Organizations face many cybersecurity threats. Among those threats, social engineering attacks such as phishing stand out as a constant and costly struggle. The primary tools for combating social engineering are information security policy (ISP) and security awareness training (SAT), which seek to inform users of the threat of social engineering,…

Although the Children's Online Privacy Protection Act (COPPA) was enacted 20 years ago, the recently updated General Data Protection Regulation (GDPR) has renewed public interest in privacy policies. Under both COPPA and GDPR, companies must abide by strict regulations protecting children's personal data. Lengthy and oftentimes ambiguous policies…

While the growing popularity of social media has brought many benefits to society, it has also resulted in privacy and security threats. The authors assessed the security and vulnerability of 50 social media sites. The findings indicate that most sites (a) posted privacy and security policies but only a minority stated clearly their execution of…

Why is Information Privacy the focus of the January-February 2013 issue of "EDUCAUSE Review" and "EDUCAUSE Review Online"? Results from the 2012 annual survey of the International Association of Privacy Professionals (IAPP) indicate that "meeting regulatory compliance requirements continues to be the top perceived driver…

Almost everyone uses social networking sites like Facebook, MySpace, and LinkedIn. Since Facebook is the most popular site in the history of the Internet, this article will focus on how one can protect his/her personal information and how that extends to protecting the private information of others.

As more people seek the benefits of going online, more people are exposed to privacy risks from their time online. With a largely unregulated Internet, self-determination about privacy risks must be feasible for people from all walks of life. Yet in many cases decisions are either not obvious or not accessible. As one example, privacy policies are…

When it comes to anti-malware protection, today's university IT departments have their work cut out for them. Network managers must walk the fine line between enabling a highly collaborative, non-restrictive environment, and ensuring the confidentiality, integrity, and availability of data and computing resources. This is no easy task, especially…

Today's interconnected technical environment creates unprecedented opportunities while simultaneously introducing risks. With economic, social and personal interactions increasingly occurring in technology-mediated settings new vulnerabilities are continually being introduced. This dissertation seeks to improve extant understanding of how…

Attempts to clarify the status of e-mail privacy under the Electronic Communications Privacy Act of 1986 (ECPA). Examines current law and the paucity of definitive case law. A review of cases and literature suggests there is a gap in the existing ECPA that allows for potentially abusive electronic monitoring and interception of e-mail,…

Discusses the development a national information policy in the United Kingdom (UK): policies for national information infrastructures, electronic information services, privacy and data protection, copyright, public and national libraries; reviews problems inhibiting Internet use; compares the UK's and the European Commission's approaches to…

Examines Internet security risks and how users can protect themselves. Discusses inadvertent bugs in software; programming problems with Common Gateway Interface (CGI); viruses; tracking of Web users; and preventing access to selected Web pages and filtering software. A glossary of Internet security-related terms is included. (AEF)

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 (PL. 104-191) is a multitiered, comprehensive, convoluted, and controversial federal law for sweeping health care reform. Although HIPAA is dramatically broader in scope than privacy protections for health care information, a provision for privacy in the form of a Privacy Rule…

At Dartmouth College, the author teaches a course called "Security and Privacy." Its early position in the overall computer science curriculum means the course needs to be introductory, and the author can't assume the students possess an extensive computer science background. These constraints leave the author with a challenge: to construct…

This book gives an overview of the leading-edge Internet application areas (streaming multimedia, collaborative tools, Web databases) and key information policy issues (privacy, censorship, information quality, and more). The text serves as a primer on understanding the forces--economic, legal, social, as well as technological--that are shaping…

The use of information networks for business and government is expanding enormously. Government use of networks features prominently in plans to make government more efficient, effective, and responsive. But the transformation brought about by the networking also raises new concerns for the security and privacy of networked information. This…