INVITATION TO CYBERSECURITY 252 Users must also exercise caution when uploading files and typing information into webpages. This certainly includes anything posted to a public website such as a social media page or a web forum, but it is not limited to only these types of websites. Once data has been uploaded or input online, even if it is not posted publicly, it is shared with the web server. If a bad actor runs the web server or if it is compromised, that data can potentially be used for nefarious purposes. Company employees sometimes unwittingly share proprietary information or source code online while searching for answers to questions, dialoguing on forums, and when using AI tools. Although they may not realize it, they have caused a data breach because they have sent sensitive information out of the company’s network. Once out, that data cannot be retrieved. Even non-nefarious AI tools might store user inputted data and later output it in response to future user queries. Being cautious about posting online goes beyond the risk of sharing sensitive or proprietary company data. In general, users should never put anything online or send anything through cyberspace, including text, pictures, and videos, that they would not want their parents to see. Following this principle promises to save future pain and regret. This includes pictures and videos that are synced to the cloud, like most of the data on smartphones is by default, and also data sent via messaging apps. Once something enters cyberspace, it is forever out of the user’s ability to completely control. Even if a user deletes something online, it is impossible to be sure it is really permanently deleted. 9.2.5.4 Be Discerning As we saw in Section 8.3, logs are kept by systems and network administrators on local devices and networks. Logs are also kept in cyberspace by service providers. These logs are invisible to users and are outside of their control. However, users need to be aware that this data exists and should think twice before typing or clicking. The Internet is not as anonymous as it appears. Being aware of what is possible will help users make wise choices. When a user is logged in to a website, the actions taken by that user can be logged by the web server. For example, Google might log what searches a person makes and what results they click on along with the date and time and the user’s location. Online word processing applications such as Google Docs record all the changes made to a document over time, including deleted sections of text. Social media companies can also log activity including who viewed what when, what they clicked on, and any information they posted, including content that was later deleted or modified. Some companies are able to log actions taken by users across the Internet as they browse different websites through the use of tracking cookies. A tracking cookie is a text string assigned to a web browser by a web server for the purposes of uniquely identifying a user. For example, advertisers partner with many different websites and aggregate information across their advertising network using tracking cookies. If a user searches for gold coins on one website, then that user might be shown advertisements for gold coins
RkJQdWJsaXNoZXIy MTM4ODY=