and looking out the window at the last of the leaves falling off the trees, I would rank old age and driving in Utah Valley as two of my greatest risks. I could worry about global warming, the threat of another world war or other such general risks, but right now I am more concerned with my own personal aches and pains than any of those amorphous risks.
But going back to my earlier days spent rock climbing on the granite cliffs of Little Cottonwood Canyon, I knew there were risks and we took reasonable actions to minimize those risks. The same thing goes with the risks now inherent in using the internet. I take reasonable steps to minimize the effect of those risks.
When I want to find out what risks are involved in going online, I try to avoid commercial enterprises. I prefer to look at government or university websites. Now, there are a lot of lists of suggested activities to help using your computer or other devices on the internet a safer activity. Here are some links to a number of such lists. Evaluate all the of the lists in light of the entity that produced the list. I have included some links to commercial enterprises when I thought the lists were not specifically generated to sell something.
- Top Ten Safe Computing Tips, MIT Information Systems and Technology
- Top 10 Threats to Information Security, Georgetown University, School of Continuing Studies28 Types of Computer Security Threats and Risks
- Risk Assessment, Ready.gov
- Online Safety, USA.gov
- OnGuardOnline, Federal Trade Commission
- Opening unsolicited email and links in email
- Using simple, short passwords such as 1234 or whatever
- Indiscriminately “surfing” the internet: all internet activity should be purposeful and intentional
- Replying to anyone you do not know or cannot identify
- Failing to back up your data
- Failing to update your devices’ operating systems
- Failing to understand the threats