Online Backup vs. Cloud Storage

• Tweet

July 19th, 2011 - Posted by Sarah

Several large companies have rolled out cloud storage products recently: Amazon Cloud Drive, Google Apps for Business (of which cloud storage is only a part), Windows Live SkyDrive, and Apple iCloud, which isn't available until fall. On NextAdvisor, we review online backup services, some of which can also be classified as cloud storage. Let's use SugarSync, the most cloud-like of the online backup services we review, as an example. What's the difference? Which is best? Let's find out.

Starting Monthly Price

• Amazon: Free with account
• Google: $5
• Windows: Free with account
• Apple: Free with iOS on iPad, iPhone, or iPod Touch
• SugarSync: $4.99

GB of Storage Included

• Amazon: 5GB
• Google: 1GB
• Windows: 25GB, individual files limited to 100MB
• Apple: 5GB
• SugarSync: 30GB

Data Security

• Amazon: SSL encryption; only eight devices allowed to access your music via Cloud Player
• Google: advanced capabilities and expanded limits for other Google products, such as Gmail and Google Calendar; SSL enforcement for secure HTTPS access
• Windows: configured by permissions set by the user; all content is marked as "public" by default
• Apple: might not allow previous data to be uploaded if not purchased with or created using an Apple product; only allows sharing of calendars;
• SugarSync: triple-encrypted; optional passwords for shared storage

Additional Features

• Amazon: Amazon Cloud Player for listening to music files, especially MP3s downloaded from Amazon
• Google: part of Google Apps for Business, so cloud storage limited to Google Docs
• Windows: Word Doc collaboration even if you don't have Microsoft Office; simple sharing to social networks
• Apple: keeps email, contacts, apps, and calendars up-to-date across all your Apple devices; pushes files to all of your Apple devices; no data encryption
• SugarSync: backs up external drives; mobile apps allow you to stream remotely stored music, view documents, and upload photos to SugarSync account

Bottom Line

While each cloud storage service has unique features, none of them backs up your computer automatically; you must manually add new files to store in the cloud. This is the main advantage to SugarSync: You can schedule automatic backups of your computer after you tell SugarSync which folders to back up. Windows and Google allow you to work on your documents in the cloud without saving to your computer first, but because you keep your data not only in the cloud but also on your computer when you use online backup, you'll be able to work on it even when you're not connected to the Internet.

SugarSync starts at $4.99 a month for 30GB of storage space, which works out to $0.17/GB. Only Google has a pricier option, but Google's cloud storage is not the focus of its business apps package. However, the price is worth the other features as well as the ability to have a lot of space; SugarSync starts at 30GB, but the highest anyone else (Windows) goes is 25GB. You can use SugarSync across multiple platforms, unlike iCloud, which only works on Apple devices. SugarSync has better file security, so you know no one can see your data unless you want them to. The mobile app is unique—you must be on your computer connected to the Internet to acces most cloud storage services.

Other online backup options with similar features include SpiderOak and Mozy. If you only need to worry about one computer's data, we suggest looking into Carbonite.

Cloud storage can be helpful for data you can replace if necessary, but if you really need to keep your hard drive's files safe, secure, and accessible, SugarSync is the way to go.

6 ways to stay safe on Facebook: Managing your privacy to thwart identity theft

• Tweet

June 3rd, 2011 - Posted by Sarah

Eleven percent of identity theft crimes occur online.

Let's face it: Almost everyone's on Facebook, and if you're not, chances are you'll succumb to social pressure to sign up eventually. It's a great way to connect with friends and family all over the world and easily share your experiences with others. However, it's not a good idea to go sharing personal information willy-nilly.

Facebook has made a number of updates to privacy settings since we wrote this popular post in 2008. So here we've collected an updated list of six ways to manage your privacy on Facebook and keep your personal information safe:

1. Limit the amount of personal information available on your profile.

A poll of Facebook users commissioned by NextAdvisor.com found that 27% of respondents listed their full name, date of birth, phone number, and email address on their Facebook profile. An additional 8% of respondents included all of that information plus their physical address on their profile. Many Facebook users also list other personal data, such as their spouse or significant other's name or birthday. In the hands of identity thieves, that type of information can be dangerous.

For example, an identity thief may be able to use your home address and phone number to submit a change of address form with the United States Postal Service and have your mail forwarded. This would allow access to even more sensitive information in order to open financial or other accounts in your name.

Savvy identity thieves can use contextual information in your profile to hack into online accounts. It can tip them off to potential user names and passwords you may use. Once an online account—whether an email, credit card, or other account—has been accessed, it can cause even further harm. It just gets easier for identity thieves: A recently released Android app can hack Facebook accounts if they are open on the same wireless network! Our recommendation is to limit the amount of personal information that is available on your Facebook profile:

• Never list your full date of birth, phone number, or physical address on your Facebook profile. Your real friends and associates will likely already know this information, so including it on your profile will only increase your risk of being victimized.
• Limit the amount of contextual password clues on your profile pages. Identity thieves know that many people use their birthday, a spouse or significant other's name or birthday, an anniversary date, mother's maiden name, pet's name, or other personal information as passwords on their personal accounts. It is also a good idea to make sure your online passwords don't include these types of personal items.

2. Proactively manage your privacy settings.

There are many components to managing your Facebook privacy settings. But we've broken it down for you here:

Sharing

Facebook's main purpose is sharing. However, like many people, you might have certain things you only want to share with only your networks, your friends, or just a chosen few. Luckily, Facebook makes this easy. When you click "Privacy Settings" under your "Account" tab, you'll see a list of what you share and with whom you share it.

For each shared item, such as "My status, photos, and posts" and "Phone numbers and address," you can choose one of three basic user categories: "Everyone," "Friends of Friends," and "Friends Only." Remember that "Everyone" means pretty much everyone, sometimes including other sites. You'll see the privacy settings that Facebook recommends, but we prefer the conservative "Friends Only" setting on all of your profile information to safeguard your information.

At the bottom of this page is a "Customize settings" link, where you can fine-tune your settings. Perhaps you don't want anyone to be able to view "Places you check in to." So you'd select "Only Me" for that category. If you wish to let your friends know when you're out on the town but want to keep your coworkers out of it, you can choose to block that information only from certain users. If you don't want the world knowing when you're at, say, the doctor's office, we also recommend you uncheck the "Enable" box next to "Include me in 'People Here Now' after I check in." To make sure everything looks right, click "Preview my profile," where you can view your own profile as a member of the general public or as a specific Facebook user.

Connecting

Connecting is not controlled on the Privacy Settings page but on a separate screen you access by clicking "View settings" at the top of the "Choose Your Privacy Settings" screen. By default, your name, profile picture, gender, and networks are visible to everyone.

Set these limits to what you're comfortable with. You could set everything to "Friends only," but you'd cut down on the chances of old friends and co-workers finding you. Instead, set them based on how private you think that information is or should be. For example, never make your high school visible to "Everyone" if you've used "What's your high school mascot?" as a security question on another website. We do recommend setting stricter visibility limits on "See your friend list." Such information could help identity thieves to engage in a little social engineering or get information such as your mother's maiden name (if, you know, your mom is your friend).

We feel the same way with "See your current city or hometown" and "See your likes, activities, and other connections." This publicly viewable information can help phishers and other social hackers target attacks toward you.

Finally, you can also access "Preview my profile" from this page.

Apps and Websites

Go back to the main privacy page, scroll down to the "Apps and Websites" section at the bottom left, and click "Edit your settings for using apps, games and websites."

One of the most useful tools is at the top. "Apps you use" allows you to turn off all applications or remove unwanted or spammy applications. You'll probably be surprised just how many applications you've said "yes" to. If you find ones that look suspicious or you simply don't want anymore, click them to expand. You can then view the last time the app accessed your data or remove the application altogether.

But perhaps most important to your privacy is how your information is used by other sites and apps. Click "Edit settings" next to "Info accessible through your friends." It will bring up a pop-up window that you can use to control which of your information is available to applications, games and websites when your friends use them. We recommend that you uncheck these items.

Next, you can control who can see your game and app activity. This button functions much like the other buttons on the main privacy page.

If you're not wild about the websites you visit knowing a lot about you, edit your "Instant personalization" settings, and uncheck the box at the bottom. This prevents Facebook's select partner sites from accessing the information that you've set as visible to everyone.

Lastly, we recommend that you disable public search. This setting controls whether information you share with everyone shows up in searches on and off Facebook. If someone Googles you, do you want your Facebook profile to show up? If it's a childhood friend, perhaps, but if it's an identity thief, you might think otherwise. There's a small "See preview" link here, too, so you can see how your page would look to someone arriving at your profile from a search engine.

Block Lists

There are many reasons you might want to block a person or application from seeing your Facebook profile. So when you click "Edit your lists" at the bottom center of the main privacy page, you can enter names of your Facebook friends or email addresses of people who are not your friends and click "block user." This means that person cannot be your friend or interact with you on Facebook, except inside apps or games you both use.

You can also block invitations from this screen. Is a friend who lives across the continent spamming you with invites that you can't possibly accept, or does an otherwise nice pal keep inviting you to play FarmVille even though you've declined multiple times? Type the name into the fields to block only their invitations.

Finally, you can view your blocked applications from this page. Blocking an app means it can't contact you or use your information anymore. To block an app, though, you need to go to the app's Facebook page and click "Block app."

Additional Privacy Controls

Facebook gives you still more options for privacy control. Each time you post a status update, link, status update, photo, or video, click the lock icon below it to choose who can see it. Note that this overrides whatever you have set for "Posts by me" in the Privacy settings.

You also now have more control over your apps. By default, they can only see what you've made visible to everyone. If an app needs to access more to operate, they must ask you for permission (via a box that pops up when you add an app), and they are not allowed to ask for more than is necessary for them to work.

The final control is over tagged items. When you're tagged in a photo or video and you want to override the default setting you selected for tags on the privacy page, remove the tag, which will also keep it from showing up on your profile. Remember that this doesn't keep the owner of the photo or video from sharing the picture (sans your tag) with people who aren't your friends.

These are our best suggestions for using Facebook's privacy settings. CEO Mark Zuckerburg maintains that users can expect privacy from Facebook's advertisers. Facebook doesn't sell personal data to its advertisers, but some ads include a Like button, and some or pair a profile picture of a friend who "liked" the ad or company with it to make it more relevant to you. And when you see Facebook content on another website, that site doesn't receive any of your profile information.

Still, with all the data floating around out there and the potential for identity thieves to socially engineer themselves into our lives, consider an identity theft protection service.

3. Only accept friend requests from people you know.

According to another recent Facebook poll commissioned by NextAdvisor.com, 49% of respondents said that they accept some or all friend requests that they receive from people they don't know. What many Facebook users may not realize is that by accepting friend requests from people they don't know, they are potentially opening themselves up to identity theft or related crimes. As a general rule, we suggest that Facebook users only accept friend requests from people that they already know or whose identity they can verify through some other means. Here are some ways to safely add new friends on Facebook:

• When you receive a friend request from people you already know, verify that they are who they say they are by sending them an email or giving them a phone call. It is easy for someone to set up a phony profile under the name of someone you know and trust in order to extract additional information from you.
• If you don't recognize the person who is making the friend request, feel free to ask how he or she knows you by sending a Facebook message before accepting. If you get no answer or a suspicious one, you can investigate further or simply ignore this friend request.
• Some experts believe that social networks like Facebook may become the next target of sophisticated phishing scams designed to steal your online passwords or other personal information. If you receive a friend request or other information over email purporting to be from Facebook, log into your Facebook account directly rather than clicking on any links in the email to verify that the communication is actually coming from the Facebook system.

4. Limit the amount of check-ins and "time and place" data that you expose.

Facebook gives users many opportunities to broadcast their schedule and whereabouts to their friends. Whether it is a simple status update or detailed itinerary, criminals can use information about your current or upcoming whereabouts to victimize you in a number of ways.

For example, if you publicly announce an out-of-town vacation or plans to attend a certain event, criminals can use this information to determine when your home may be most susceptible to a burglary. This could open you up to any number of forms of identity theft or worse. Also exercise caution when you "check in" somewhere using Facebook Places. If you verify that you are at a faraway location, you could endure similar consequences.

In general, we strongly recommend that Facebook users not publish specifics about whereabouts and schedules.

5. Remember that even people you know can be identity thieves.

Unfortunately, several recent studies show that a significant number of identity theft victims know the person who victimized them.

Javelin Research found that a shocking 43% of identity theft crimes are perpetrated by people whom the victim knows, such as friends or family members. Additionally, the most common perpetrators of identity theft against children are the child's parent.

We strongly recommend that, even if you know and trust all of your Facebook friends, you still follow all these tips to prevent yourself from falling victim to identity theft.

6. Consider an identity theft protection service.

Identity theft, both online and in the real world, remains a growing threat to all Americans. We recommend that all consumers consider using a proactive identity theft protection service, such as Identity Guard or LifeLock, to protect their identity.

Each identity theft protection service is different, but most will do the following:

• Monitor your credit report and other personal information for fraudulent use.
• Provide you with identity theft insurance that will reimburse you on costs and expense you incur as a result of being victimized.
• Provide you with copies of your credit report.

You can learn more about the various benefits of identity theft protection services and about the specific services we review by visiting our identity theft protection service guide and comparison.

While social networks like Facebook can be fun and productive services, it is important for users to be aware of the risks that they pose. Taking proactive steps to protect your identity on Facebook will only improve the amount of enjoyment you can get out of the service.

The NextAdvisor guide to parental control software setup

• Tweet

August 20th, 2010 - Posted by Kent

Parental control software allows parents to monitor the Internet activity of their kids, set online time limits, as well as institute blocking policies for forbidden content. Not all parental control software is created equal, of course, and our rigorous review process really sorted the good from the bad. But even the best parental control software is useless if the computer is not set up correctly. Smart kids can get around the software if there are security holes. This guide aims to provide the basics that will help parents prepare their computers, no matter which software they choose.

1. Think About Passwords and Security Questions

Your parental control software is only as affective as your passwords and security questions. You'll need to come up with good passwords for both your parental control software and your Windows account. You can use the same password for both as long as it's good. What makes it good? It needs to be hard to guess, but easy to remember. If you're stuck for ideas, you can try a random password generator, though its results can be difficult to remember. Later, when you set up your parental control software, you'll need a security question, in case you forget the password. Make sure it's nothing your kid can guess or find out (be wary of biographical questions whose answers may be discoverable via Facebook, such as "High school mascot.").

2. Set Up Your Accounts

Armed with a good password, you're ready to set up your accounts. If your computer currently does not require you to log in, you don't have any accounts enabled. You can get to the "Manage Accounts" page by typing "User Accounts" in the Windows Start Menu. You need at least two accounts for parental control software to work its best:

A) Administrator account. We've called it "Parent" to make things easier, but it can be anything. You'll also set the password on this screen. If there is no password, you'll see an option to "Create a password." If there's already a password, it will say "Change the password."

B) Standard User account. We've called it "Kid" because it'll be easier to keep track for this demonstration. It should have a password too.

C) Additionally, you'll want to make sure the Guest account is either turned off, or has a password, so kids can't use that as a non-protected alternate account.

3. Make Sure "User Account Control" Is Enabled

Most Windows systems will already have this option turned on and configured, but make sure it is on your computer. You'll find this option at the bottom of the User Accounts control panel. The reason it's important to have User Account Control turned on is because it forces the system to ask for a password when new software is installed. This will prevent Regular Users from installing software that could be used to fool the parental control software. On Windows Vista it's a simple on/off switch, while on Windows 7 there are several settings (see here). We recommend "Always Notify."

4. Install and Setup Your Parental Control Software

When you install your parental control software you'll be able to choose which accounts you'll be monitoring and filtering content for . These should map directly to the accounts you've already set up. You probably don't want your own Administrator account to be monitored, but you probably do want to monitor the Regular User Account. If you haven't yet purchased parental control software, check out our comparison and reviews. We put six of the most popular products through rigorous tests to find the best.

NextAdvisor quick guide to identity theft protection for college students

• Tweet

August 17th, 2010 - Posted by Kent

School is just about starting for millions of college students across the country. We would guess that most of those students aren't thinking much about identity theft. But that doesn't mean that they shouldn't.

Identity theft among college students is also known as "friendly fraud" because the perpetrators are often casual acquaintances or room mates. It's during college that many young people first apply for credit cards and open up their own bank accounts. This is one reason why college students are at an increased risk, since most have not played a significant role in their own finances before. They are often not used to monitoring their credit and bank accounts.

College students by-and-large live in communal situations, living with roommates and in dorm rooms. This means exposure to a lot of new people, not all of whom are trustworthy. Mail is often lost, stolen, or misdirected. Credit card statements can be gold to a potential identity thief.

Another risk comes from the Internet. Many college students will find themselves in possession of their own computers for the first time, or using public computers in libraries, computer labs and dorm rooms. If those computers are not secured and are infected with spyware, personal information is just a click away for identity thieves.

The big shock to me, upon entering college, was how often I was asked for my social security number: at the financial aid office, the library, the student health center, the office, the ubiquitous credit card tables—heck, I could barely get a salad in the cafeteria without handing over my social security number. Often the people processing these transactions were students themselves, not people I had a lot of faith in.

Tips:

1. Keep an eye on your mail. Consider using a post office box for important financial documents, or sign up for online payments and billing. When you move, make sure your mail follows you.
2. Watch your bank and credit card balances. The beginning of the school year is a time for high credit card use, so watch for anything unusual.
3. Get a paper shredder and a locking file cabinet. No, these aren't the coolest of dorm room accessories, but they can keep important documents safe from prying eyes. A safe deposit box is also a good idea for passports, birth certificates, and other sensitive documents.
4. Get a lockdown cable for your computer. You can use it to lock your laptop, desktop, or tablet PC to your desk. You have more personal information on your laptop than you realize. While you're at it, password protect your computer.
5. Avoid using public computers for sensitive data input.
6. Invest in identity theft protection. This way you can be alerted to fraudulent activity before it wrecks your finances.
7. Keep your computer protected with Internet security software. Identity thieves use malware and spyware to steal personal information.
8. Be careful of whom you give your social security number to. Also, watch for eavesdroppers.
9. Secure your living space. Parties are the hallmarks of collegiate life, but they can also leave your living space open to people you don't know. Keep your valuables hidden and locked down.

The more precautions you take, the less you'll have to worry about. That way you can spend more time on the stuff that matters.

Facebook Privacy: The New Facebook Identity Theft Prevention Guide

• Tweet

June 2nd, 2010 - Posted by Kent

A lot has changed since we posted our original Facebook Identity Theft Protection Guide. But one thing that hasn't changed is the potential for identity thieves, cyber stalkers, marketers, and other unsavory types to learn about you on Facebook. Now, Facebook's new privacy settings are beginning to roll out to its users. What these changes will mean to you depends a lot on how much you like to share and how carefully you've maintained your privacy settings in the past. If you already locked down your settings, you may not have much to do, but you'll have a new way to manage them.

The settings in the following guide can be best described as reasonably cautious, but not obsessively paranoid. Before we get into what information sharing you can control, here's what you have to share: name, profile picture, and gender. Other things are up to you. What should you allow? While there's probably no answer that's right for everyone, we offer this blanket piece of advice: if any piece of data can be used as a security question on a website, limit its visibility. This can include family relationships, school affiliation, pet names, date of birth, make of car, etc.

But before we go much further, let's review the number one threat to your privacy on Facebook: You. More specifically, it's the choices you make. The people you friend, the apps you install, the settings you choose, the status updates you make, and most importantly: the password you choose. All the privacy settings in the world can't stop users from choosing bad passwords, falling for a phishing attempt, or clicking on a malicious link.

1. Choose Your Privacy Settings

Facebook has greatly simplified the privacy controls with three basic user categories: "Everyone," "Friends of Friends," and "Friends Only." Additionally there's a Facebook-recommended setting and, if you've tinkered with your privacy settings, you'll see that setting too. These categories are the core of Facebook privacy. "Everyone" means pretty much everyone, including, sometimes, other sites.

This is what Facebook recommends, but it may be too open for some (including us):

Facebook's Recommended Settings

Personally we like the more conservative "Friends Only" setting. Although this setting has a check mark that allows friends of your friends to see photos you've uploaded if your friend is tagged in it (i.e., if you took a picture of George at the Tasty-Freeze and tagged it as such then George's friend Gena would be able to see your photo, even if you're not friends with Gena). It's more private without this item checked, so to keep photos from folks you may not know, uncheck this box.

Facebook Friends Only Privacy Setting

2. Basic Directory Information

Now it's time to dig deeper. Facebook's page that explains the new privacy settings mentions that by default other information including hometown and interests, is visible by default to help friends and other people you have things in common with connect with you (a.k.a, networks). This is not controlled on the Privacy Settings page, but on a separate screen you access by clicking View settings at the top of the Choose Your Privacy Settings screen.

Set these limits to what you're comfortable with. You could set everything to "Friends only" but you'd cut down on the chances of old friends and co-workers finding you. Instead, set them based on how private you think that information is, or should be. Tip: never make your high school visible to "Everyone" if you've used "what's your high school mascot?" as a security question on another website. We do recommend setting stricter visibility limits on "See my friend list." Such information could help identity thieves to engage in a little social engineering or get information such as your mother's maiden name (if, you know, your mom is your friend).

Likewise with See my current city or hometown and See my interests and other pages. Do you really want everyone to know where you live? Publicly viewable information can help phishers and other social hackers target attacks specifically towards you.

Further Facebook Privacy Settings

This page has one other incredibly useful feature and you'll find it at the top right. Preview my profile will show you what your profile looks like to Everyone on Facebook. We recommend everyone do this. In fact, we think Facebook should make this the first thing you see when looking at your privacy settings.

Facebook Profile Preview

3. Applications, Games and Websites

Next you'll want to go back to the main privacy page and Edit your settings for using applications, games and websites. This link is on the bottom left. You'll then be brought to the page below:

You'll find one of the most useful tools at the top. What you're using allows you to turn off all applications or remove unwanted or "spammy applications," as Facebook puts it. You'll probably be surprised just how many applications you've said yes to. If you find ones that look suspicious or you simply don't want anymore, check them. Then click Remove Selected.

Facebook Application Control

But perhaps most important to your privacy, the thing that has a lot of people up-in-arms, is how your information is used by other sites and in Facebook apps. This is now controlled via the Info accessible through your friends link. It will bring up a pop-up window that you can use to control which of your information is available to applications, games and websites when your friends use them. If that sounds creepy to you, uncheck these items (or check away if you think this sounds like a good idea) and save your changes.

Facebook: Control your information on other sites

If you're not wild about the websites you visit knowing a lot about you, click the Instant personalization link and uncheck the box at the bottom. This prevents Facebook's select partner sites from accessing the information that you've set as visible to Everyone. According to Facebook, this personalization only currently works on Docs, Pandora, and Yelp. More sites will probably follow.

Facebook Instant Personalization

Lastly, you may want to disable Public search. This setting controls whether things you've specifically chosen to share with everyone (will) show up in searches on and off Facebook. If you haven't made much info made visible to Everyone, then you don't have a lot to worry about. Still, if someone Googles you, do you want your Facebook profile to show up? If it's a childhood friend, perhaps. If it's an identity thief, you might think otherwise. Our advice is to disable it, though really old friends or new thieves will find their way to Facebook to search for you anyway. There's a preview option here too, so you can see how your page would look to someone arriving at your profile from a search engine.

Choosing if your Facebook profile publically searchable

These are our best suggestions for using Facebook's new privacy settings. The promise from CEO Mark Zuckerburg is that these are stable, and any future Facebook changes will respect the settings you've chosen. He's also promised that Facebook users can expect privacy from Facebook's advertisers. While marketing is targeted, Facebook doesn't sell personal data to its advertisers.

Still, with all the data floating around out there, and the potential for identity thieves to socially engineer themselves into our lives, consider an identity theft protection service.

NextAdvisor guide to iPad security and privacy: Part II

• Tweet

April 9th, 2010 - Posted by Kent

Our previous iPad security guide dealt with iPad security for those that are on-the-go. However, some people buy iPads for casual use around the house: e-reader, cookbook, web browser, video viewer, photo album, video game machine, music player, guest computer. If your iPad never leaves the house, you probably don't need to put a password on it, or worry about the auto-lock, assuming you don't mind sharing it with other people in your house. Here are some considerations for the iPad that plans to lay around the house:

1) The Email app is not password protected, meaning anyone in your household can read your email. Think about using webmail instead.

2) Enabling password "Auto-Fill" or letting websites remember your passwords, gives other household members access to websites you log into. If you do use webmail or any other password protected site, make sure to log out when you're done. Do not select options to keep yourself logged in if others will have access to your iPad.

If you share your iPad, think about leaving Auto-Fill off (click image for full view)

Don't select this option on website logins if you share your iPad

3) The iPad's Safari web browser has a history just like the web browser on your computer. Unlike that web browser, you can't set it to automatically remove your history, cookies, or cache. If you're concerned that other users of your iPad will see your browsing history, clear out the history, cookies, and cache in the Safari settings (history can also be cleared in the Safari bookmarks menu). Also unlike your PC's web browser, Safari always opens to the last page viewed, even if you delete the history. So, navigate to a neutral page if you don't want others to see the last site you visited.

Clear your history, cookies, and cache from the "Safari" menu under "settings" (click for full view)

Use the "Bookmark" menu to clear your history

4) The iPad has no parental control software, but it does let you control access to YouTube, Safari, iTunes, App installation, and location services. You can also disable "In-App Purchases." If you have young ones in the house, this is something to keep in mind.

Enable iPad Restrictions

5) Purchases from the iTunes store require you to enter your password before a purchase. However, once entered you are logged on until the iPad is reset, or until you sign out by clicking the "Account" button and selecting "Sign Out" from the pop-up window. Not signing out means anyone in your house can have a music, app, and movie shopping spree on your dime.

Find the "Account" button at the bottom of the iTunes store

"Sign Out" when you're done with purchases

6) The iPad certainly makes web browsing feel different, but it's still the same world wide web. This means you'll encounter spam, phishing, malware, and other nefarious sites. So always surf smart.

The NextAdvisor.com guide to iPad security and privacy

• Tweet

April 8th, 2010 - Posted by Kent

We've been playing with Apple's iPad this week. Beyond checking out its glossy screen, unibody construction, and book-like reading interface, we thought it would be interesting to check out its basic security options.

If ever there was a product designed to be stolen (or misplaced), it's probably this device. The iPad is meant to be picked up, and put down, like a magazine or a book. While people lose phones all the time, most of us are accustomed to dropping them in our pockets when not in use. With the iPad, unless you have some pretty big pockets, you can't do that at all. And unlike the laptop, there's no security slot, so you won't be able to lock it down. Apple is billing it as a casual information device, but users are bound to treat it like their smart phone or personal computer.

While iPad security is probably not the first thing you think about when you take the device out of the box, there are some things you should really do before your iPad goes missing. You'll find these options in the "General" section of the "Settings" app.

You'll find your security settings here (click for full page view)

1. Set up a Passcode Lock and make sure it's a good one. After a few days this iPad will probably have your whole life on it. This will prevent someone from accessing your personal data, should the iPad fall into the wrong hands. It will also make it fairly useless to a thief, since it can't be re-synced with a new computer without the code.

Set your iPad passcode here (click for full page view)

2. Set the auto-lock so the device will be inaccessible after a period of inactivity.

Select the period of inactivity before auto-lock is activated (click for full-page view)

3. Consider turning the iPad "Erase Data" function on. This function will wipe the data on your iPad if someone makes 10 consecutive incorrect password attempts.*

Enable the "Erase Data" feature here

4. Keep in mind that the iPad has a default "Picture Frame" mode which allows you (or anyone) to view your photographs, even if the iPad is locked, simply by clicking the flower-pot icon. If you like to leave your iPad laying around the house, make sure all your photos are safe for public eyes, or that you have this function turned off.

A locked iPad will show photos when the Flower icon is pressed (click for full page view)

4. Spending an extra $99.95 per year for Apple's MobileMe gets you the "Find My iPhone" feature which allows you to remotely locate your iPad via GPS, lock it (in case you didn't follow Step 1), and erase the data. The latter is a bit risky though, since you won't be able to use the GPS tracking or Mobile lock after you do it. Also, the remote lock and erase only work if the iPad is connected to the Internet.

MobileMe's "Find My iPhone (iPad)" Feature

5. Look out for eavesdroppers. The iPad screen has a wide angle of view, so be careful about what information you're accessing in public.

6. Be aware that while you can turn off access to some apps (such as the web browser, location-based services, and others), there's no way to restrict access to mail app. If you're using your iPad communally, you may want to use webmail, and log out after each time.

Enable iPad Restrictions

7. If this device is to be used by the whole family, think about limiting access to apps, disallowing app installation, and setting age restrictions.

We wrote this guide thinking that most users will start to treat their iPads like their computers or smart phones. Of course, it's possible that you'll just use it around the house for casual browsing and not use the integrated mail app. If so, well, you can probably lighten up  on the security precautions. Stay tuned for a future blog post on how to leave your iPad laying around the house.

* We actually tested the "Erase Data" function out. The bit about "10 attempts" is misleading. Here's how it actually works:

The iPad's "Wrong Passcode" Display

1. Enter the password incorrectly 10 times in a row, and the device tells you to try again in one minute.

2. Make another 10 incorrect attempts and it locks down for five minutes.

3. Make one more incorrect attempt and it locks for 15 minutes.

4. Another try, this time you're out for 30 minutes

5. Another incorrect attempt locks you out for 1 hour.

6. Try it again, and you're locked out for another hour.

7. If you fail this time, the device resets to its factory condition.

Much like the remote-wipe function, this feature has pluses and minuses. While it protects your data from a patient thief, deletion of your data has two consequences. First, your remote Find My iPad features will be disabled, so there's no GPS tracking. Secondly, while you save your data, you provide the thief with essentially a brand new iPad because your passcode is deleted with everything else. While this is better than giving out your personal data, it's too bad it doesn't just make the iPad unusable.

NextAdvisor guide to using web hosting ad credits

• Tweet

November 19th, 2009 - Posted by Kent

If you've signed up for web hosting, or spent any time looking into it, you've probably noticed that just about everyone offers Google and/or Yahoo! ad credits. Usually you're offered $50 worth of the former, and sometimes $25 worth of the latter. Just what do those credits buy you, and how do you use them?

Let's look at AdWords. Most people have seen AdWords in action, even if they don't know the program by name. AdWords is a pay-per-click ad program that allows site owners to promote their sites right next to Google search results.

You can use web hosting AdWords credits to bid on keywords and advertise your own site (you cannot use it to pay for the $5.00 sign-up fee, however).

So, what will $50 buy you? You can bid as low as one cent for a keyword (though you'll probably be quickly outbid) or as high as you want. That bid amount represents the most you will pay per click on your ad. Like an eBay auction, you may not end up paying your maximum bid, but you should be prepared to pay that amount per click that you get. If you have the fairly standard $50 ad credit, it can theoretically cover:

50 clicks for a $1.00 bid

1 click for a $50.00 bid

1,000 clicks for a $.05 bid

This is a simplification, of course (and we don't recommend $50 bids). You can pay less if there are lower bids than yours. How much you'll actually need to bid depends on your keyword(s) and how high on the page you'd like your ad to appear. Be aware that your ad credit is a not a hard spending limit. If you don't want to spend more than $50, you'll need to monitor your account carefully. AdWords will let you set daily limits, but not a total budget cap.

That's basically how bidding works. Here's how to redeem an AdWords coupon, if one came with your web hosting:

Step 1: Find your code

This will differ depending on your web host, but most users will find this in their control panel. Here we used HostGator, since it uses the widely used cPanel. You'll find it under Marketing Services:

You should then see a page like the one below. Copy the code (here represented by a series of X's), and follow the link to Google's AdWords page.

Step 2: Register for AdWords

If you don't already have a basic Google account (such as a Gmail account), you'll have to create one. Then you'll have to create an AdWords account:

After you create your account, follow the steps of setting your time zone and currency, and verifying your account. Once you've verified your account, you can log in and get to work.

Step 3: Enter your code

In order to use your ad credits, click the "Billing" tab.

This is where you'll have to input payment information for the aforementioned $5.00 setup fee,  as well as any spending you might do beyond your ad credit (which Google hopes you'll do). After that, click the link next to  "Do you have a promotional code?" and enter the code in the box that appears.

Step 4: Create and Bid

We won't go through the process of making an ad, since Google offers pretty good documentation on how to do that. Beyond your $5.00 set-up fee, you don't have much to lose. If you use your web site to sell something, there's no reason not to try it out. Just make sure you keep track of how much you're spending through your AdWords control panel on Google. Also, there may be an expiration date depending on your web host's offer, so check that too before you begin.

Student Identity Theft Protection Guide

• Tweet

October 6th, 2009 - Posted by Caitlin

Identity theft is the fastest growing crime in the United States, and an increasing number of identity theft victims are children. Minors are particularly vulnerable targets since their parents don't normally check their credit reports, which can allow the crime to go undetected for years. And in some cases, lack of credit history makes it easier to obtain credit in a child's name.

What you may not realize is that college students are just as susceptible as children, if not more so. Many colleges and universities continue to use students' Social Security numbers for identification purposes, which means that these sensitive digits could be plastered on ID cards, grades, and other official paperwork. Students are often bombarded with preapproved credit offers, and may also receive letters regarding financial aid. Since students move frequently and may neglect to forward their mail, sensitive information is more likely to fall into the wrong hands. And since almost 30% of college students ignore their checking and credit card balances, they are far less likely to notice if they do become victims of fraud.

We have compiled a list of tips to help college students prevent identity theft.

1. Protect your sensitive personal information.

Your sensitive personal information can be used to withdraw money from your bank account, make fraudulent charges on your credit cards, or to accumulate debt in your name. Sensitive personal information includes your Social Security number, credit card and bank account numbers, any other personal finance data (such as paperwork regarding financial aid), your driver's license number, medical information, and even your date of birth, address, and phone number.

Your Social Security number is the key to your identity. In the hands of an identity thief, it can be used to open new accounts in your name. You should never carry your Social Security number or card with you in your wallet. If you haven't already memorized your Social Security number, do so. You might consider leaving your Social Security card at your parents' house, and making a photocopy of it that can be locked up and brought out only when needed. If your college uses Social Security numbers as your student ID, request a new student ID with a randomized number that is not tied to your Social Security number. When filling out paperwork, you should only provide your Social Security number when absolutely necessary. In many cases, you will be asked for your Social Security number as a matter of course rather than necessity, in which case it is perfectly acceptable to decline.

Paperwork that includes sensitive personal information should be stored in a safe, unobtrusive place, such as a locked file cabinet. Don't leave these types of documents in your backpack or purse, and keep track of your wallet. Your dormitory and campus may feel safe and comfortable, but it is not uncommon for identity thieves to take advantage of that trusting environment. Your roommate and new friends may seem perfectly nice, but there's no need to tempt them by leaving your sensitive personal information lying around for the taking.

2. Protect your laptop.

Your laptop almost certainly contains a wealth of sensitive personal information. This access to your identity is far more valuable than the computer itself. That's why it's crucial to take a few basic precautions to protect your laptop and the information it contains.

One of the best ways to prevent laptop theft is to be conscious of the fact that laptops are extremely tempting and relatively easy targets for thieves. Never leave your laptop unattended in a library, café, or other public place. Don't leave your laptop in your dorm room with the door unlocked. You may want to consider purchasing a lock that secures your laptop to a desk or table. There are also alarms that will alert you if someone attempts to move your laptop, or if you and your laptop are separated by more than a set distance, as well as laptop tracking and recovery services. At the very least, you should label your laptop with your name and contact information, write down the serial number, and put a brightly colored sticker or other identifying mark on your laptop so that you can recognize it easily.

Use passwords to protect the information stored on your computer. Ideally, you should not store any passwords on your computer, or allow your web browser to remember passwords. If you must, at least be sure to use a strong primary log-in password to prevent unauthorized access to your laptop. Memorize this password, and don't save it or write it down anywhere on or around your computer. Whenever you are finished using your laptop, be sure to log out. For additional protection, you can encrypt sensitive data and disable instant message logging.

And of course, Internet security software is essential. Hackers use spyware, viruses, and phishing to gain access to your files, your passwords, your bank account and credit card numbers, and your PINs. The best way to thwart cybercriminals is to install software that offers thorough protection against a variety of threats, and set that software to update automatically. Since hackers take advantage of vulnerabilities in your operating system, web browser, and other software, you should promptly install all recommended patches and updates whenever they become available.

3. Be savvy when using the Internet, especially social networking websites.

Internet security software is a necessity, but there is no substitute for common sense. Understand the risks associated with social media and be smart when browsing the web.

Sharing personal data can make you an easy target for online attacks. An identity thief could use information about your classes, your network of friends and family, or your hobbies and interests to impersonate a trusted friend or convince you that they have the authority to request personal or financial data. They might also be able to guess your passwords or the answers to password security questions. Use privacy settings and common sense to avoid scammers. Most social networking sites allow you to control how much of your profile is revealed to users inside and outside your network. Adjust these settings to meet your individual needs, but in general, you should limit the amount of personal information you post. For example, never publish your full name, Social Security number, birth date, or address. Limit your circle of contacts. Consider restricting access to your page to a select group of people and setting your profile to "private" to prevent uninvited members from viewing your personal information.

Whether you are on a social networking site or any other website, you should always exercise caution when clicking on links or downloading files. Avoid opening links or downloads from strangers. Shortened URLs from shortening services such as TinyURL and Bit.ly can be used to obscure the true link destination and trick you into downloading malicious software. Phishing emails that seem to be from a financial institution or social networking site can send you to a spoofed website designed to capture your username and password. When in doubt, type the website address into your browser, or use a link in your bookmarks menu, rather than clicking on a potentially misleading link in an email. Never enter your password or account number unless you've verified the site's authenticity. Above all, pay attention and follow your instincts. If a website seems suspicious, click away.

Don't use a public computer to shop online or conduct online banking. And when using a public computer for any reason, remember to log out of all websites and the computer itself once you are finished.

4. Don't ignore snail mail.

Postal mail can provide many opportunities for identity thieves. Bank and credit card statements and routine paperwork from your college or university contain all the personal data necessary to open fraudulent accounts. Identity thieves can also use unsolicited, preapproved credit card offers to apply for credit cards in your name through the mail.

You should always shred preapproved credit card offers before discarding them. If you wish, you can prevent financial companies from sending these preapproved offers by filling out a request form at OptOutPrescreen.com. To reduce other types of junk mail, visit the Direct Marketing Association's mail preferences service website and ask that your name be removed from marketing mailing lists.

Consider signing up for online bank and credit card statements and discontinuing paper statements. As with all paperwork that contains sensitive information, store your statements in a safe place or, if you discard them, shred them thoroughly first.

You may want to think about getting a post office box for your personal mail, or maintain your parent's address as your permanent address. The latter will reduce the chance of mail going to an out-of-date address. Otherwise, make sure to fill out a change of address form at the post office when you move, to ensure that your mail gets forwarded to the current address.

5. Take responsibility for your finances.

Whether you have been earning and budgeting your own money for years or you still rely on an allowance from your parents, it's time to take responsibility for your own finances. Review your bank account and credit card statements regularly, and report any unauthorized charges immediately.

You should also begin to give some thought to your credit history. If you have not already done so, you should check your credit report for fraudulent or erroneous information. Since some businesses only report to one credit bureau, it is best to request your credit report from all three (Equifax, Experian, and TransUnion) to ensure that you have not already been victimized without your knowledge. If an identity thief opens a new account in your name, that information should appear on at least one of your three reports. For more information about establishing and protecting your credit, check out Credit 101, another NextAdvisor.com guide specifically created to educate young adults.

Avoid signing up for a credit card with vendors on campus. If you are interested in signing up for a credit card, it is safer to contact the credit card company directly.

6. Consider a proactive identity theft solution.

There are several companies that provide comprehensive protection against identity theft. These services work to prevent, detect, and, if necessary, resolve identity theft on your behalf. Depending on the service, protective measures include fraud alerts to help prevent new lines of credit from being opened in your name, junk mail reduction, public and private database scanning for misuse of your personal information and more. To learn more about identity theft protection and the various companies that offer this service, take a look at our reviews and comparison chart.

7. Take action immediately if you think you have been victimized.

If your credit or debit card is lost or stolen, call the bank or credit card company right away and cancel the card. You should also notify your bank right away if you notice any unfamiliar activity on your bank or credit card statements.

If you suspect that you may have become a victim of identity theft, contact the fraud departments of the three major credit bureaus and request that fraud alerts be placed on your files.

Equifax: 800-525-6285

Experian: 888- 397-3742

TransUnion: 800-680-7289

Review your credit reports for inquiries from companies you haven't contacted, accounts you didn't open, and debts that you can't explain. Check that your personal information is correct. If there is any incorrect information, contact the relevant credit bureau to have it removed. Close any accounts that have been tampered with or opened fraudulently. And file a complaint with the Federal Trade Commission and with your local police.

If you subscribe to an identity theft protection service or a credit monitoring service, your service provider will handle these steps as well as providing additional guidance and assistance.

8. Help curb identity theft by sharing these tips with other students.

College students may find it difficult to muster up much concern about identity theft. You have a sense of invincibility, your campus feels like a safe and friendly environment, and you have more interesting and immediate things to think about. But the risk of identity theft is very real, and unfortunately, it will likely be a growing risk for years to come. Restoring your identity can be an expensive and time consuming process. It is far better to take a few sensible precautions than to suffer the consequences of becoming a fraud victim. In addition to protecting yourself, you can help curb the threat of identity theft by sharing this guide with your friends and classmates.

Next Advisor web hosting guide: The cPanel

• Tweet

July 15th, 2009 - Posted by Kent

Web hosting is a service that allows you to put content (such as a blog, website, photo album) on the Internet, at a specific domain that you own. Sounds simple enough, but what does that actually look like? Once you pay your fee, what do you actually get, and what do you do next?

The first thing you should do is get comfortable with your web host's control panel. The control panel is the fundamental way you manage your web hosting. This includes installing your blog, looking at visitor statistics, changing settings, managing files, installing web site creators, adding subdomains, the list goes on. In fact, there are so many things that most control panels are a little overwhelming. Here's the popular cPanel control panel, which powers a number of web hosting solutions, including Web Hosting Pad, Just Host, Host Gator, HostPapa, IX Web Hosting, and others :

There are a lot of choices here (click here for a full view). In fact there are way more than you probably need, at least right now. The good news is that you don't really need to know all of them. On the left you'll find a bunch of statistics related to your account. You'll find this more useful further down the road. Right now, a lot of it will be blank. Taking up most of the page is the menu of options, looking a bit like a Windows operating system circa 2001. The nice thing is, you can actually rearrange these panels, so you can drag the ones you use least down at the bottom.

The most common modules you'll probably want to use first are Email Accounts (located under Mail), and the various blog and sitebuilding add-ons grouped together as Fantastico Deluxe (under Software/Services).

Email is very easy to set-up on cPanel, simply choose a user name and a password (it will even create one for you, if you prefer). The mailbox quota is optional, and best left at its default. cPanel will create your email address and then provide you with the configuration settings for your email program.

Fantastico De Luxe is a different beast altogether, in fact it's a whole other control panel. It's your one-stop shop for add-on modules like WordPress (for blogging), CubeCart (for creating a shopping cart), 4Images Gallery (for building an image gallery), and Soholaunch (for creating a website). It looks like the Macintosh operating system circa 2001. On the left you see your options. Next to that, you see the add-ons you have installed (if any).

For the sake of demonstration, let's install WordPress. WordPress is the web's most popular platform for blogging. First, click the WordPress link on the left. When you see the WordPress installation screen, click "new installation."

Now you need to make some decisions, the most important being where you'd like to install your blog. If you want it to be the page that people see when they arrive at your website, just leave this space blank. If you plan on having the blog as part of a bigger website, you might want to put this at a directory like: blog (so type "blog" into that box).

You'll also need a username for the blog. It's also time for another password. Since WordPress does not ask you to confirm the password make sure you write it down. Or, better yet, copy and paste it into a text file. Your admin nickname will be visible to people who view your blog, so choose something you want people to see. Next, enter an email address (notifications will be sent to you at this address). Your blog needs a name, which doesn't have to be the same as your domain. Finally, you can enter a description, which can be as simple or complex as you want. You can always change title and description later.

You will get one more screen telling you everything is working right and ready for installation. You can ignore the bit about the MySQL user, because you won't need to know that. Just click "finish installation." When it's been installed correctly, you'll see a confirmation of your information, including the url where you will administer your blog. As Fantastico suggests, you should bookmark it.

The process of installing other modules will be similar. If you want to get back to your cPanel, just click the "control panel" icon at the upper left.

Those are the basics. If you've done the above you'll now have your own email address and blog set up.

What's next? Try building a site. Depending on your web host, some site builders are located in the Fantastico panel, and some will be found in the cPanel. Or try an offline site builder like Adobe Dreamweaver, Apple iWeb, or Microsoft Expression.