Join Jess Stratton for an in-depth discussion in this video Understanding the signs of a secure website, part of Learning Computer Security and Internet Safety.
- In this day and age, we can buy almost anything on the Internet. We can also file our taxes, check finance account balances, and fill out forms that require us to first put in our personal information before we can submit the form. For example, take this student loan site. We can sign in and pay our bill and check our balance. It's very important to be able to look critically at every website that wants your information. These websites need to be held at high standards of security to be able to take your data and pass it through various Internet ports.
Here are some ways to tell if the site is secure before giving it credit card data, social security numbers, or any piece of data you don't feel safe sending over an unsecure connection. What constitutes a secure connection? It's one that encrypts your data before sending it. The data is encrypted on your end, sent through the Internet, and, then, de-crypted on the other side once the form has been submitted safely. Take this site. We can see the URL is http://aesuccess.org.
The most easier and common way to recognize if a site is secure, by looking for a padlock icon on the form. It's important to note that this padlock icon is not available everywhere on the site. Only on the page where you're transmitting the personal data. So, the padlock won't appear until that form appears. For example, here's a Sign In button. If I click that Sign In button, it's going to bring me to a form and several things have changed. Now here I'm going to be submitting my Username and Password.
This is data that I need to know is secure. You can see that a few things have happened when this popup has occurred. The first thing is the browser title bar has changed. Secondly, a padlock icon has appeared at the top of the page. This tells me that this site is secure. You can also tell by the URL of the site. When I showed you that first URL, it uses the HTTP protocol, Hyper Text Transfer Protocol. That's what the HTTP stands for. You've probably seen it when you go to a site, it proceeds the www.
However, when you go to a site to send financial or other sensitive data, the site adds an extra layer of security. It's called SSL and it stands for Secure Sockets Layer. The protocol changes and it becomes HTTPS. If you start looking for it, you'll notice it's always on bank and credit card sites and any other site that could contain private data. Secure Sockets Layer doesn't just encrypt your information, it also verifies that the website you're on is who it claims to be by a special certificate.
On every browser where you see that padlock icon, you can click on that padlock icon. It's also going to bring up the official certificate so that you can verify that you're on the site and it's who they claim to be. So, what happens if you're on a site that wants log in information and you don't see the padlock or the https in the URL bar? You absolutely can transmit the data. It's not that you can't. But, it's up to you to make the decision whether or not you want to. What it means is that the data you send will be un-encrypted.
And while it might not be intercepted, it could be intercepted because your data is being sent as plain, readable text. You can ask yourselves questions. So think critically about what type of data you're sending this way. Is it sensitive? And, finally, what could happen if somebody intercepted it? Answering these questions will help you decide if you want to go through with sending the data or not. The number one method of knowing is your intuition. If it doesn't feel right, it's probably not.
- Installing updates
- Using antivirus software and protecting against viruses
- Enabling Windows Firewall
- Using password-management software
- Encrypting files that contain sensitive data
- Securing your router and protecting the SSID
- Understanding the signs of a secure website
- Checking settings for Internet Explorer, Firefox, Chrome, and Safari
- Unsubscribing from email subscriptions
- Reviewing site privacy settings
- Browsing on a public computer
- Understanding cookies
- Protecting other people's names and locations
- Fact-checking email warnings