IT Briefs: Who's Watching Me? Privacy and Security in the Digital Age

Technology has revolutionized the way companies do business in the 21st century.  The productivity of the average American worker is at an all time high.  Mobile communications and computing allow individuals to do business from anywhere (home, office, or on the road).  Both businesses and consumers have benefited from the conveniences provided by technology.  However, these advancements do not come without a cost.  And in many cases that cost is paid by relinquishing privacy or vulnerable security.  How real are the risks and what steps can you take to minimize them?  

Browsing the Web has become a big part of many individuals daily routine.  Whether for business or pleasure, it may seem like a completely anonymous activity.  The reality is that it’s quite the opposite.  The most obvious way people give away personal information is by filling out a form on a company’s Web site.  Always read the sites privacy policy and consider how valuable this service will be to you before providing them with your personal information.  And NEVER provide your social security number.  Another way that Web sites track your activities is by placing small files otherwise known as “Cookies”, on your hard drive.  Cookies can generate profiles of your visiting habits -- monitoring what pages you visit and what you access.  Sometimes cookies are a necessity, for example if you want a Web site to recognize you so that you do not have to type in a password every time you visit.  However, third party cookies are usually from advertisers on the Web site and these are really of no value.  They are used to accumulate Internet user data and build user profiles.  In your browser, you have some control over how cookies are handled.  For even greater control, use a third party product.  The most valuable commodity many Web sites have is your personal information, so make certain you control who gets it.

Computer viruses are another area where security can be compromised.  In some cases, viruses are just a nuisance, clogging e-mail boxes and networks with unnecessary traffic.  However, many are much more destructive, disabling programs and even erasing hard drives.  One of the most common mistakes is not updating your virus software.  Norton Anti-Virus and McAfee Virus-Scan are worthless if the user doesn’t take the time to update the software to recognize the most recent viruses.  It should be a company-wide priority to update the definitions at least once a month.  In addition, any business that’s on the Internet that does not employ a firewall to protect its assets is taking a risk.  A firewall not only keeps outside intruders from viewing the contents of your network; it helps control your employees' online activities.  From content filtering to e-mail scanning, it gives you piece of mind that you’re not being represented in an unfavorable way in cyberspace.  A final piece of advice: all employees should be required to sign an Internet and e-mail usage policy to make them aware of what is and is not acceptable use of these business tools.

The World Wide Web is a wonderful tool for business and it’s not hard to secure your network with a little research and effort.  Bringing in an outside party to review it for you is another alternative, because a professional may detect certain things that were overlooked.  Security is often an afterthought with companies’ technology plans.  It only becomes an issue after something negative occurs.  Don’t make this mistake.  Making it a priority will be a benefit in the long run; prevention is always the best course of action.

Mike Breier and Geoff Beltzhoover are consultants with the CPA firm of Shepard, Schwartz & Harris LLP. SS&H is a CPA firm that provides auditing, tax and consulting services in a variety of areas including Information Technology, Business Valuation and Litigation Support. Visit our Website at ssh-cpa.com for more information or contact Mike Breier at (312) 726-8353 or mikeb@ssh-cpa.com. A printable copy of this article appears at ssh-cpa.com, just click on IT Briefs.