Best practices for online shopping, Part 1

Security Strategies This newsletter is sponsored by AT&T LISTEN TO BREAKING NEWS ON YOUR PHONE You're on the go and need instant access to information that can impact your business. Receive SMS alerts in the categories that interest you most. Too busy to read them? Listen to them! Information from Network World. When you need it. However you want it. Wherever you are. Sponsored by AT&T -- Your world. Delivered. Network World's Security Strategies Newsletter, 08/14/07 Best practices for online shopping, Part 1 By M. E. Kabay My former graduate student Steven Zeligman has just submitted another article for the column. Here are his practical suggestions (with the usual editing from me) on improving the security of shopping online. The following text is Steve’s. * * * Network World Security Buyer's Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyer's Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyer's Guide now. Online shopping does pose risks, but the risk can easily be reduced. 1. Eliminate malware Before shopping online, clean your computers of malware (malware is MALicious softWARE). 2. Shop only at trusted online retailers Use the same common sense when shopping online that you would use when shopping in the physical world. Be as vigilant when choosing online retailers as when choosing brick-and-mortar merchants. If you are uncertain about a particular Web site, check the Better Business Bureau’s ratings. Reliable online merchants provide a phone number where you can talk to a customer-service representative about security issues. Look for third-party seals of approval such as BizRate, BBSOnLine, VeriSign Secured, and HackerSAFE. Usually clicking on the symbol will bring you directly to the report for the Web site you are visiting. 3. Look for Web site security indicators Although the following are by no means absolute indicators of security, they’re a start: * A padlock in the browser window’s status bar (be discriminating - sometimes it’s a false indicator or even just a symbol placed on the Web page itself); * URLs that start with "https" instead of just "http"; and * The phrase "Secure Sockets Layer (SSL)" in the description of the communications protocol. These are all indications that the online merchant may have taken measures to protect their customers’ private information in transit. * * * In the second part, Steve looks at privacy issues when shopping online. Steven Zeligman, MSIA, MCP, CISSP, is the Network Security Manager at Dataline, Inc., and has more than 15 years of experience in information technology and security. His opinions are entirely his own and do not constitute the opinions of his employer. You are welcome to write to him with comments on this article.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Nude publisher Perfect 10 sues Microsoft 2. Vista prevents users from playing high-def content 3. Symantec patches critical Norton flaw 4. Vonage nearly done deploying patent workarounds 5. Google mistakes own blog for spam, deletes it 6. Storm Worm's virulence may change tactics 7. Kittens could solve spam 8. 802.11n WLAN tests show 'unbelievable' results 9. Cisco founder unveils the Next Big Thing? 10. Phishing researcher 'targets' the unsuspecting MOST-DOWNLOADED PODCAST: Twisted Pair: Philadelphia Wi-Fi freedom

Contact the author: M. E. Kabay, Ph.D., CISSP-ISSMP, is Associate Professor of Information Assurance and CTO of the School of Graduate Studies at Norwich University in Northfield, Vt. Mich can be reached by e-mail and his Web site. This newsletter is sponsored by AT&T LISTEN TO BREAKING NEWS ON YOUR PHONE You're on the go and need instant access to information that can impact your business. Receive SMS alerts in the categories that interest you most. Too busy to read them? Listen to them! Information from Network World. When you need it. However you want it. Wherever you are. Sponsored by AT&T -- Your world. Delivered. ARCHIVE Archive of the Security Strategies Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007