In an earlier post (Pro tips for safe traveling online) I summarized a few of the strategies used by Ping Identity IAM pros to stay safe online. Here are a few more tips from experts in our Global Client Services organization.
Matt Perry (@matthewperrycsu) a Client Services Architect for Ping, suggests using common troubleshooting tools to monitor browser traffic, such as Live HTTP Headers, Charles, or Fiddler. He also likes SAML Tracer for Firefox to view SAML transactions as they happen. For SSO demos, it's essential.
Phishing scams often rely on the habits we've developed in processing a lot of email. Disguised as inocuous, unthreatening messages, they succeed only when we fail to recognize a suspicious item for what it really is. Biologically, we're pretty well equipped for pattern recognition -- but we need to keep our store of suspicious patterns up-to-date. Google or snopes.com can help us maintain those patterns.
Less practical than eye-opening is something I revisit periodically: Collusion (for Chrome) which graphically maps how your browser session is being tracked.
Eye-opening, indeed. On the Internets, everyone seems to know you're a dog.
Stephen Gilson is the Director of the Online Support Center for Ping Identity.