|
|
|
|
|
This section has some information on how you
can maintain your privacy. Choose a Strong PasswordUser names identify you to a system and passwords confirm your identity. This makes sure that only people authorised to access systems can but this really depends on how strong the password and authentication mechanism is. In organisations there may be policies defining password rules, you should always follow company policies, they are there for a reason. You should try and choose a password that is difficult to guess. Don't use a real word as it is possible for software to run every word in a dictionary against a username to try and gain access to a system (this is known as a dictionary attack). If you need to use a word, make sure that its isn't the name of your favourite football or hockey team, your pet dog or your wife. Friends and colleagues learn a lot about you and it is easy to guess weak passwords like this. Adding numbers to the start or end of a word doesn't help much either and car registration numbers may seem more secure but aren't much better. There are a number of ways to create reasonably secure but memorable passwords. You could take a phrase such as "the quick brown fox jumped over the lazy dog" and change it to "tqbfjotld". You could then replace some of the letters with numbers and/or enter some of the characters in UPPER case (some systems are case sensitive). Our phrase could end up as "tQ3fJ0tLD". We've replaced "b" with "3" and o (letter oh) with 0 (zero) and finally changed the case of "Q", "J", "L" and "D". You can do the same for single words instead of phrases. You could misspell words then apply the previous rule "Photograph" could become "fotograf" and then "F0To8Raf". Some people re-map words on the keyboard. "Graphic" could become "y5w-uf" where each letter is replaced with the letter 1 row above and 1 key to the right (ABC becomes WHF). Other options include using special characters ("$, ^, *,& + for instance) to replace some of the letters, the possibilities are only limited by your imagination. If your imagination does fall short there are a few password generators available that you could use. Advanced Password Generator from Segobit Software (http://www.segobit.com) is just one of the products available, an Internet search will provide a list of lots more to try. Please remember that companies may not allow you to install password generating software without prior authorisation. Always ask permission before attempting to install software on corporate systems.
Identity TheftThere are a number of things you can do to reduce the chance of Identity Theft and preserve you privacy. Instead of of putting your junk mail, utility bills, bank or credit card statements or old cheque books directly into the bin you should tear them up, shred or burn them. Basically, anything that can identify you shouldn't be put straight into the bin. When you move house you should remember and get you mail re-directed so that there is no chance of your details being used by others. Check your credit card and bank statements regularly and report any errors as soon as possible. You can check you credit rating with the credit reference agencies to ensure that you are aware of the credit against your name.. Experian (http://www.experian.com) and Equifax (http://www.equifax.com) are two such agencies. Equifax provides a service that can automatically email you when your credit file held by them changes. This can held identify some types of fraud soon after it is attempted. You can also arrange to password protect your file held by the credit reference agencies if you believe that fraudulent activity has taken place. This ensures that no one can apply for credit under your name unless they know the password (so keep it safe!). Further information on Identity Fraud and protection can be found on the Experian and Equifax web sites.
Anti-SpamA number of experts have stated that Spammers use the unsubscribe option in their emails not to unsubscribe you but to confirm that your email address is valid. They then sell your email address to other Spammers. They recommend that you do not use the unsubscribe options in Spam email. The following are a few products that can be used to combat Spam at home and in the workplace. Further information on combating Spam a can be found at http://www.spamcon.org, http://www.cauce.org and http://www.euro.cauce.org as well as the SPAM / Fraud section of the Content Security area of this site.
eMailTrackerProThis product allows you to track the route of an email back to the sender and provides the IP address of the machine that was used to send the message. This can help you get information on Spammers or someone sending you email from an anonymous account. It can integrate with VisualRoute to to show you the steps the email took on a world map. For more information, to download a 15 day trail or to buy the product go to http://www.visualware.com/emailtrackerpro/index.html. There is also interesting information about how the product has been used to uncover illegal activity and references to computer security and intellectual property law resources.
EmCThis freeware product filters out SPAM, and script based email viruses. It processes mail prior to download from your ISP. It works with filter list which can be customised by you. Further information, and the free download, go to http://www.abreuretto.com/anti-spam/indexi.htm.
|
 | You when you've accidentally deleted files and need the recovered |
| Your bosses who need to recover files from THEIR computer that they allowed YOU to use for LAWFUL BUSINESS PURPOSES |
| Law enforcement who need to collect evidence of criminal activity |
No matter how securely your electronic files
are deleted, you need to remember about your backup files and paper copies. The following
equipment, tools and services are available to destroy electronic and paper files
and erase disks securely.
This product includes on demand and schedule options to securely delete data from your PC by overwriting the files. You have options regarding the type of overwriting pattern to use. Further information, including the download, can be found at http://www.tolvanen.com/sami.
This products securely deletes files by wiping the data, scrambling its details and then removing it from the disk. The publishers claim that erased files cannot be recovered. There are a number of different wipe types allowing you to weigh speed against security. The utility is added to the right click menu so that you can use it without going through the Start, Programs method. It can remove traces from the registry as well as Cookies and previously deleted email and files. Further information, including a trail or purchase download, can be found at http://www.east-tec.com.
This product securely deletes all files and formats disks (hard, floppy, Zip etc.) using a three step process of full format, data wipe, quick format. The result is a disk which (it is claimed) has no traces left of the deleted files, putting them beyond recovery. Further information, including a trail or purchase download, can be found at http://www.east-tec.com.
This product has been designed to securely remove all traces of data from all parts of a floppy or hard disk. The publisher's claim that the product exceeds the US Department of Defense Standards for this type of process. The result is a disk which (it is claimed) cannot have the data that has been deleted by the product recovered. Further information, including a trail or purchase download, can be found at http://www.east-tec.com.
This product wipes the contents, scrambles the file details and then removes it from the disk. The publishers claim that the Pro version exceeds US Department of Defense Standards for this type of process. The result is a disk which (it is claimed) cannot have the data that has been deleted by the product recovered. Further information, including a trail or purchase download, can be found at http://www.cyberscrub.com.
This product has been designed to totally sanitise a computer hard disk so that they can be safely disposed of. The publishers claim that it exceeds US Department of Defense Standards for this type of process. The result is a disk which (it is claimed) cannot have the data that has been deleted by the product recovered. Further information, including a trail or purchase download, can be found at http://www.cyberscrub.com/cybercide.
This system erases entire hard disks (including boot sector) to US Department of Defense Standards. The status of each erasure is recorded and your can use the information for certificated evidence of secure erasure. The product uses a hardware key to manage to store erasure information and licences ( the product is locked to a certain number of uses per package, you buy 1, 10, 50 or 100 to start with and you can purchase packages of 10 erasures and download them from the Internet when you need to). Ibas also provide enhanced, professional ExpertEraser services, including degaussers. For more information go to http://www.ibas.com.
This product creates a bootable floppy disk that can then be used to overwrite the entire hard disk or specified partitions. You can choose a number of overwrite options depending on how sensitive your data is. Options are available that meet the US Department of Defense and German standards as well as your own customisable options. Available in Corporate and Personal versions (Personal version only allows single overwrite). Go to http://www.ontrack.co.uk/dataeraser/ or http://www.ontrack.com/dataeraser/.
This product, from WebDetect looks like the Windows recycle bin but securely erases files to a standard in Department of Defense Standards for this type of process. This technology is combined with the WebDetect Computer Tracking System in WebDetect Pro to automatically erase all data from a stolen machine. Further information can be found at http://www.webdetect.co.uk.
There are lots of different types of
shredder available from small ones ideal for the home to large industrial suited to the
largest enterprise. They can be bought from many sources, PC World is one supplier of
personal shredding equipment. Have a look at their web site at http://www.pcworld.com. There are two types of basic
shredder, straight cut and cross cut. Straight cut shreds the paper into long strips and
cross cut cuts it into small squares or diamonds (a bit like confetti). Cross cut
shredders are generally more secure. Fellowes is one
manufacturer of shredders for home, business and commercial purposes. They have a
shredder selection guide at http://www.fellowes.com/shredderguide/.
The Fellowes site http://www.fellowes.com also
contains information on Identity Theft and US document retention recommendations (how long
you need to keep documents before you shred them). OfficeZone at http://www.officezone.com also sell and lease
shredders in the US. Destroyit and Intimus manufacture shredders for corporate use.
Details can be found at http://www.destroyit-shredders.com
and http://www.intimus.com/.
In addition to shredding sensitive material yourself, companies exist that can securely destroy your waste and provide certificates confirming secure destruction. Using a trusted third party in this way means that you do not have to go to the expense of buying expensive security shredders. In the UK, Hannay provide such a service for the home and the office.. Not only do they shred you paper work but they can also shred disks and other information media. You can contact them at http://www.mustdestroy.com. Shredfast Scotland Ltd (http://www.shredfast-scotland.co.uk) provide a doorstep facility for businesses. They bring a mobile unit to your premises and destroy your data under your supervision.
Companies in the United States include Southern California Document Services who provide their AAA Shredding and Recycling service (http://www.aaashredding.com/). Albany Shredding Inc. provides secure shredding facilities in the Georgia area. They can be contacted at http://www.albanyshredding.com/. The Shredding Source http://www.shreddingsource.com/ provides secure paper shredding and tape destruction in the Connecticut area. In the New York area, Mobile Datashred provides a doorstep facility for businesses wishing to securely shred paper, tapes disks etc.. They bring a mobile unit to your premises and destroy your data. They can be contacted at http://www.mobiledatashred.com.
These are just a few of the services available, check your local area for security shredding services near you.
This section contains some tools that can be used to further maintain your personal privacy. Some of them state that they can "stop your bosses spying on you" or other such claims. The view of e2chameleon is that equipment given to a user in the workplace has been provided as a tool to help staff achieve their working goal. Policies should be put in place in place to define what equipment is to be used for. An organisation should be within its rights to use tools to ensure compliance with corporate policies and national legislation as long as staff are informed that these tools are in use.
This free product scans memory, registry and
hard drives for adware files and lets you get rid of
them. Further information, including the free download can be found at
http://www.lavasoftusa.com.
This product removes Spyware, clears out cookies and browser histories and cache files, along with other files that automatically log what your doing. It can also securely delete any files you choose. For more information go to http://www.cleansurfer.com.
This free utility lets you manage cookies on
your system. Your sort your cookies into allowed, undecided and banned and the system then
treats them accordingly. For more information, and to download the utility, go to http://www.jasons-toolbox.com/cookiejar.asp.
The author of the utility accepts voluntary donations to help him maintain the web site
and develop the free applications on it..
This free service allows you to check for software updates, security fixes and scan for Adware on your PC. For more information go to http://catchup.cnet.com.
This is a private browsing service which encrypts and routes your Internet communications before sending them through a proxy server (go to whatis.com for a definition for proxy server). With this facility, advertisers and hackers are unable to build profiles of your browsing habits. Malicious scripts and executable files are blocked from web sites to stop unwanted code reaching your PC. Active content and cookies can be blocked as can annoying adverts. Once subscribed you can use the service from any PC. You simply download a browser plug in to the PC you are using and log into your account. For more information , and to purchase the product, go to http://www.freedom.net.
This product enhances the security built into the Palm OS. It is split in to two modules, one providing strong password authentication and the other providing encryption of your stored data. The data is only deciphered when a program attempting to use it is opened and then encrypted when not required. Protection can be either set for either all applications or only those chosen by the User. For more information, and to purchase the product, go to http://www.kaspersky.com.
This subscription service helps protect you and your family's privacy when online. Web site filtering using a database of known sites allows you to decide what sites your family can visit. Can be set to allow access based on the age of the user concerned. Additional content filtering lets you clock access to inappropriate sites not on the database list by checking for keywords that would denote a site you would not want someone to view. When an attempt to transmit personal information is detected you are given the option to either all or deny the transaction ensuring that you remain aware of what's happening at all times. You can set restrictions for the times of day that your family members can access the Internet, giving you further control. Cookies can be blocked and you are informed whenever Cookies are used to transmit information over the Internet. All users activity is logged so you know exactly what everyone using you computer is doing. Updates are downloaded of the Internet to keep your system up to date. More information can be found at http://www.mcafee.com.
This program is designed to identify and
remove Spyware and includes a Trojan Horse scanner and
has built in personal firewall capabilities. It can check and clean potentially malicious
system files and registry entries. For more information go to
http://www.nitrousonline.com/.
This product allows you to encrypt and decrypt files, disks (floppies CD's etc.) folders and text. You can create self extracting encrypted archives to send others who would only need the password you chose when you encrypted the data and not any special decryption software. You set encrypted files to expire, after the expiry date the files become unreadable. For more information, a free trail or to buy the software go to http://www.norman.com.
This product has been designed to protect your Internet Privacy. It can erase you Internet history and cache files, cookies, tracking ActiveX control and Plug-ins, forms and passwords. It can also detect and remove Spyware programs. Updates can automatically be downloaded from the Internet. For more information, to download the free trial or purchase the program go to http://www.ontrack.com/internetcleanup/ or http://www.ontrack.co.uk/internetcleanup/. Please note that the UK web site does not mention the availability of the trial version.
This program is designed to identify and remove Spyware components such as keyloggers (that record every keystroke) and screen loggers (that take snapshots of your screen) installed on your system. The system can be updated regularly to detect the most recent Spyware components. A Corporate information version is also available. For more information, to download the free trial or purchase the product, go to http://www.spyware.com.
This product clears you Internet tracks. Amongst other things it clears your history and browser cache, recent files lists, cookies and temporary files left over by applications. For more information and to buy the product go to http://www.spycop.com.
This product is free for personal, non-commercial and can be purchased for commercial use. It allows you to securely package (in self extracting zip files) files for storage or to send by email and uses the Rijndael Advanced Encryption standard algorithm to encrypt the data. There is even a function to right click a file/folder, encrypt it and attach it to an email. You can also drag and drop files to encrypt them. Files you no longer want can be securely deleted, ensuring that your confidentiality is maintained. You assign the encrypted files/Archives a password to allow them to be decrypted. The packages are self contained so that recipient does not need decryption software, just the password you have chosen. This encryption product is available for PC's running Windows and handheld devices running the PocketPC operating system (some functions are only available for the Windows version). For more information, to download the free version or order the commercial version go to http://www.utimaco.de/eng/indexmain.html.
This product lets you trace connection problems and computers over the Internet using network analysis tools integrated into a visual interface. It displays the steps that a connection takes on a map, letting you see exactly what route the information is taking. You can see whose network the information is flowing through (or not if there is an issue) and even see what software a web site is running. The latest version includes some eMailTrackerPro functions to track the route of email. For more information, to download a trail copy or to buy the product go to http://www.visualware.com/visualroute/index.html. The "Trace a Potential Attack" function of the Symantec Security Check uses VisualRoute to provide this service free of charge at http://www.symantec.com/securitycheck/.
WinSettings is a powerful Windows utility that protects your online privacy and security and helps you gain more control of your Windows desktop and make better use of acquired multimedia contents. It cleans up unwanted tracks left on your computer from surfing the Internet, as well as your Recent Documents menu, Recycle Bin, and even temporary files. You can set Auto Clean to run on Windows start-up, or clean manually with a single click. Plus, the Screen Capture feature allows you to capture all or part of the screen or only the active application contents and can even automatically insert your screenshots into e-mail.
The latest version offers 28 options to clean up your tracks and history, and 16 options to capture, e-mail, or save screens. More information, including a downloadable trial copy, can be found at http://www.filestream.com/.
This products protects against Adware and Spyware. This product is designed to clear up browser history and cache files for a number of different browsers and chat programs as well as remove files from the recent files list is some common programs. It can also find and remove a number of monitoring programs including keyloggers (that record every keystroke) and remove programs that are set to automatically start your machine when you boot up. It has facilities to securely delete files and help you generate secure passwords. A Lite version of the application is available free of charge. An option to take you to a random web site appears to only take you to a lot of credit card sites (5 in a row in my tests). This doesn't appear to be very random to e2chameleon!. For more information, to purchase the full version or download the Lite version got to http://www.xblock.com.
|
|
