Information technology management requires the monitoring of online privacy on many levels. This is a hot topic in the field because there is a growing concern over how to protect one’s personal information on the internet; in the business world, this concern extends to the protection of confidential business data. Computers have the potential to store data in nearly every situation in which a user is asked to enter information; it is therefore the responsibility of the IT professional to find ways to prevent this information storage in a way that is beneficial to both the individual user and his or her company. To be able to effectively prevent against the illegitimate transfer of information obtained online, one must first understand how this private information is tracked by the machine.
When a person logs onto the internet and enters personal or business information onto a website, this information is likely being tracked by either Malware or Spyware. Third party companies are sometimes hired specifically to obtain this information; this helps websites generate advertisements that are relevant to each individual and occasionally allows criminals to steal banking information. This problem has becoming increasingly important because people worry about what happens when they put their information into social media websites like Facebook. It is therefore important to understand what cookies are and how they are used to store information on computers.
HTTP cookies are also known as tracking cookies and function to help users access websites that require some kind of external information in order to run properly. Occasionally, the data tracked by these cookies is brower/user history data; therefore, when a person logs onto a website, such as Google, the website will remember past searches, the user’s e-mail address, and other associated information in order to make use of the website easier. While HTTP cookies are usually used to enhance the functionality of a particular website, third parties can take advantage of them to obtain data that users would like to remain protected. These tracking cookies can be used to obtain a complete set of browser history and can even be saved as evidence against someone in a case involving computer forensics.
When tracking cookies were originally designed, they were made so that only the websites that distributed the cookies to users could retrieve the information associated with them. Despite this, computer programmers can take advantage of this process and circumvent this information to themselves using either the placement of a tag in the users browser or they can use a technique known as cross-site scripting in order to take this information.
Although the presence of cookies makes it seem likely that information will be stolen by someone who intends to do harm, this is not always the case. The user can take several steps in order to protect their information from third parties. Most internet browsers have privacy security settings that can limit the levels of cookies that computers are storing. Some websites require a certain level to work, but depending on the computer needs of the individual, a higher level of protection against cookies may be useful. In browsers like Google Chrome, there is an option called “incognito mode” that can be accessed by using either the changing the browser settings manually or by selecting “Control, Shift, N” on the keyboard. This will temporarily disable cookies altogether and prevent any tracking of browser history while this feature is active. In addition, users should be aware that they tend to accidentally leave cookies on their computer; in order to prevent information from being taken, they should be sure to remove cookies from their browsers of choice regularly. Important ways to ensure that third parties are not accessing your personal accounts when you are not using the computer is to log off these websites; simply exiting the screen will not prevent their access to these tracking cookies. In addition, people should avoid making purchases and creating web accounts on computers that are not their own; this information will be stored on whichever unit they complete these activities on and since it is not their personal Mac or PC, they do not have complete control over their security. Lastly, it is important to know what kinds of cookies your computer is storing and be aware of how to delete these cookies. If a person uses a public computer, they should always remove cookies immediately after use. The exact step by step method used to delete tracking cookies is dependent on the browser being used. In Google Chrome, select the menu button, then “tools”, and “clear browsing data”; while this browser will give you the ability to select the time period for which tracking cookies should be deleted, it may be useful to delete all past cookies because it is difficult to remember what information was entered on which date. In Firefox, select “tools” and then “clear browsing data”; before deleting the data, this browser should provide you with information about what kinds of cookies were stored on your device. In Internet Explorer, go to “safety” and then select “delete browsing history”. In Safari, select “preferences”, then “privacy”, and “remove all website data”. Although only information on how to delete cookies for commonly used browsers was provided, most reliable browsers should have some method of deleting tracking cookies; if this method isn’t obvious and a help option is available, it likely contains the answer. If there is no way of deleting tracking cookies, the browser being used is unsafe and should be avoided (Internet Safety Project, 2013).
Since users are able to disable HTTP cookies, programmers have developed something known as flash cookies. This types of cookie is used primarily for marketing purposes; like the HTTP cookies, they track browser history in order to determine advertisements that are relevant for each individual user. For example, users who have an advertisement blocking extension or application installed will notice that when they log into social media networks like Facebook, there are advertisements located on the corner of their screen. Flash cookies are used to determine advertisements that are custom tailored to the individual; someone who goes clothes shopping online frequently will likely find links to online stores on their Facebook page. Flash cookies work similarly to HTTP cookies except for the fact that Adobe Flash Player is used to store information on the users device. While this type of cookie leads to the same kind of privacy risk that HTTP cookies do, they cannot be removed as easily. Therefore, all of the aforementioned techniques that can be used to remove or block HTTP cookies does not affect flash cookies. To make matters worse, many websites will store cookies as both HTTP and flash cookies in order to ensure that information is not removed from the computer even if HTTP cookies are manually removed. Fortunately however, there are a few things that users can do to remove this type of cookie, to ensure that they are never stored, or to protect against their effects.
Since flash cookies are mainly used to track information that provides websites with advertisements, a useful way to protect against this annoyance is by disabling advertisements generated by flash cookies altogether. Browsers like Google Chrome have an extension called “Adblock Plus” that disable the advertisements from coming up on the user’s screen. Since Adobe Flash Player is responsible for storing these flash cookies, changing the player’s settings will prevent them from coming through. To do so, the “Adobe Website Storage Settings” panel should be visited and the “Delete All Sites” option should be selected. To prevent any future storage of flash cookies on the computer, the “Global Storage Settings” panel should be visited and third-party Flash content can be disabled. Since doing so may damage the functionality of many websites being visited, the user needs to either assess the importance of privacy protection over the full use of these websites or search for alternative protection methods. One alternative way to protect against flash cookies is the use of free software such as SlimCleaner and CCleaner. These programs will selectively save or delete cookies based on whether it believes the cookies are being sent from a trustworthy site or not. Many virus protection programs that have Malware and Spyware protection components can also be used for this purpose; these programs will usually make you aware when a potentially harmful cookie has been downloaded to your computer (Vincent, 2011).
Some modern anti-virus and malware programs do offer protection against evercookies, but these products aren’t fully effective or commonplace. The primary intention of evercookies is to ensure the functionality of certain websites and to assign an individual’s computer a kind of “license plate” that can be tracked for legal purposes. However, it is difficult to argue that people won’t take advantage of these cookies to steal private information. We must therefore hope that a program is developed in the near future that will enable us to opt out of this involuntary tracking of information.
Internet Safety Project. (2013). Cookies. Retrieved from http://www.internetsafetyproject.org/wiki/cookies
Kamkar, S. (2010). Evercookie – never forget. Retrieved from http://samy.pl/evercookie/
Vincent, Nicole. (2011). Preventing Identity Theft and Cyber Crimes. Retrieved from http://onguardonline.gov/blog/preventing-identity-theft-and-other-cyber-crimes