Tuesday, October 31, 2006 - Almanac Vol. 53, No. 10
Find out if Google’s got your data before the bad guys do
Hackers use Google extensively to find private data on the web. You can preempt theft of your data by using the same tools the bad guys use.
Use search engines regularly to search for any private data that might have been mistakenly exposed. Because you’ll be searching computers throughout the world, you’ll need to limit your search somehow to avoid getting a lot of "false positives". To limit your search to just Penn, type the following in front of your search terms: site:upenn.edu Or to limit your search to a particular server, such as the Penn Humanities web server, typesite:humanities.sas.upenn.edu
Search for terms like "confidential", "private", "meeting minutes", employee names or cell phone numbers. Before searching for especially sensitive data like Social Security or credit card numbers, consider that any search terms you type will go out over the open Internet, and are subject to snooping, so use good judgment. For an excellent article on Googling yourself to protect your privacy, see review.zdnet.com/AnchorDesk/4520-7297_16-5153622.html
If you are unlucky enough to have sensitive data indexed, simply removing it from your computer is often not enough. Google, the Internet Archive, and other sites often keep a cache, or copy, of your data on their sites, and you will need to work with them to get it removed. For help removing cached data, contact Penn Information Security at firstname.lastname@example.org.
Finally, if you should find another Penn organization’s private data, please contact email@example.com.