Configuring Public Access Computers to Protect Patron Privacy To Save or Not to Save? Strategies for Protecting Patron Information Revisited Amy West,

Slides:

Advertisements

Similar presentations

MFA for Business Banking – Security Code Multifactor Authentication: Quick Tip Sheets Note to Financial Institutions: We are providing these QT sheets.

Advertisements

Internet Security What you can do to protect your family.

®® Microsoft Windows 7 for Power Users Tutorial 7 Enhancing Your Computers Security.

Max Secure Software founded in Jan 2003 develops innovative privacy, security, protection and performance solutions for Internet users. The company is.

Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Network and Server Basics. 6/1/20152 Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server.

Network Redesign and Palette 2.0. The Mission of GCIS* Provide all of our users optimal access to GCC’s technology resources. *(GCC Information Services:

Getting Started in Blackboard. You will need… A web browser, preferably Internet Explorer, version 4.0 or higher An account and the knowledge of.

Design Aspects. User Type the URL address on the cell phone or web browser Not required to login.

How to Protect Your PC Grayware Adware, Malware, Spyware.

ASP.NET 2.0 Chapter 6 Securing the ASP.NET Application.

Downloading and Installing AutoCAD Architecture 2015 This is a 4 step process 1.Register with the Autodesk Student Community 2.Downloading the software.

Operating System & Application Files BACS 371 Computer Forensics.

OS and Application Files BACS 371 Computer Forensics.

Lesson 46: Using Information From the Web copy and paste information from a Web site print a Web page download information from a Web site customize Web.

Security of Cookies In A Public Computer Lab Setting Russell Fech November 30, 2000.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 48 How Internet Sites Can Invade Your Privacy.

Computer Lab Best Practices with Keystone Courses.

About Facebook Facebook is a social networking service launched in February 2004, owned and operated by Facebook Inc. Facebook was founded by Mark Zuckerberg.

Section 15.1 Identify Webmastering tasks Identify Web server maintenance techniques Describe the importance of backups Section 15.2 Identify guidelines.

INTERNET PRIVACY Marketing companies The cookie leak security hole in the HTML messages The Web Bug Can we trust the privacy.

October 15 click! 1 Computer Basics Kitsap Regional Library.

3-Protecting Systems Dr. John P. Abraham Professor UTPA.

Parent Guide for staying connected. To Begin using Skyward Family Access you will need:  A computer connected to the internet  A web browser (Windows.

SEAN WALLBRIDGE ITGROOVE AND SECTOR LEARNING SOLUTIONS SharePoint Users Group – March 12, 2009.

1 Chapter Overview Configuring Account Policies Configuring User Rights Configuring Security Options Configuring Internet Options.

Chapter 13 Users, Groups Profiles and Policies. Learning Objectives Understand Windows XP Professional user accounts Understand the different types of.

TECHNOLOGY GUIDE THREE Protecting Your Information Assets.

Module 5 Configuring Authentication. Module Overview Lesson 1: Understanding Classic SharePoint Authentication Providers Lesson 2: Understanding Federated.

1 Patron Data Management and Library Systems: A Vendor Perspective ALA Conference Summer, 2004.

COSC 513 Operating Systems Project Presentation: Internet Security Instructor: Dr. Anvari Student: Ying Zhou Spring 2003.

Cookies Bill Chu. © Bei-Tseng Chu Aug 2000 Definition A cookie is a TEXT object of max 4KB sent from a web server to a browser It is intended for the.

1 Visalia Unified School District SRTS User Training November 21, 2005 By SRTS Support

11 MANAGING INTERNET EXPLORER CONNECTIONS AND SECURITY Chapter 12.

Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?

Presenter: Le Quoc Thanh SPYWARE ANALYSIS AND DETECTION.

Getting Started. Package Overview (GradeQuick)‏ Web-based grade book –Access Anywhere –Always Current Paper grade book “look and feel” Flexible grading.

Introduction TO Network Administration

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

1 Visalia Unified School District Principal & Area Administrator Service Request Approval Processing Using The SRTS November 16, 2005 Administrative Services.

Unit 2 Assignment 1. Spyware Spyware is a software that gathers information about a person or site and uses it without you knowing. It can send your information.

PEMBINA TRAILS Portal System User Guide Prepared by: Jo-Anne Gibson Acadia Junior High Teacher-Librarian.

Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?

Top Ten Ways to Protect Privacy Online -Abdul M. Look for privacy policies on Web Sites  Web sites can collect a lot of information about your visit.

Installing and Configuring Moodle. Download Download latest Windows Install package from Moodle.orgMoodle.org.

Network and Server Basics. Learning Objectives After viewing this presentation, you will be able to: Understand the benefits of a client/server network.

Computer Security  Computer Security:  Password Strength  Windows Screen Saver  Deleting browser cache  Deleting browser cookies  Securing MS Office.

Internet Basics 10/23/2012. What is the Internet? It’s a world-wide network of computer networks. It grows hourly and involves national governments, communities,

Web Application for Home Energy Assistance Program

Hotspot Shield Protect Your Online Identity

To the ETS – Accounts Setup and Preferences Online Training Course

TECHNOLOGY GUIDE THREE

Internet and security.

Section 15.1 Section 15.2 Identify Webmastering tasks

Importance of Privacy Internet Safety

How to fix AOL related issue AOL is a type of digital media company that has developed and maintained many online services including service, search.

How to Secure Facebook Using Norton. If you are Norton customers and holds a Facebook account, this is how you can secure your account in few simple steps:

Unable to Login AOL Account Troubleshoot Issues When you are trying to sign in to your AOL mail account then revealed the “unusual activity” or.

Fix AOL Mail Blank Screen Error? If you get a blank screen while trying to sign in to AOL Mail then there may be some reason. do not worry! You just need.

What is Cookie? Cookie is small information stored in text file on user’s hard drive by web server. This information is later used by web browser to retrieve.

End User Guide.

TaxSlayer Multi-Factor Authentication (MFA)

Kitsap Regional Library

To the ETS – Accounts Setup and Preferences Online Training Course

Designing IIS Security (IIS – Internet Information Service)

Browsing in Private Mode

Data Recovery: Why Secure Deletion is so Important.

Business Zone - Clearing your Cache

Presentation transcript:

Configuring Public Access Computers to Protect Patron Privacy To Save or Not to Save? Strategies for Protecting Patron Information Revisited Amy West, University of Minnesota, ALA Annual Conference, Chicago, IL - 6/26/2005

The Good News Security intended to reduce maintenance on public access computers can easily protect patron privacy

Less Maintenance = More Privacy? When a computer is configured to reduce the effects of malware, less information can be written to it and less is preserved. The fewer traces left of a patron’s activity that are left, the greater the effective privacy of the patron.

Effective Shared Environments Because public access workstations are public, some configuration decisions will be made to create a welcoming shared computing environment. These decisions can also have a positive effect on privacy.

What’s Left to Identify Patrons? Resources out of the control of the library, such as vendor web sites and central authentication hubs can still provide identifiable information.

Minneapolis Public Library Needs Timed, limited Internet access Low-maintenance workstations, especially in branches Screens not visible to staff

Minneapolis Public Library Solution Timer software that resets every 24 hours –The reset erases preceding data Deep Freeze configuration protection –This software re-images computers at log-off to remove all configuration changes since the last image Privacy Screens on Monitors –Limits viewing of monitors to small area directly in front of computer

Minneapolis Public Library Effects The resetting of the timer software increases privacy because it erases the record of who was on which computer when that day By removing software artifacts (word processing files, browsing histories, etc.) resulting from each session, patron activity cannot be traced. Privacy Screens have no effect on patron privacy because everyone always removes them.

University of Minnesota Needs Low-maintenance workstations, especially in branches Secure use of University of Minnesota x.500 Central Authentication Hub –At the University of Minnesota, a user’s x.500 username and password gets to grades, HR/Registrar’s information, , library resources and more.

A University of Minnesota Solution Workstation configuration tied down –Partitions modeled on Unix systems with hard drive partitions for system files, program files and user files. –Neither the system nor the program partitions are writable by users. –The user partition is cleared at logout SSL Login to x.500 database –A generic login for non-affiliated users has also been created with limited permissions in the x.500 database. Internet Explorer’s and Public Browser’s tracking functions are turned off. –No history, no cache. Cookies are retained, but they are tied to the Windows user account which is a generic “public” account.

University of Minnesota Effects Workstation tied down –Because users can’t do very much on these computers, there’s no path to follow. SSL Login to x.500 database –No record in the Libraries is retained of who was on when. It is possible to get that information from the Office of Information Technology, but that’s all the information that is retained. Browser Tracking turned off –Without the history or cache, finding out what someone did while online is limited to what can be gleaned from cookies. –Extra layer of protection for x.500 usernames and passwords

Comment on Browser Tracking At the University the decision to eliminate browser tracking was not to facilitate privacy. It was actually to relieve subsequent users from having to see the list of web sites that preceeding users might have looked at. –This decision didn’t assume that preceeding users would be doing anything wrong. There are many valid research needs that would lead User A to offensive web content. We felt there was no reason why User B should have to confront that content, however inadvertently.

Conclusion Standard security measures intended to decrease maintenance and facilitate shared computing environments can protect privacy because such measures limit what a user can do on a computer, thus limiting traceable information and confine user activities to that user’s session.