Print This Issue

One Step Ahead: Privacy and Security Tips
October 24, 2006, Volume 53, No. 9

One Step Ahead

Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.

Keep Your Private Data From Showing Up On Google

If you are careless, Google and similar search engines will index private files on your computer, making them available to the whole world. Here’s how you can prevent this from happening:

• Beware of Google Desktop. For details, see a previous One Step Ahead tip: www.upenn.edu/almanac/volumes/v52/n33/osa.html.

• Ask your web administrator if directory index listings have been disabled. (This has been done for www.upenn.edu.)

• Be careful what folders you store sensitive files in. When you use "Save As …" it's easy to save a file to the wrong folder. Web publishers have sometimes accidentally saved a sensitive file in the public web folder.

• If you lack experience developing web-based databases, get help from your Local Support Provider.

• Even properly protected web pages with sensitive data should be taken offline when no longer needed. It's too easy, unfortunately, for applications with one wrong setting to end up in the public domain.

• Google doesn’t have a PennKey! If only members of the University community should have access to sensitive data, use PennKey authentication to protect those parts of your website. See www.upenn.edu/computing/web-security/websec/  for more information.

• If you run a web server, prevent search engines from indexing selected directories using a robots.txt file.

If you have questions, please contact Information Security at security@isc.upenn.edu.

See next week’s tip to find out how to detect if you’ve been indexed.


For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.

Almanac - October 24, 2006, Volume 53, No. 9