NCSAM 2012 Privacy
-
Upload
375th-medical-group-mdss-key-spouse -
Category
Documents
-
view
55 -
download
0
Transcript of NCSAM 2012 Privacy
INFORMATION IS COLLECTED FROM EVERYONE
HOW TO KNOW
YOUR PRIVACY IS BEING PROTECTED
Privacy policy - Before submitting your
name, email address, or other personal
information on a website, look for the
site's privacy policy. This policy should
state how the information will be used
and whether or not the information will
be distributed to other organizations.
Look for indications that you are being
added to mailing lists by default—failing
to deselect those options may lead to
unwanted spam. Privacy policies
sometimes change (ie Facebook) so
you may want to review them often.
Evidence that your information is being
encrypted - To protect attackers from
hijacking your information, any personal
information submitted online should be
encrypted so that it can only be read by
the appropriate recipient. Many sites
use SSL, or secure sockets layer, to
encrypt information. Indications that
your information will be encrypted
include a URL that begins with "https:"
instead of "http:" If data is encrypted in
transit but stored insecurely, an
attacker who is
able to break
into the
vendor's
system could
access your
personal
information.
Newsletter Date
When you visit a website, a certain amount of
information is automatically sent to the site. This
information may include the following:
IP address - Each computer on the internet is
assigned a specific, unique IP (internet protocol)
address. It’s like a street address for your
computer.
domain name - You can identify the domain by
looking at the end of URL; for example, .edu
indicates an educational institution, .gov
indicates a US government agency, .org refers
to organization, and .com is for commercial use.
software details - It is possible for an organization to
determine which browser, and operating system
that you used to access its site.
page visits - Information about which pages you
visited, how long you stayed on a given page,
and whether you came to the site from a search
engine is available to the organization operating
the website .
If a website uses cookies, the organization may be
able to collect even more information, such as your
browsing patterns, which include other sites you've
visited. If the site you're visiting is malicious, files on
your computer, as well as
passwords stored in the
temporary memory, may
be at risk.
PRIVACY - HOW ANONYMOUS ARE YOU?
Created by the
375AMW
Information Assurance
Office
PROTECT YOUR PRIVACY
LIMIT THE AMOUNT OF
INFORMATION COLLECTED
ABOUT YOU
Newsletter Date
Do business with credible companies - Before supplying any
information consider the answers to the following questions:
do you trust the business? is it an established organization
with a credible reputation? is there legitimate contact
information provided?
Do not use your primary email address in online
submissions - Submitting your email address could result
in spam. Consider opening an additional email account for
use online. Make sure to log in to the account on a regular
basis in case the vendor sends information about changes
to policies.
Avoid submitting credit card information online - Some
companies offer a phone number you can use to provide
your credit card information. This eliminates the possibility
that attackers will be able to hijack it during the submission
process.
Devote one credit card to online purchases - To minimize the
potential damage of an attacker gaining access to your
credit card information, consider opening a credit card
account for use only online.
Avoid using debit cards for online purchases - Debit cards
normally do not offer the online protection that credit cards
offer.
Take advantage of options to limit exposure of private
information - Avoid allowing a website to remember your
password. If your password is stored, your profile and any
account information you have provided on that site is readily
available if an attacker gains access to your computer. Also,
evaluate your settings on websites used for social
networking. The nature of those sites is to share information,
but you can restrict it.
Be careful supplying personal
information - Unless you trust a site,
don't give your address, password, or
credit card information. Look for
indications that the site uses SSL to
encrypt your information Although
some sites require you to supply your
social security number (e.g., sites
associated with financial transactions
such as loans or credit cards), be
especially wary of providing this
information online.
Limit cookies - If an attacker can
access your computer, he or she may
be able to find personal data stored in
cookies. You may not realize the
extent of the information stored on
your computer until it is too late.
Browse safely - Be careful which
websites you visit; if it seems
suspicious, leave the site. Also make
sure to take precautions by
increasing your
security settings,
keeping your
virus definitions
up to date and
scanning your
computer for
spyware
PRIVACY - HOW ANONYMOUS ARE YOU? PAGE 2