240 likes | 329 Views
Privacy and Security on the Web: How to Protect Yourself. Missy Harvey Technology & Communication Coordinator NN/LM MAR June 20, 2013. Instructor. Technology & Communication Coordinator , NNLM / MAR (2011-present) Computer Science Librarian , Carnegie Mellon
E N D
Privacy and Securityon the Web: How to Protect Yourself Missy Harvey Technology & Communication Coordinator NN/LM MAR June 20, 2013
Instructor • Technology & Communication Coordinator, NNLM / MAR (2011-present) • Computer Science Librarian, Carnegie Mellon University / Pittsburgh, PA (1995-2011) • Adjunct Instructor, iSchool, Drexel University / Philadelphia, PA (2003-present) • Adjunct Instructor, iSchool, University of Pittsburgh / (1995-2003) • Research Manager, Peterson’s Guides / Princeton, NJ (1993-95) • Head, Sun Library, Sun Microsystems / Mountain View, CA (1990-93) • Head, Microcomputer & Media Center, Falk Library, University of Pittsburgh (1987-89) • Reference Librarian, Wheaton College / Norton, MA (1986-87) • Cataloging Assistant, Yale University / New Haven, CT (1982-86)
Agenda Learn tips to protect yourself, your family, and your library users in our highly connected world • What you need to know about your personal information on the Web • How others get information about your online activities • How to protect yourself from phishing emails and scams • How to manage your online reputation • What to do if your online privacy is compromised • Risks of cloud computing
Think Before You Share • Privacy policies • Avoid posting anything online that you would not want made public • 92% of employers are checking Facebook and Twitter • 1 out of 10 job applicants are not getting offers due to inappropriate online content • Minimize details that identify you or your whereabouts • Keep your account numbers, user names, and passwords secret • Restrict sharing your primary email address or Instant Message (IM) name • Choose how private you want your profile or blog to be
Monitor Your Reputation • Search for your name on the Internet using at least 2-3 search engines • Regularly review what others write about you on blogs and social networking websites • Ask friends not to post photos of you or your family without permission
How Does Info Get on the Web? • Businesses, governments, and other organizations gather data when you: • Set up an online account • Buy something in an online store • Register for contests • Fill out surveys • Download free software • Surf the web (yes, Google and others track your searches)
Why Should I Care? • Companies and future employers may use this information--i.e., your online reputation--to gauge your suitability for a job • Criminals may target you for phishing scams, to steal your identity, and to commit other crimes • Online information is searchable and often permanent • Search engines can make it easy to pull data together to build a full profile about you • Once data is online, it’s there forever • Sites may archive what has been posted or collected • Friends (or ex-friends) may give your information out, or hackers and security lapses may expose it
Guard Your Information • Protect your computer • Use an Internet firewall • Most Internet providers such as Verizon and Comcast provide firewalls to protect your home computer • Make sure your computer is set-up to perform automatic updates from Microsoft or Apple • Subscribe to antivirus software and keep it current • You don’t have to spend lots of money for anti-virus software—there are excellent free programs available such as AVG (click on the yellow Download button)
Passwords • Create strong passwords • Strong passwords are at least 14 characters long • They include a combination of letters (both upper and lower case), numbers, and symbols • They should be easy to remember but difficult for others to guess • Do NOT share your passwords with friends • Avoid using the same password everywhere • If someone steals it, all the information that password protects is at risk
Home vs. Public Computer • Save sensitive business or email transactions for your home computer • Avoid paying bills, banking, and shopping on a public computer, or on any device (such as a laptop or mobile phone) over a public wireless network (i.e., WiFi in airports, coffee shops, etc.
Protect Yourself • Signs of a scam • Watch for deals that sound too good to be true, phony job ads, notices that you have won a lottery, or requests to help a distant stranger transfer funds • Other clues include urgent messages ("Your account will be closed!"), misspellings, and grammatical errors • Think before you click • Especially when visiting an unknown website or call a number in a suspicious email or phone message—both could be phony • Be cautious with links to video clips and games, or open photos, songs, or other files—even if you know the sender • Check with the sender first
How to Know a Website is Safe? • Before you enter sensitive data, check for evidence that: • The site uses encryption—a security measure that scrambles data as it crosses the Internet • Good indicators that a site is encrypted include a web address with https (rather than http) • The "s" stands for secure and a closed padlock usually appears beside it • The lock might also be in the lower-right corner of the browser • Make sure you’re at the correct site—e.g., at your bank's website, not a phony website • Some hackers temporarily redirect visitors to phony sites and you may realize it unless you’re paying close attention—check the specific URL • Most anti-virus programs offer an anti-phishing filter
Investigate Privacy Controls • Control what’s shared about you • Define your audience • Look for privacy controls on a site by navigating to a control panel or settings menu • Explore and understand privacy controls before jumping on the bandwagon
Email Tips • Always remember that if you’re using a computer purchased by your employer, they are entitled to view your email or computer contents • So when using a work-related computer and/or email, never put anything in writing that may come back to haunt yo • Use a secondary, “spam” email address • Use email service providers with strong security and spam filters • Be careful opening emails • Be careful using commercial programs like Gmail or Yahoo for education-related communications
Treat Your Phone Like A Computer • Smartphones are becoming a hacker’s dream • Smartphones access your email, address book and other sensitive pieces of data • But they rarely have any privacy controls • Investigate apps to ensure privacy
Password Protect All Devices • Those include your smartphone, iPad, computer, tablet, etc. • Equivalent of leaving your home or car unlocked
Sign Out! • Always make sure to sign-out of Facebook, Twitter, Gmail, your retirement account, your bank account, etc. • Do not assume every account will automatically timeout after a few minutes • Do not assume that when you quit the browser that you’re signed out—open it back up and revisit the site—voila, you’ll find that you get in without typing your password again!
Clear Out Your Browser • Clear your browser history and cookies on a regular basis • When’s the last time you did that? • Show “never remember your history” • Consider using something like CCleaner
Cloud Computing • Serious concerns over privacy and security issues • Survey found that cloud computing raised serious concerns about the access to, as well as use and control of data: • 77% of respondents believe that adopting cloud computing makes protecting privacy more difficult • 50% are concerned about a data breach or loss; and • 23% worry about a weakening of corporate network security • Review privacy policy and terms of service of the hosting company • Consider other alternatives • Flash/thumb drive • Other portable storage devices
Bibliography • CERT. (2013). Theft of intellectual property and tips for prevention. Retrieved from http://www.cert.org/blogs/insider_threat/2011/07/insider_threat_methods_of_exfiltration.html. • Hill, K. (2012). 10 incredibly simple things you should be doing to protect your privacy. Retrieved from http://www.forbes.com/sites/kashmirhill/2012/08/23/10-incredibly-simple-things-you-should-be-doing-to-protect-your-privacy/. • IBM. (2010). Is cloud computing secure computing? Retrieved from http://www.ibm.com/smarterplanet/global/files/us__en_us__cloud__smart_clouds.pdf. • Microsoft. (2013). Create strong passwords. Retrieved from http://www.microsoft.com/security/online-privacy/passwords-create.aspx. • Microsoft. (2013). Take charge of your online reputation. Retrieved from http://www.microsoft.com/security/online-privacy/reputation.aspx. • Privacy Rights Clearinghouse. (2013). Children’s online privacy: A resource guide for parents. Retrieved from https://www.privacyrights.org/fs/fs21-children.htm. • Privacy Rights Clearinghouse. (2013). Online privacy: Using the Internet safely. Retrieved from https://www.privacyrights.org/fs/fs18-cyb.htm. • TRUSTe. (2012). Protect your privacy. Retrieved from http://www.truste.com/products-and-services/consumer_privacy/privacy_tips. • Wise, L. (2013). Few options for online users to avoid spying, experts say. Retrieved from http://www.mcclatchydc.com/2013/06/07/193356/few-options-for-online-users-to.html#.UcJD1ZySJbJ.
Thank you! Contact Me: Missy Harvey, Technology and Communication Coordinator Phone: (412) 624-1619 Email: mjharvey@pitt.edu