Home » Defense in Depth

Ten Basic Steps To Protect Your Privacy

Posted 1 Jun 2004 | Comments Off on Ten Basic Steps To Protect Your Privacy | 1,133 views

Do not reveal personal information. Avoid giving out any personally identifiable information unless it is absolutely necessary.Revealing identifiable information can cause a wave of backlash ranging from unsolicitied email to identity theft. Limit giving identifiable information to only reputable websites and to organizations where you already have an “in-person” relationship.

Never give out passwords to your accounts. Under no circumstances should you give out the passwords to any of your accounts. Passwords are used so that you and only you have access to the account. It is awfully tempting to give your password to support personel; however, they should already have the appropriate tools and access to fix the problem.

Do not enter online contents for prizes. Online contests are easy mechanisms for building an email database. A free hat may be nice to have, but it is certainly not worth the annoyance and frustration of unsolicted email.

Do not reply to unsolicited email. In general, it is a very bad idea to respond to any unsolicited email that you receive. Many junk mail senders include a link to unsubscribe to their email. In many cases, this is merely a convenient mechanism for validating your address which leads to more junk email. If you have an ongoing business relationship with the sender, you might be able to convince the sender to remove you from their list; however, this is usually not as simple as clicking on the provided link. In the US, recipients can asked to be removed from mailing lists under the CAN-SPAM act; however, this only applies to US-based advertisers.

Avoid sites that offer rewards for you contact information. Many websites give things away for free. Beware of those that request personal information for a trivial freebie. Almost every website has a form to fill in an email address. This is even spreading to the print world. Many company response cards such a warranty or registration cards now include places for an email address.

Have a disposable email address. Maintain at least one disposable email account that you can use for distribution to non-trusted parties. This address is one that can be abandoned if it becomes the target of too much unsolicited email. A good place to get a disposable account is one of the many free web-based email services.

Be conscious of web security. Always make sure that the websites you visit offer appropriate security for your browsing. Any sort of financial transaction or exchange of sensitive data should be done in an SSL-enable environment.

Examine privacy policies. Read the privacy and terms of service policies for any websites that you interact with. Make sure that you are comfortable with who they share your information with. Do not give any information to a site that does not conspicuously post a privacy policy. Contact companies that stray from their published policies.

Manage your cookies. Websites use cookies for various reasons. Some of them are rather unscrupulous. Although the cookie itself is harmless, the data inside may not be. Some cookies are used to track users from one site to the next, and if any of those sites happen to know your identity, they all do. While some cookies are intended to be useful, you may not want them on your hard drives. For example, poorly designed shopping carts or authentication applications may store credit card numbers or passwords in cookies. The use of cookies is so prevalent that not accepting them is nearly impossible. A cookie management program can remove any unnecessary cookies before someone else gets ahold of them.

Assume that your communication is being monitored. When communicating with others on the Internet, always assume that someone else is privy to your conversation. This is especially importance in chat rooms and such. Other users may be lurking unseen. Information sent via public forums should be limited to the “casual conversation” sort. Sensitive data should be send using some sort of strong encryption.

Comments are closed.