Living Therapy - Counselling, Training and Supervision in Southampton Living Therapy - Counselling, Training and supervision in Southampton

Online Counselling Security Guide

This guide briefly describes some of the security considerations associated with online counselling.

Online counselling can be a convenient way to get psychological help. All you need is an internet connection, and you can be talking to your counsellor within minutes. But before you get started, it pays to be aware of the security aspect of online counselling. Specifically, you will be using internet-based technology to connect with your counsellor, and it’s important that you know how to make that connection as secure as possible. This article will consider two aspects of online security, namely endpoint security and connection security. Endpoint security is concerns the safety measures you can apply to the device that you use to make the connection, and connection security is concerned with the security of the connection itself. These two aspects of online security are explained in the sections that follow.

Connection Security

Before we talk about connection security, you need to understand how the connection happens. There are a number of stages, as follows:

Your Computer --- Your Router --- Internet --- My Router --- My Computer

Strictly speaking, the router is actually two devices in one – a router and a modem – but for the purposes of this discussion, you can consider them as the same thing. Your router is typically provided to you by your ISP and will be called something like ‘BT HomeHub’, ‘Virgin Media Hub’, etc, depending on who provides your internet connection. All the connections to your router inside your house or office form a small network. The connection between your router and my router is part of the web of interconnected larger networks that form the internet.

The line of connections between my computer and your computer is called the route. At some points along the route, it might be possible for a third-party to intercept the connection and listen in on the conversation. This is not new: people have been wire-tapping since the inception of the telephone. All that is needed to tap a telephone line is some equipment that attaches to the telephone wire and a listening device. To tap a connection between two computers is a much more difficult task and first you need access to the network where the communication is happening.

Wherever possible, you should use a trusted secure network for your online counselling connection.

A secure network is one in which you need to know a password in order to join the network. It’s trusted if you know exactly who else is also connected, or who has permission to connect. For example, if you have network security switched on for your home network (which you should), then you will need to enter the password on the back of your router before you can join the network. You should only ever give the password out to people you trust. When you connect to the internet in a public place, such as a coffee shop or hotel, you may be able to connect without a password, in which case the network is not secure. Even if you do need a password, you have no way of knowing who else is connected to the network, therefore even if the network is secure, you should not count is as trusted.

Remember: I will only ever use a trusted secure LAN to connect with your computer.

One way in which you can increase the security of your connection is to use encryption for the data that is being passed over the connection. Encryption means that even if you can’t use a trusted secure network, you can nevertheless encode the data passing along the route between us so that an additional password is needed to access it. Some of the applications I use for online counselling use encryption, others do not. Encryption gives another layer of security and added peace of mind. Using encryption on a trusted secure network is like adding an extra outer door to a property – the thief now has to get through two locks rather than just one.

Wherever possible, you should select an application that uses encryption.

There are other ways in which people can listen in on the conversation via the wider network, but they require knowledge that most opportunistic hackers simply don’t have. Nevertheless, even if you are using software that encrypts the connection and you are using a trusted secure network, there are still ways a hacker can gain access to the conversation via the network, using your own computer against you. To mitigate against this type of security breach, you will require an understanding of endpoint security, which is the subject of the next section.

Endpoint Security

The endpoint is the device that you will use to make the connection to me. The endpoint is by far the most common place where security breaches happen, because it’s the easiest part of the connection to get access to. Here are some of the ways in which endpoint security is commonly breached – and they may seem surprisingly innocuous:

Someone guesses your password. For example, a family member wants to know what you’re up to online and can guess your password because they know you so well, or because you use the same password for everything.

Your password isn’t unique enough and someone guesses it. For example, more people than you would imagine use things like ‘1234’ or their own name as their password. Do not do that!

You write your password down somewhere and someone finds it.

Don’t open emails if you don’t trust them.

Don’t visit websites if you don’t trust them.

You leave your device unattended and someone else gets access to it.

Your device has been infected with a virus that records your activity. This kind of virus is often deployed by criminals who want to steal your credit card details, or even your identity.

You can improve your endpoint security by picking hard-to-guess passwords and keeping them private and safe. It’s also important not to leave your device somewhere where others can easily use it get access to your private details. For example, you should use a password on your main account for the device.

When it comes to protecting your device against outside attacks, I recommend that you use antivirus software and a firewall. Antivirus software detects and erases things on your device that it knows shouldn’t be there and a firewall detects and stops software on your device from accessing the internet without your permission. Many firewalls and antivirus software is free, but in my opinion it is worth paying for a good quality product. Up-to-date information is available at the two links below:

PC Advisor’s guide to antivirus software

Techradar’s guide to firewall software

Further Help

Internet security may seem daunting, but as you have seen here, a few simple measures will help protect you from malicious or nosey people and keep your online counselling connections safe and secure. If you would like some help and advice on setting up your device for online counselling, please click here to contact me.