Privacy and Securityon the Web:

greenpepperwhinnySecurity

Nov 3, 2013 (4 years and 10 days ago)

62 views

Privacy and Security

on the Web:
How to Protect Yourself

Missy
Harvey

Technology
& Communication
Coordinator

NN/LM MAR

June 20, 2013

Instructor


Technology
& Communication Coordinator
,

NNLM / MAR
(2011
-
present)


Computer Science Librarian
, Carnegie Mellon

University
/ Pittsburgh, PA (1995
-
2011)


Adjunct Instructor
,
iSchool
, Drexel University / Philadelphia, PA (2003
-
present)


Adjunct Instructor
,
iSchool
, University of Pittsburgh / (1995
-
2003)


Research Manager, Peterson’s Guides / Princeton, NJ (1993
-
95)


Head, Sun Library
, Sun Microsystems / Mountain View, CA (1990
-
93)


Head, Microcomputer & Media Center
, Falk Library, University of
Pittsburgh (1987
-
89)


Reference Librarian, Wheaton College / Norton, MA (1986
-
87)


Cataloging Assistant
, Yale University / New Haven, CT (1982
-
86)

Current News


Agenda

Learn tips to protect yourself, your family, and your library users in our
highly connected
world



What
you need to know about your personal information on the
Web



How others get information about your online
activities



How to protect yourself from phishing emails and
scams



How to manage your online
reputation



What to do if your online privacy is
compromised



Risks of cloud computing

Think Before You Share


Privacy policies



Avoid posting anything online that you would
not

want made
public


92% of employers are checking Facebook and Twitter


1 out of 10 job applicants are not getting offers due to inappropriate
online content



Minimize details that identify you or your
whereabouts



Keep your account numbers, user names, and passwords
secret



Restrict sharing
your primary email address or Instant Message (IM)
name



Choose how private you want your profile or blog to
be

Changing Browser Settings


Monitor Your Reputation


Search for your name on the Internet using at least 2
-
3
search
engines



Regularly review what others write about you on blogs
and social networking
websites



Ask friends not to post photos of you or your family
without
permission

How Does Info Get on the Web?


Businesses, governments, and other organizations gather data
when you:


Set up an online account


Buy something in
an online store


Register for
contests


Fill out surveys


Download free software


Surf the
web (yes, Google and others track your searches)


Why Should I Care?


Companies and future employers may use this
information
--
i.e., your
online
reputation
--
to
gauge your suitability for a job


Criminals may
target
you for phishing scams,
to steal
your
identity, and to commit other
crimes


Online information is searchable and often
permanent


Search
engines
can
make it easy to pull data together to build
a full profile
about you


Once data is
online
,
it’s there forever


Sites
may archive
what has been posted or collected


Friends
(or ex
-
friends) may give your information out, or
hackers and security lapses may expose
it



Guard Your Information


Protect your
computer



Use an
Internet
firewall


Most Internet providers such as Verizon and Comcast provide
firewalls to protect your home computer



Make sure your computer is set
-
up to perform automatic
updates from
Microsoft

or Apple



Subscribe
to antivirus software and
keep it
current


You don’t have to spend lots of money for anti
-
virus software

there are excellent free programs available such as
AVG

(click on
the yellow Download button)


Passwords


Create strong passwords


Strong passwords are
at least
14 characters
long


They include
a
combination

of letters (both upper and lower
case), numbers, and
symbols


They should be easy to
remember but difficult for others to
guess



Do NOT
share your passwords with
friends



Avoid using the same password
everywhere


If
someone steals it, all the information that password protects is
at
risk


Home vs. Public Computer


Save sensitive business
or email transactions for
your home
computer



Avoid paying bills, banking, and shopping on a public
computer, or on
any

device (such as a laptop or mobile phone)
over a public wireless
network (i.e.,
WiFi

in airports, coffee
shops, etc.


Protect Yourself


Signs of
a scam


Watch for deals that sound too good to be true, phony job ads,
notices that you have won a lottery, or requests to help a distant
stranger transfer
funds


Other
clues include urgent messages ("Your account will be
closed!"), misspellings, and grammatical
errors



Think before you
click


Especially when visiting an unknown website
or call a number in a
suspicious email or phone
message

both

could be
phony


Be cautious with links to video clips and games, or open photos,
songs, or other files

even if you know the
sender


Check
with the sender
first


How to Know a Website is Safe?


Before you enter sensitive data, check for evidence that:


The site uses
encryption

a
security measure that scrambles data
as it crosses the
Internet


Good
indicators that a site is encrypted include a web address
with
http
s
(rather than http)


The "s
" stands for
secure and
a closed
padlock usually appears
beside it


The
lock might also be in the lower
-
right corner of the
browser


Make sure you’re
at the correct
site

e.g.,
at your bank's
website, not a phony
website


Some hackers temporarily redirect visitors to phony sites and you
may realize it unless you’re paying close attention

check the
specific URL


Most anti
-
virus programs offer an anti
-
phishing filter

Investigate Privacy Controls


Control what’s shared about you


Define your audience



Look for
privacy controls on a site by navigating to a control
panel or settings
menu



Explore and understand privacy controls before jumping on
the bandwagon

Email Tips


Always

remember that if you’re using a computer purchased
by your employer, they are entitled to view your email or
computer contents


So when using a work
-
related computer and/or email,
never

put anything in writing that may come back to haunt
yo


Use a secondary, “spam” email
address


Use email service providers with strong security and spam
filters


Be careful opening emails


Be careful using commercial programs like Gmail or Yahoo for
education
-
related communications

Treat Your Phone Like A Computer


Smartphones are becoming a hacker’s dream


Smartphones access your
email, address book and other
sensitive pieces of
data


But they
rarely have any privacy
controls


Investigate apps to ensure privacy

Password Protect All Devices


Those include your smartphone, iPad, computer, tablet, etc.



Equivalent of leaving your home or car unlocked

Sign Out!


Always make sure to sign
-
out of Facebook, Twitter, Gmail,
your retirement account, your bank account, etc.


Do not assume every account will automatically timeout after
a few minutes


Do not assume that when you quit the browser that you’re
signed out

open it back up and revisit the site

voila, you’ll
find that you get in without typing your password again!

Clear Out Your Browser


Clear your browser history and cookies on a regular
basis



When’s
the last time you did that?



Show “never
remember your
history”



Consider using something like
CCleaner

Cloud Computing


Serious concerns over privacy and security issues



Survey found that cloud computing
raised serious concerns about
the access
to, as well as use
and control of data:


77
% of respondents believe that adopting
cloud
computing makes
protecting privacy more
difficult


50
% are
concerned
about a data breach or loss; and


23
% worry about
a weakening
of corporate network security



Review privacy
policy and terms of service of the hosting
company



Consider other alternatives


Flash/thumb drive


Other portable storage devices


Bibliography


CERT
. (2013).
Theft of intellectual property and tips for prevention
. Retrieved from
http://www.cert.org/blogs/insider_threat/2011/07/insider_threat_methods_of_exfiltration.html
.


Hill, K. (2012).
10 incredibly simple things you should be doing to protect your privacy
. Retrieved
from
http://www.forbes.com/sites/kashmirhill/2012/08/23/10
-
incredibly
-
simple
-
things
-
you
-
should
-
be
-
doing
-
to
-
protect
-
your
-
privacy/
.


IBM. (2010).
Is cloud computing secure computing?

Retrieved from
http://www.ibm.com/smarterplanet/global/files/us__en_us__cloud__smart_clouds.pdf
.


Microsoft. (2013).
Create strong passwords
. Retrieved from
http://www.microsoft.com/security/online
-
privacy/passwords
-
create.aspx
.


Microsoft. (2013).
Take charge of your online reputation
. Retrieved from
http://www.microsoft.com/security/online
-
privacy/reputation.aspx
.


Privacy Rights Clearinghouse. (2013).
Children’s online privacy: A resource guide for parents
.
Retrieved from
https://www.privacyrights.org/fs/fs21
-
children.htm
.


Privacy Rights Clearinghouse. (2013).
Online privacy: Using the Internet safely
. Retrieved from
https://www.privacyrights.org/fs/fs18
-
cyb.htm
.


TRUSTe
. (2012).
Protect your privacy
. Retrieved from
http://www.truste.com/products
-
and
-
services/consumer_privacy/privacy_tips
.


Wise, L. (2013).
Few options for online users to avoid spying, experts say
. Retrieved from
http://www.mcclatchydc.com/2013/06/07/193356/few
-
options
-
for
-
online
-
users
-
to.html#.UcJD1ZySJbJ
.

Questions / Comments?

Thank you!

Contact Me:

Missy Harvey, Technology and Communication Coordinator

Phone: (412) 624
-
1619

Email:
mjharvey@pitt.edu