Data Forensics Expert Witness: Facebook Exposes Personal Data!

Unfortunately, this is not the first time Facebook has been in the news for its poor handling of data. In July 2012, there was a similar breach where a private security consultant used a piece of code to gather information on over 100 million profiles. This was not seen as a hot topic issue because the information gathered was not secured by the user, and therefore in the public domain. But, it does brings up some interesting points which many users seem to forget when they surf or post to social media.

For any social media sites, you should follow these rules:

Rule #1: Do not post private information on the internet, regardless of security or visibility options. If you are not comfortable with sharing your location with 1.1 billion users, it is strongly recommended you avoid posting that information. Be wary of who might use your profile against you.

Rule #2: Try to keep separate social media profiles for work and personal. LinkedIn and Facebook are perfect examples. LinkedIn, while useful for businesses, is not geared towards someone looking to keep in touch with friends and family. Facebook, is useful for both business and personal. But, keep in mind it is first and foremost a personal website.

Rule #3: Check your privacy settings. Facebook in recent years has really stepped up their game on how best to protect personal user data. One can now determine which posts and pictures can be seen by whom. You may decide you want your friends to see your new car, but do not necessarily want your jealous ex to know. This is done by simply changing the visibility setting on each post. It can also be done globally if you prefer.

Rule #4: The internet does not forget. Remember the ‘accidental’ drunken photo you posted online and thought you deleted? Odds are: somewhere out there remains a copy someone snagged before it was taken offline. This and other posts you might have created, could be used against you in a malicious manner. Think before posting. In other words: ‘Never post anything you don’t want printed on the front page of the paper.’

An amusing case to end on. A Wisconsin man claimed he could not pay child support. Yet he posted several pictures on his Facebook page showing him with several hundred dollars in cash. Needless to say, he is likely re-examining how best to protect his data as the judge at his hearing was not amused. He probably takes the phrase “think before you post” a little more seriously now.

Be An Expert In Computer Forensic

Computer forensics is an emerging field. There are great job opening in this fields in government as well as private institutions. Now, the technology is growing at a greater pace, so the demand for experts to tackle the crimes in this field is also increasing. The evidences found out by a computer forensic expert are legally accepted in most of the countries.

The police department will also be taking the assistance of forensics experts. They can have a great contribution to crimes related to terrorism. Most of the organizers of the crime will be using the internet technology, therefore an expert in this field can only hack their identity. Many corporate offices are also choosing forensic experts to solve the crimes in their organization. The scientific methodology behind the crimes is solved by experts.

There are many cases where the crimes have been solved by the experts and the victim is punished legally with the forensic evidences. The secret information in the police department, government offices, corporate office and other fields are kept safe to avoid hackers. The hacking of confidential details is legally punishable.These type of crimes can be proved and established by an expert forensic investigator.

The digital information can be accessed by a forensic investigator. Malpractices in the government law affairs with the use of technology can be prevented by an established investigator of forensic. The information on computer hard drive and other digital media will be the evidence collected by them. Financial theft in Multinational companies is caught by the help of forensic investigators. They can have an employment in the corporate fields also to safeguard the company projects details and other information.

This potential field is giving many job opportunities to the future generation. There are many colleges and universities offering the course for forensic technology.

Computer Forensics Expert: How to Keep Anyone From Snooping Around Your Cloud

The American Civil Liberties Union, based in New York, NY., reported the U.S. Government claims the right to read personal online data without warrants. This trend is not unique to the U.S. Government. Many governments around the world make requests of these service providers as well.

According to statistics published by Google, it received over 16,000 requests for information affecting over 31,000 users in 2012. Google’s same statistics stated they provided information in over 85% of the requests.

In 2012 Microsoft received over 70,000 requests affecting over 120,000 accounts. While this is a much higher number, Microsoft only produced information on these requests about 2% of the time. Almost 80% of the requests asked Microsoft to divulged subscriber and transactional information only.

Locking the thieves out:

Companies and individuals can take easy steps to prevent thieves, companies and the government from gaining access to online storage which contains private information.

Here are a few basic ways of protecting or encrypting the data to keep prying eyes from viewing confidential and/or personal information:

1) The data can be encrypted before it is stored in the Cloud. Products like TrueCrypt, Privacy Drive and MyInfoSafe allow for the user to encrypt their data. This type of encryption can be done for files as well as folders prior to storing it in the Cloud.

2) Use an “On The Fly” encryption product which encrypts data as it is stored by almost any online storage provider. Products like BoxCryptor, Cloudfogger, SafeMonk, and Viivo integrate with the Cloud Storage provider(s) of your choice encrypting data locally, but seamlessly before it is stored in the Cloud. These services provide encryption completely separate from the storage provider, ensuring even the storage provider employees can’t access data stored in their company’s Cloud.

3) Choose a provider that encrypts the data as part of their service. Storage-As-A-Service companies like SpiderOak, iDrive and Comodo not only transfer your data via an encrypted protocol, these companies also store the data in an encrypted format preventing those who don’t have an access key from easily viewing your data. It is unknown if there is a back door they are able to use to access data stored on their servers.

Businesses are acutely sensitive to government information requests due to their legal responsibilities under privacy laws, such as HIPAA and the Gramm-Leach-Bliley Act. Therefore, in highly regulated industries, such as financial services and healthcare, businesses must strike a balance between government oversight and consumer privacy.

The U.S. Electronic Communications Privacy Act of 1986 was enacted in the early days of the Internet. The act did not require government investigators to obtain a search warrant for requesting access to emails and messages stored in online repositories. In 2001, the PATRIOT Act further added to the authority of the federal government to search records under its “Library Records” provision, offering a wide range of personal material into which it could delve.

We are not suggesting people should try to skirt around the PATRIOT Act. But companies and individuals should do their best to comply with data privacy issues. It should be up to the organization or individual to establish a policy regarding exactly what, when and to whom they disclose information from their Cloud service provider..