private information

Private Information Decision Tree

The folks in the E. Philip Saunders College of Business provided the Decision Tree below. This should help you determine what to do with information the Identity Finder scan reports.

Tags:

Watch out for Good Ol’ Scammer Claus: Practice safe shopping online this holiday season

(revised from an article written in the RIT University Magazine by Ben Woelk)

Consumers spent more than $46 billion shopping online last holiday season and will spend even more this year. According to Internet Retailer, this year’s online spending is estimated at $54 billion, and, “This holiday season will mark the fourth consecutive year of e-commerce spending growth.” To cyber criminals, more spending and the busy-ness of the season means more opportunity for identity theft and fraud.

As you begin your shopping, follow these guidelines to help ensure that you don’t become a victim.

Make sure you’ve protected your computer. According to a survey by the National Cyber Safety Alliance, most home computers aren’t as well protected as their users believe. We recommend that you make sure your home computer meets the requirements of the RIT Desktop & Portable Computer Standard especially updated anti-virus and anti-spyware software – before going online.
Know from where you’re buying. Plug the website name into a search engine. What kinds of consumer reviews are returned?

Understand the seller’s return/exchange policy before buying.
Check the seller’s privacy policy to understand how they will protect your information.
If you’re shopping on an auction site, check the seller’s feedback to see what kind of experience others have had.

Know what you’re buying. Don’t fall for a deal that looks too good to be true. Extremely low prices could be an indication that the item is a counterfeit. The website may also harbor malware that could attack your computer.

If you’re making several purchases, try to combine them in the same order if possible. It saves the amount of transactions you have to make and may also save you money on shipping costs.

Only send your private information using secure web forms. Make sure the address bar begins with either shttp or https.

Look for a padlock or an unbroken key on your web browser to confirm that the site is secure. The padlock will be located at the left end of the address bar or in the bottom right part of the browser window.
Don’t respond to requests for private information. No legitimate retailer will ask you to submit private information by e-mail. Never give out bank account numbers or Social Security numbers online or in response to an e-mail.

Use a secure payment method. Find out if your financial institution offers one-time use “virtual credit cards” or “temporary account numbers.” These use different numbers than your regular account and expire after a set time period. Credit cards offer the most protection. Federal law limits your fraud liability to $50 for unauthorized transactions. MasterCard and Visa offer zero liability for most debit transactions as well. If you’re not using a credit or debit card, don’t use cash or wire transfers. Use a money order or cashier’s check instead, since these methods are much easier to trace if something goes wrong.
Keep a paper trail. Print copies of all of your orders and receipts as well as e-mail correspondence and product descriptions. Monitor your bank account and credit card statement after your transactions for any suspicious activity.
If you suspect something is wrong: Contact the seller and inform them of the problem. Contact your financial institution or credit card issuer immediately to freeze your account(s). If necessary, file a complaint or identity theft report with the proper authorities:

FTC Identity Theft Form: http://www.ftc.gov/bcp/edu/microsites/idtheft2012/pdf/identity-theft-affidavit.pdf
NYS Attorney General’s Office: http://www.dhses.ny.gov/ocs/
Better Business Bureau: www.bbbonline.org

For more information on safe online shopping, visit our Safe Online Shopping and Banking page and the following Web sites:

NYS Attorney General’s Office: http://www.dhses.ny.gov/ocs/
FTC: http://www.onguardonline.gov/articles/0020-shopping-online
Staysafeonline.org: http://www.staysafeonline.org/stay-safe-online/protect-your-personal-information/online-shopping
Safeshopping.org: www.safeshopping.org/

Tags:

Brochure

Brochures

Click on the brochures listed below to answer a variety of common questions regarding online safety concerns in the RIT community.

Tags:

Identity Finder and PIMI Quick Links

Faculty and Staff Responsibilities
Private Information Handling Table
Private Information Management FAQ
End User Identity Finder Guide for Windows (updated May 5, 2011)
End User Identity Finder Guide for Mac (updated December 16, 2011)
Mac Quick Reference (updated February 14, 2012)
End User Identity Finder software demo (requires Adobe Flash)
Management and Technical Representatives
Administrator resources may be found on the RIT Information Security wiki (Restricted Access)

Tags:

Requirements for Faculty/Staff

Faculty and Staff

Read and understand the RIT Code of Conduct for Computer and Network Use and the RIT policy regarding Digital Copyright.
In addition to compliance with all standards and policies, administrators should refer to the Technical Resources section for implementation configurations, guidelines, and best practices.

Make sure you understand and comply with all applicable standards.

Security Standards

Standard	When does it apply?
Desktop and Portable Computer Standard	Always
Password Standard	Always
Information Access & Protection Standard	Always
Computer Incident Handling Standard	Always
Portable Media Standard	If you are storing Private or Confidential information on portable media, such as USB keys, CDs, DVDs, and flash memory. If you must store Private information on portable media, the media must be encrypted.
Web Security Standard	If you have a web page at RIT, official or unofficial, and you: Own, administer, or maintain an official RIT web page that hosts or provides access to Private or Confidential Information. Use RIT authentication services
Signature Standard	If you are sending out an e-mail, MyCourses, or Message Center communication relating to Institute academic or business purposes. This applies to both RIT and non-RIT e-mail accounts.
Server Security Standard	If you own or administer any production, training, test, or development server, and/or the operating systems, applications or databases residing on it.
Network Security Standard	If you own or manage a device that: Connects to the centrally-managed Institute network infrastructure Processes RIT Confidential or Operationally Critical information
Authentication Service Provider Standard	If you are providing authentication services on network resources owned or leased by RIT.

All instances of non-compliance with published standards must be documented through the exception process.

Information Handling

	Information Handling Quick Links
Digital Self Defense 103 - Information Handling	Covers important security issues at RIT and best practices for handling information safely.
Disposal Recommendations	How to safely dispose of various types of media to ensure RIT Confidential information is destroyed.
Recommended and Acceptable Portable Media	List of recommended and acceptable portable media devices (such as USB keys, CDs, DVDs, and flash memory).
Mobile Device Usage Recommendations	Recommendations for mobile device usage at RIT
VPN	Recommended for wireless access to RIT Confidential information.
E-mail at RIT	Improve the security of your e-mail at RIT.

Safe Practices

Visit our Keeping Safe section to find security resources and safe practices and to see our schedule of upcoming workshops.

Find out more about how information security affects you by becoming a Fan of the RIT Information Security Facebook page.
Follow us on Twitter for updates on current threats.

Questions

If you have questions or feedback about specific information security requirements, please contact us.

Search form