The Internet is basically a computer network that would continue to function in the event of a disaster. The Web is known as a client-server system. Your web browser software is the client; the remote computer which stores the data is the server. The glue that holds the Web together is called hypertext and hyperlinks. This feature allow electronic files on the Web to be linked so that you can easily jump between them. On the Web, you navigate through pages of information based on what interests you at that particular moment. This is commonly known as browsing or surfing the Net.
As a web master you'll probably search the Internet for information you can use for your web site. Consequently, your computer is constantly exchanging quantities information with an unknown number of computers. What you really want is to exchange just the amount of information necessary to establish communication between the computers and get the information you requested. No more, no less. You don't want the other computer to poke around in your computer or connect to your office network.
If you are using a dial-up connection, your computer does not have a permanent identifying number. Your ISP (access service) assigns one to your system temporarily whenever you dial up. This makes your system less attractive to hackers and snoopers, but not impossible to find. If you are using one of the fast, always on service connections then your system is much more vulnerable because you do have a permanent assigned location in cyber-space.
CERT has an excellent article that covers all the things you'll need to know about information security at
http://www.cert.org/tech_tips/home_networks.html
According to CERT, information security is concerned with three main areas:
- Confidentiality - information should be available only to those who rightfully have access to it
- Integrity -- information should be modified only by those who are authorized to do so
- Availability -- information should be accessible to those who need it when they need it
You wouldn't let a stranger look through your important documents. In the same way, you may want to keep the tasks you perform on your computer confidential, whether it's sending e-mail messages to family and friends or looking for specific web sites. Developing safe surfing habits and protecting your privacy is important.
A recent irritating development on the web is spyware. Shareware is often ad supported. Ads in free software is fine as long as you know that's what you are getting along with the program. Popular e-mail client Eudora is ad supported in it's free version and they tell you so when you download it. So some kinds of adware are fine.
Spyware, on the other hand, is when a program reports back to the advertiser about your surfing habits every time you go on-line, and they didn't tell you they were going to do this when you got the program. Think you don't have any? Guess again. I had 26 little beasties in my system busily reporting. You can remove these threats to your privacy.
- Lavasoft's Ad-Aware Remover
- Ad-Aware will safely remove all sorts of spyware programs you may have innocently downloaded into your system along with shareware..
- SpyChecker
- A database of known spyware/software titles and how to get rid of them.
Identity theft is more of an offline problem. Identity Theft Resource Center can inform you on ways to protect yourself.
Here's some sensible precautions for blocking ID Theft:
Make a copy of your wallet contents:
Place the contents of your wallet on a photocopy machine,do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel.
Keep the photocopy in a safe place.
We've all heard horror stories about fraud that's committed using your name, address, SS#, credit, etc. Unfortunately a friend had firsthand knowledge, because her wallet was stolen last month and within a week the thieve(s) ordered an expensive monthly cell phone package, applied for a VISA credit card, had a credit line approved to buy a Gateway computer, received a PIN number from DMV to change her driving record information online, and more.
In case of ID Theft:
Cancel your credit cards immediately. The key is having the toll free numbers and your card numbers handy so you know whom to call. Keep those where you can find them easily.
File a police report immediately in the jurisdiction where it was stolen, this proves to credit providers you were diligent, and is a first step toward an investigation (if there ever is one).
Call the three national credit reporting organizations immediately to place a fraud alert on your name and SS#. This is perhaps most important. Application for credit can be made over the Internet in your name if they have some verifying data stolen from you. The alert means any company that checks your credit knows your information was stolen and they have to contact you by phone to authorize new credit.
You might also consider one of the new credit watch services from Equifax which will monitor your credit report activity for an annual fee.
Additional recommended actions
- Contact all creditors, by phone and in writing, to inform them of the problem.
- Alert your bank to flag your accounts and to contact you to confirm unusual activity.
- Request a change of PIN and new password on existing credit cards/ATM or debit cards if you believe your existing accounts have been wrongfully
accessed.
- Keep a log of all contacts and make copies of all documents.
- Contact the Social Security Administration’s Fraud Hotline, 1-800-269-0271.
- Contact your state office of the Department of Motor Vehicles to see if another license was issued in your name. If so, request a new license numberand fill out the DMV’s complaint form to begin the fraud investigation process.
Shopping on-line isn't really any more dangerous than shopping in a store or eating out. You should however, take some sensible precautions when shopping on-line by using such things as a temporary account number for a specific transaction. Visa has taken steps to slow abuse by adding a PIN number requirement to transactions.
Always be sure to use a Verisign authenticated site, and make sure you are actually in a 'secure' mode during the secured transaction (the lock symbol in your browser looks locked). And don't forget to print out a receipt for yourself. Plus you might consider enabling yourself to look at your credit card transaction records on-line - and on a regular basis. That way if something funny is going on you'll find out sooner rather than later.