Maintaining computer privacy is absolutely a fundamental concern as more than ever we are using portable computers and share public computers or Internet access points for personal and business purposes. We now have a larger number of employees taking their portable computers out of the office environment. Modern device portability along with the availability of public computers and Internet access points are increasing the risks of computer privacy. We will look at the safety features to help protect both ourselves and our data.
Computers are helping our life to be more efficient and set a faster pace. The same technology has also made the invasion of privacy faster and more efficient. It is not correct to blame the technology for our [new] privacy problems; the decision to gather data about people is not made by the computer, it is made by the people behind the computer system. Simply stated, computers have changed the privacy landscape considerably.
Our global computerized access to information requires us to re-think the meaning of “public” information. We are part of a open, democratic society, we consider certain information to be public: voter registration, property ownership, marriage, divorce, birth and death records.
Students, entrepreneurs and a large number of younger users take their computers to public places such as coffee shops or public libraries to work on their projects and connect to the Internet. With portable devices, we need to be concerned about people close to us being able to see our information as we worked on our projects, and a growing increase in stolen laptops and other portable data storage devices are causing some serious computer privacy concerns.
Today, more businesses, in an attempt to reduce office space costs, are allowing their employees to telecommute or use a shared office space with their colleagues thus raising additional computer and desk privacy concerns. Both telecommuting and office sharing increase the risk of privacy disclosure especially when telecommuting is from internet enabled coffee shops and other public places to access company systems and information. Some employees access their corporate information using devices available in public computers at airports and other public places. In such cases there is a lack of knowledge about the security controls of the devices used. This can expose the privacy of our credentials and our business systems to unauthorized disclosure and access to company information.
With any modern portable device that offer such portability, awareness means means that while we can assume that most people are trustworthy and would never look at a your devices screen, there will be those people that are actually targeting our information. Avoid using access to bank accounts and any other sensitive personal accounts from non-personal computers. Some of these device may collect your personal information.
If you are working on a project or accessing less sensitive information such as email using my own computer, be sure to sit at a location where no one can be seated behind you and also use a device privacy screen filter.
A computer privacy filter can prevent others from looking at the information on your device screen while you type unless they are sitting exactly where you are, in front of the computer in order to see what you can see. Screen privacy filters have additional benefits such as glare reduction and device screen protection against scratches and fingerprints.
In summary, if you perform your work within coffee shops, be sure to seek out a secure and private spot which does not allow others to sit right behind you.
Always use a trusted device and Internet access points as much as possible, and do use a computer screen privacy filter. It may not always be possible to use a fully trusted device for some reason, but we should always assess the risk level of the devices and locations we use to selectively access confidential information. Also avoid placing large files containing personal information on your portable device in order to reduce the risk of theft or loss.
The best advice for employees is to request that your employer develop clear guidelines for acceptable use of computer equipment and network capabilities, and to ask the employer to reveal whether monitoring is taking place.
Privacy is a Social issue – Not a technical flaw
Being actively suspicious is one of the most sensible things you can do to keep your computer and data secure. Hacker techniques are getting increasingly sophisticated, so it will be difficult to tell when might be at risk. All it takes to fall into the “trap” is to open one email open or click on one link and your computer could be compromised in about 1 second.
So do keep your wits about you and think before opening or clicking on anything that does not look legitimate.
Modern web browsers have options that enable you to adjust the level of privacy and security you use while you browse the internet. Using these options can help lower the risk of threats reaching your device and having malicious hackers attack your device. Some browsers enable you to tell websites not to track your actions by blocking cookies. Note that, by default, many of the options are disabled, so do take a few minutes to go into your browser settings and make the necessary adjustments to reduce your risks. The most popular browsers such as Chrome, Firefox, Safari, and Edge all provide detailed instructions to help.
To reduce device theft, there are physical locking devices such Kensington locks and other similar brands that can inserted into a special hole in laptops. Some require a physical key while others work using a code. For tablets, a more cumbersome security device is required.
Public and free WiFi hotspots are becoming common, and include virtually all hotels, airports, coffee shops, parks, libraries and public transport. Be aware that one thing these hotspots have in common is a lack of good security.
Some common-sense security tips for Public WiFi:
Check the Network Name: A hacker can easily set-up a fake network like “FREE Airport WiFi”. Check with the venue.
SSL Encryption: Websites that request sensitive information should always use SSL (Secure Sockets Layer). This means the URL will have “https” at the beginning of the address.
Disable Sharing: Turn off file and printer sharing and disable network discovery; on a Mac, enable the “stealth mode”.
Disable Wireless: If you are not using the internet or email, disable your wireless connection.
Update Software: Keep your device software updated. Often, security flaws are fixed by such updates.
Use a VPN: Using a VPN (Virtual Private Network). Personal Australian VPN Services are now available to protect small businesses, professionals and individuals who use Public WiFi.
Mobile and Smart Phone Safety
Mobile devices like smartphones and tablets can store a large amount of personal information.
There are a number of things you can do to protect yourself and your mobile, including:
- Putting a pin lock on your phone
- Leaving your bluetooth turned off or in undiscoverable mode when you are not using it
- Using only encrypted Wi-Fi networks that require a password
- Only switching your location services on when necessary and limiting the apps with which you share your location
- Adjusting your browser settings to control the collection of information through cookies
- Erasing your internet history
- Only download apps from official stores or trusted sources
These features can be activated or adjusted in the privacy settings of your phone. You should also make sure no personal information is left on your phone when you dispose of it. Check the manufacturer’s instructions on how to delete information.
Protect yourself Online Always
Always limit the amount of information you share, as it can be very hard, and often impossible, to completely remove information that has been published on the internet.
Safe online pointers:
- Installing patches and security software on your computer, including anti-spyware, anti-virus scanners and firewall software
- Reading the privacy policies and privacy notices of websites
- Only downloading apps from reputable sources, especially if you’re sharing location or financial information
- Avoid entering personal information or a password on an unsecured website. Several features indicate a site may be secure. For example, it may use ‘https’ at the beginning of its domain name or it may display a security icon, usually a small locked padlock, on its browser.
Use different passwords for important accounts such as banks, Facebook and PayPal. Always make sure you choose strong alphanumeric passwords and do change them regularly. A random combination of numbers, letters and special punctuation over eight characters long is recommended.
When using social media sites, be sure that you read their privacy policies, and choose the privacy settings that best suit your needs and safety.
Your digital footprint on a social site can be there forever, so do think before you share. You may not be able to take back comments or posts if you change your views, or someone shares them without your consent.
The results of over-sharing, or having your posts shared without your consent, can lead to personal and professional reputation damage as well as identity fraud.
Social media does bring harmful risks such as identity theft or data leakage, fake requests from spam profiles, risks in social sharing, profile hacking, fake apps and malicious links.
Use safer Privacy setting for your Social Profiles:
Social sites such as Facebook, allow the user’s personal information like name, profile picture, gender, mail-id, username and other related information to be made visible to other Facebook users to a certain extent. Facebook allows the option in which you can opt for as to who can see your personal information. Such options are included in the privacy settings of Facebook. Similar settings are provided by other social media websites as well.
Do NOT accept requests from “unknown” profiles:
To stay clear of frauds and scams, simply avoid accepting friend requests on the social media from unknown people. This is a very simple way to avoid unwanted social media risk.
Social Media events that invite user participation — messages, invitations, photos, open platform applications, etc. — are often the avenues used to gain access to private information, especially in the case of Facebook.
Always try to gather some “intel” about the unknown profile. If their profile is public, you can simply search for them using their full name and affiliated email address. If a Facebook profile is set to private or protected from search engine searches, however, it will not appear in the Facebook search results. Varying levels of privacy for different Facebook features means that some information may be public while some will be hidden. Warning: Always be careful who you add as a “friend,” because there is no 100% method of verifying a user’s actual identity online. A smart criminal can “masquerade” as someone you think is “acceptable” by building up a false or misleading profile.
Stalkscan is a free tool the will dig into someone’s Facebook public profile. It can show all publicly available information on the person you are investigating. For example, you can see which bars they have checked into, their classmates and a lot of other information. Attention: This tool does not violate Facebook’s privacy settings!
Pedophilia and sexual crimes
Young people, who are also the most more active on social networks, are exposed to “sexual predators”. Such predators have time and motivation to make contact with “intended” victims, most of the time masquerading under a false identity. The risk is greater as teenagers are less likely than adults to be careful on these networks. A survey carried out in 2006 in the US, as part of research conducted by Princeton University, found that of 935 teenagers:
- Four out of five teenagers put their first name in their profile
- Four out of five teenagers post their photo and two out of three teenagers post photos of their friends. When they are reminded of the public nature of the publication of photos, most of them say they are not concerned about the risk to their privacy. They think that the photos, even combined with the other information in the profile, do not give enough details to compromise their safety
- Six out of 10 teenagers put the name of the town where they live
- One half of teenagers posted the name of their school
- Four out of 10 teenagers posted their messaging nicknames
- Three out of 10 teenagers included their surnames in their profiles
- One in 10 teenagers put their first name and surname in their public profile
- One in 20 teenagers included their full name, their photo, the name of their school and the name of their town in their public profile
- Two thirds of teenagers restricted access to their profile (e.g., by making it private, protecting it with a password, completely hiding it from the view of others)
The result of this survey showed the vulnerability of younger people, and their obvious lack of information on the risk of pedophile attacks through such social networks. It is also noted the risk of teenagers developing trauma or dependencies with regard to some pornographic and obscene content published on these sites.
Basic Social Media “safety” Summary:
Friends on social networks should know that real friends “should” know your personal information already, thus negating the need to post such personal information (identity) online.
Do not post anything you would not mind telling a complete stranger, because in today’s social media reality that is the actual (real) potential for access.
Australian Privacy Guides
The Australian Communications and Media Authority has information on internet security and safety, including tips for protecting yourself online, on its website here.
The Office of the Australian Information Commissioner (OAIC) also has a “Privacy fact sheet 8: Ten tips to protect your privacy“, which provides methods to help you protect your personal information and your privacy.
Computer Ethics: The 10 Commandments
These 10 Commandments of Computer Ethics we established in 1992 bt the Computer Ethics Institute. The list came after a consultation with the Internet Advisory Board and were designed to be a set of basic “sanitary” rules to guide how computers are used in personal and professional life. They still apply today!
- Thou shalt not use a computer to harm other people
- Thou shalt not interfere with other people’s computer work
- Thou shalt not snoop around in other people’s computer files
- Thou shalt not use a computer to steal
- Thou shalt not use a computer to bear false witness
- Thou shalt not copy or use proprietary software for which you have not paid (without permission)
- Thou shalt not use other people’s computer resources without authorization or proper compensation
- Thou shalt not appropriate other people’s intellectual output
- Thou shalt think about the social consequences of the program you are writing or the system you are designing
- Thou shalt always use a computer in ways that ensure consideration and respect for your fellow humans
Such commandments do offer a strong foundation upon which a person or company can build policy around the use of computers in the home or workplace.