Personal Data Protection and Privacy
From Computing and Software Wiki
Personal data are a set of data such as name, social insurance number, birthday dates, credit card number etc that needs to be kept secure. These data can be stolen if a computer is connected to the internet and the information is on the computer. A lot of hackers on the internet use their computer or other people’s computer to gain access into your computer to steal personal information that they then use for their malicious purposes. These hackers have free access to a computer when there is a security hole in the software or operating systems that are being used on your computer.
Contents |
Possible threats to Personal Data
Pharming – This is done by directing an internet user to a different site than the one requested. This is done by changing the DNS and IP address of the target website from the original IP address to the IP address of the mirrored website. Therefore whenever the user tries to access the original site, the user is directed to the mirrored website. This form of attack is very difficult for the user to realize unless the user checks the SSL certificates and is realizes that it is a fake certificate.
Phishing – This is the process of trying to acquire personal information from an individual by pretending to be an organization that they are not. Phishing can occur through email when a message is sent requesting for information such as birth date, social insurance number and PIN numbers. Also mirror websites could be created to look like the authentic website. Information such as the user ID and password would be requested hereby gaining access to the account of the user.
Spear Phishing – This occurs when spear phishers disguises as friends of an individual on a social networking site such as Myspace and Facebook to develop trust with an individual. When trust has being developed with an individual, the spear phishers then gets personal information through message boards and personal messages. The information collected can be used for malicious purposes.
Vishing – Emails are sent to individuals that they have there has being some problem with their credit card and then authorized to either click on a link or call a specific number where the credit card number, expiry date and verification codes are collected from the users. This information is then used to incur fraudulent charges on the user’s card.
Privacy Law governing release of Personal Data
How to Protect Personal Data
Using Firewalls
A firewall is a collection of security measured designed to prevent unauthorized access to a networked computer. It blocks all internet traffic that has not being specifically specified by the computer from coming to the computer. There are two types of firewalls that can be used depending on the computer that needs to be secured.
Hardware Firewall
This is a device that allows the connection of different computers to a hub. The firewall then monitors request that are coming from the internet into the computers connected to the hub. This type of firewall protection is mainly used by organizations that needs to control the information that is being sent to out of their organization and information received from other sites.
Personal Firewall
A personal firewall is software installed on each computer that needs to be protected. A personal firewall has more feature than a hardware firewall but cannot be shared with different computers.
Email Authentication
Emails are received from financial institutions, Internet service Providers and other organizations requesting for personal information. This information should not be released through email without authenticating the source of the email. The most secure method of doing this calling the organization and ensuring that they are require this information.
Providing Personal Data on the web
When providing personal information or data on the internet, ensure that the web site is authentic. A good way of checking ensuring that the web site is authentic is by typing in the web address manually.
