0

Hi,
I am looking for advice about internet service providers. My questions here may seem silly but please do reply. I am an entrepreneur. I am about to start a new business. This business handles a lot of confidential documents and if any of these are leaked it could bring huge financial problems. So currently I am studying the ways my documents could be compromised and I have a few doubts.

Could there be a security breach through my ISP?
If yes, is there any way to prevent this?
How can prevent my data from being leaked?

I became paranoid about my data security after reading this article recently .Where ever I searched only news about American ISPs came up. I am using this business internet service provider in Canada. Do they have a history of leaking user data? Please advise on all this. Since I don't have any knowledge about Computer please explain in a non-geeky language.

4
Contributors
5
Replies
33
Views
1 Week
Discussion Span
Last Post by happygeek
1

What does your ISP have to do with your data? Why would they ever see it? If they were compromised, how would that affect you?

1

What pty said, the Forbes article is about selling data about you and not your data as in documents etc. The reason the research you have done turns up US ISPs is courtesy of it being about US legislation changes...

1

Additionally, in theory your ISP could inspect your data as it passes through them on its way to you. However, sites that contain important personal data (such as your bank, email provider, online shops you buy things from, etc) should be secured via SSL. This will prevent anyone from inspecting data in transit.

Your browser will tell you if a site is secure, just look for a green padlock on the left side of the URL bar.

Screen_Shot_2017-11-10_at_15_57_10.png

It's a good idea not to send anything personal or important unless you can see one of these.

Edited by pty

1

Hi!

I remember reading that there was a failure point on SSL as antiviruses were performing a MITM against browsers to verify the contents of connected pages. In practice they used to replace certificates in the client machine. Is this still an issue? See: http://ieeexplore.ieee.org/document/6956558/

Anyway, just a drop in the ocean.

Votes + Comments
AV vendors installing their own root certificates was always a recipe for disaster. I don't use AV products so I'm not really up to date on this
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.