Kenneth Van Wyk: 'Tis the season to shop with care
With online holiday shopping on the rise, and mobile-device shopping coming into its own, the need to be aware of the necessary security precautions has grown
Computerworld - With online holiday shopping on the rise, and mobile-device shopping coming into its own, the need to be aware of the necessary security precautions has grown.
With the 2012 holiday shopping season well under way, it's already evident that online shopping is on a record-setting pace this year, and mobile devices have had a huge impact. Every year, people have questions about the sorts of security precautions they should take when shopping online, and there will probably be even more questions now that mobile has entered the picture in a big way.
That's good; people need to be conscious of the need to take certain precautions online, just as they are aware that they shouldn't go into a physical shopping mall with hundred-dollar bills sticking out of their pockets and handbags. Personally, my awareness is heightened because I've had two credit cards defrauded this year. Did that happen as a result of my online or my on-site payment activity? I suspect that it was on-site, but I'll never know for sure. In any event, I hope my misfortune can help you avoid something similar.
Here are some pointers.
* Always opt for the payment method that's safest. Many sites these days support PayPal, Google or other payment services. When they do, use them and minimize the number of merchants that have access to your more sensitive payment details.
* Keep a secure log of all the sites on which you divulge your payment information.
* When given the choice, opt to not store your payment information with the vendor. It will be a bit of a hassle to have to re-enter your payment information every time you go back to buy something on that same site, but it's nothing compared to the hassle of having your payment card information stolen. Try to minimize your payment footprint.
* If you register with an online vendor, use a strong and unique password -- not one that you've already used on other sites. A lot of people will probably skip right over this bit of advice on the grounds that they think it isn't feasible to use a different password for every site. Don't be one of those people. To help with this, you have at least two options: either keep a secure log, on paper, of your usernames and passwords for each site, or use a password vault application to do that for you. I've been using such an app for years. It's easy to manage, and I am confident that my passwords for sites that have my payment information won't be easily cracked.
More by Kenneth van Wyk
- Kenneth van Wyk: Where mobile apps go wrong
- Kenneth van Wyk: Apple's big fail
- Kenneth van Wyk: After Snowden
- Kenneth van Wyk: Target breach underscores how backward U.S. payment tech is
- Kenneth van Wyk: Enjoy your trip, but protect the data you take with you
- Kenneth van Wyk: Lingering faults with security by default
- Kenneth van Wyk: High hopes for iPhone's Touch ID
- Kenneth van Wyk: Why mobile apps beat Web apps for privacy
- Bug bounties: Bad dog! Have a treat!
- How to avoid Big Brother's gaze
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Neustar 2014 DDoS Attacks and Impact Report For the third consecutive year, Neustar surveyed hundreds of companies on distributed denial of service (DDoS) attacks. The survey reveals evidence that the...
- Acxiom Case Study This case study, which focuses on Acxiom, explores how the company was able to secure employee data, reduce migration costs and boost productivity...
- Windows® XP Migration: Protect and Secure Critical Data With the end of the Microsoft Windows XP operating system's lifecycle on April 8, 2014, businesses are faced with the decision to migrate...
- Enhancing Application Protection and Recovery with a Modern Approach to Snapshot Management This CommVault Business Value and Technology White Paper explains how Simpana IntelliSnap® Recovery Manager can make your application recovery fast and reliable.
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts