Cisco Blogs


Cisco Blog > Digital and Social

It’s Time to Have a Serious Conversation About Internet Privacy Laws

On Saturday, March 10, Jasmin Melvin published the story “Web Giants Face Battle Over ‘Do Not Track’, Other Consumer Privacy Legislation.” The U.S. government, and governments around the world, have their eyes set on Google, Apple, and Facebook and their current and future policies in regards to internet privacy laws. SOPA, or the Stop Online Piracy Act, was the legislature’s first major attempt at regulating the Internet, and web giants like Google and Wikipedia responded with a day of blackouts, generating “3.9 million tweets, 2,000 people a second trying to call their elected representatives, and more than 5,000 people a minute signing petitions opposing the legislation.” SOPA may have failed, but you can be sure it won’t be the last attempt at regulation. This week, the Federal Communications Commission (FCC), plans to issue new recommendations for Internet privacy and data management policy.

You might think, “What’s the big deal, sure I want my privacy protected from Google, Facebook and the like, this is the United States of America.” Well, it’s not quite that simple. I agree, Google and Facebook can’t afford to get this one wrong: they would risk losing massive numbers of users who opt out, or choose new options that don’t track data or new features such as a “do not track” button. But decisions like this have massive consequences that go beyond personal privacy and data management. Read More »

Tags: , , , , , , , , , , , , ,

NCSAM Tip #4: The Hidden Data in JPG Photos

Digital photography has certainly brought considerable joy into the lives of millions of people around the world, but there are also security implications and they may be somewhat different than what many people believe. Many images, including JPGs, can contain metadata, data about the data in the image. To illustrate, I took a picture of the Ike cutout in front of my cube.

ike

Seems harmless enough, but let’s take a look at the EXIF data in this image.

I used http://regex.info/exif.cgi but there are other sites and apps that will let you view and/or manipulate EXIF data. Per regex.info here is some of the EXIF data:

Basic Image Information

Description: SAMSUNG
Camera: Samsung GT-I9000
Lens: 3.5 mm (Max aperture f/2.6)
Exposure: Auto exposure, Program AE, 1/13 sec, f/2.6, ISO 100
Flash: Off, Did not fire
Date: September 15, 2011 9:26:08AM
Location: 37° 24′ 30″N, 121° 55′ 39″WAltitude: 0 m
Timezone guess from earthtools.org: 8 hours behind GMT
File: 1,920 × 2,560 JPEG (4.9 megapixels)
1,542,855 bytes (1.5 megabytes) Image compression: 90%

Look, it put me correctly in Building 17.

Read More »

Tags: , , ,

NCSAM Tip #1: Social Networking Safety

In today’s Cyber Security Awareness Month Tip of the Day we revisit a past post to once again focus on the fact that millions of individuals are victims of their own carelessness by freely posting information such as vacation plans and family photos on social networks, and by storing Personally Identifiable Information (PII) such as medical records and financial information on mobile devices. Users are sometimes not sufficiently educated when it comes to what types of information should be shared, and with whom they should be sharing this information.

Read More »

Tags: , , , ,

5 Tips to Avoid the Pitfalls of Social Media

The advent of social media platforms is continually transforming the way organizations interact with customers, build brands, and engage with the world.  While certain organizations have eagerly participated in social media as a means to garner long-term marketing benefits, other organizations are hesitant to address employee interaction in the new interconnected world of social media.  However, simply looking the other way is no longer a viable option.  The statistics are staggering and can’t be ignored:  Facebook with over 500 million users, Twitter with nearly 200 million registered accounts, and LinkedIn with 100 million users.

This is a primer on how to help your organization defend itself by identifying the potential risks associated with employee use of social media, providing recommendations on how to mitigate those risks, and sharing Cisco’s approach.

Pitfalls of Social Media

Read More »

Tags: , , ,

Adapting Levels of Assurance for the NSTIC

This is part of an ongoing series on the National Strategy for Trusted Identities in Cyberspace. The introduction to this series can be found here.

One of the goals of the National Strategy for Trusted Identities in Cyberspace (NSTIC) is to support a wide range of use cases. These might include everything from low-value purchases to making adjustments to critical infrastructure, like power systems, where someone might get hurt if an unauthorized action takes place.

Read More »

Tags: , , , ,