---

Security Portal: Security 101: Keep Your Paws Off My Data!

“Personal and sensitive information transmitted over the
Internet is exposed to those with malicious purposes unless you
encrypt the data. When you connect with a secure web site to
transmit your credit card information to make a purchase, the data
is encrypted when the universal resource locator (URL) changes from
“http” to “https” and the little icon of a padlock becomes locked.
Unless this is so, you should never transmit any sensitive
information. Of course, the level of protection provided by
encrypted data depends on the mathematical algorithm that the
encryption scheme is based upon. That involves the field of
cryptography for encrypting and decrypting information from plain
language into coded data that only people with the proper
algorithm, known as the crypto key or variable, are able to revert
to plain language for reading.”

“Someone with malicious intentions may attempt to access your
personal data directly from your computer system. I always
recommend keeping personal data, especially financial information,
on a computer disk instead of on the computer’s hard drive to
reduce your exposure to any hacking attempts. While maintaining
other security measures are important as well, at least keeping
financial and other sensitive data on a disk to use only when you
actually need it, reduces its availability if it is sitting on your
hard drive and your system is hacked into. After all, your computer
is an easier target than the secure web site’s server protected by
a firewall and other computer security devices is. As you may
recall, computers of regular people were hacked into and loaded
with a Trojan horse known as a “zombie” that helped launch the
denial-of-service attacks against major sites in February. All this
was done without the knowledge of the people that owned the
computers.”

Of course, unless you are working for the government and
supported by the National Security Agency (NSA) for your
cryptography needs, encrypting your files as a regular citizen will
help protect the privacy of your data, whether kept on your hard
drive or a computer disk.
Special software to encrypt and
decrypt your data is needed for this. One popular and free if used
for non-commercial use program known as “Pretty Good Privacy” (PGP)
uses public key infrastructure (PKI) cryptography. This process
uses a “public key” to encrypt the data. It can be shown to anyone
freely and useless to him or her unless they possess the “private
key” that is kept secret and used to decrypt the data back into
readable information. The private key can also mark your e-mail
with a unique digital signature that verifies to the recipient that
you were the actual person that sent it. Any attempts to tamper
with a digital signature will show an error message to the
recipient so that they know someone attempted to change your e-mail
message.”


Complete Story

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis