Monday, July 15, 2019

Easy steps to secure your online information

While researching international privacy law the other day at work, I stumbled across this helpful web site from the Australian Cyber Security Center. It offers a checklist of easy-to-use tips that everyone who uses the Internet should be aware of and practicing daily.

Topics include:
  • Securing your email, social media sites and apps
  • Identifying scams
  • Securing your mobile device and your computer
  • Using public Wi-Fi safely

To see the full article and watch the checklist video, go to https://www.cyber.gov.au/advice/EasyStepsGuide.

Thursday, July 4, 2019

HTTPS means "secure," not "safe"

By now, most of us know to look at the URL, or uniform resource locator, of web sites we visit. The URL is more simply known as the web address. For example, https://www.blogger.com is a URL.

When a URL starts with HTTPS, it means that the web site owner has purchased an encryption certificate and applied it to that particular web page. This means that any data you type into that page, such as user name, password, payment card number, account number, etc., is encrypted in transit. In other words, your sensitive data is secured when it is transmitted from your computer up to the server that hosts that web page on the Internet.

When a URL starts with HTTP, it means that your user input on that web page is not encrypted. And that is all it means.

HTTPS does not mean that the web site is safe to visit - it just means that your data is encrypted. Bad guys can buy encryption certificates just as easily as legitimate site owners. And because browsers like Chrome visibly proclaim a site is "not secure" when HTTP is in the URL, users are more apt to associate that HTTPS sites (which do not display the warning) must be safe to visit.

Not so!

Always be cautious of browsing to unknown or unfamiliar web sites. Only navigate to sites you deem trustworthy. And stop clicking! Just because a site is encrypted does not mean that it cannot infect your computer with malicious software if you click a link on it.

For more information, check out the warning issued by the FBI three weeks ago at https://www.ic3.gov/media/2019/190610.aspx.