Security Related Questions
What can I do to protect my privacy
over the Internet?
What is CDE doing to protect my privacy
on the Web?
What else is CDE doing to protect
my privacy on the Web?
Where is my information stored when
I enter my user name and password?
How do I know if I am on a secure
Web page?
Firewalls: What should I know about
firewalls?
Connection Related Questions
Why is my connection slow when
browsing?
Why am I getting a message "Page
cannot be displayed"?
I seem to be getting disconnected
about every 15 minutes. What's wrong?
What is the meaning of "There
was no response. The server could be down or is not responding?"
Encryption Related Questions
What is data encryption and why
do we care?
Why does CDE require 128-bit encryption?
User Access Questions
Can we have more than one user log on to the data collection at a time?
What is the difference between a "Super User" and a "User"?
How do I bypass the "Change Password" screen when I log on?
Data Definition Questions
Where do I find the information required for each data field?
Security Related Questions
What can I do to protect my privacy over the Internet?
- Protect your username and password. It is your access key to your Internet account. Do not reveal it to anyone.
- Do not use passwords that incorporate your name, telephone number, address or birthday or those of any close friend or relative.
- Do not leave your computer unattended while logged on to the data collection Web site (if you do, your session will time out after 30 minutes).
- Clear the cache of your browser after visiting secure sites. Browsers generally cache, or locally store, images of pages you have downloaded to enhance performance. By clearing your cache after visiting secure sites, you ensure no one else can view any confidential information you may have transmitted.
- Do not send privileged account information via e-mail (e.g., Social Security Numbers, user names, passwords, etc.).
- Use quality anti-virus and anti-spyware programs and update them regularly.
What is CDE doing to protect my privacy on the Web?
- CDE uses the most recent security technology to give you the highest level of data protection available.
- Our security encryption "scrambles" the information you type so that it can only be read and used by you and CDE, and not any unauthorized eyes while in transit on the Internet.
- To take full advantage of this security you need a browser capable of 128-bit encryption. Before you can access and use the data collection Web site, you must upgrade your browser.
What else is CDE doing to protect my privacy on the Web?
- CDE will automatically lock you out of the data collection Web site if there has not been any activity for 30 minutes.
- CDE has implemented firewalls. Firewalls are "electronic boundaries" that prevent unauthorized users from accessing certain files.
- CDE regularly monitors our internal systems. We keep up-to-date with current security and encryption technology as it becomes available.
Where is my information stored when I enter my user name and password?
Your user name will be stored as a session variable on your computer when you first enter your user name, and it will be there while you are browsing through the Internet. If you close the instance of your browser or if you didn't use the browser for more than an hour, it will be erased from the memory.
How do I know if I am on a secure Web page?
A secure web page has the ‘https’ prefix to identify it as a secure web address, and many people are aware that the “s” has a special meaning when it comes to security. The “s” means that when accessing that particular web site, all web traffic between your web browser and the web site uses the Secure Sockets Layer (SSL), a special protocol. If anyone manages to intercept the message, all they will see is gibberish.
In addition, a lock icon will be displayed in the bottom status bar of your browser. This indicates the data being transferred between your computer and the web site is encrypted.
Firewalls, what should I know about them?
- A firewall protects one or more computers with Internet connections from access by external computers connected to the Internet. In other words it controls access between CDE's computers and outside Internet users.
- A firewall is a network configuration, usually created by hardware and software that forms a boundary between networked computers within the firewall from those outside the firewall. The computers within the firewall are a secure subnet with internal access capabilities and shared resources not available to the computers on the outside. Often, a single machine atop the firewall is allowed access to both internal and external computers. Since the computer atop the firewall is directly interacting with the Internet, strict security measures against unwanted access from external computers are required.
- A firewall is commonly used to protect information such as a network's e-mail and data files within a physical building or organization site.
- A firewall reduces the risk of intrusion by unauthorized people from the Internet, however the same security measures may limit or require special software for those inside the firewall who wish to access information on the outside.
Connection Related Questions
Why is my connection slow when browsing?
- The most common cause is that too many people are trying to connect to the same Website at the same time. Try accessing the site at other times during the day, preferably early in the morning or late at night, to see if this makes a difference.
- Your browser may not be compatible with the CDE Web pages you are trying to view. Visit CDE's Minimum Web Browser Requirement page to make sure your browser meets the minimum requirements.
- You may be having problems with your own dial-up connection. Try other sites to confirm the quality of your dial-up link.
- Your phone carrier may also be causing the slow connection. The phone carrier may also be a factor for slow connection since phone connection also affects dial-up connection.
Why am I getting a message: "Page cannot be displayed"?
- The server to which you are trying to link is down (experiencing network problems).
- The server to which you are trying to link does not exist. You may have misspelled or mistyped the server name.
I seem to be getting disconnected about every 15 minutes. What's wrong?
- Most likely, nothing is wrong. Most all ISP's use what is called an idle time out. That means that if you are idle, or not doing anything while you are on line, then after 15 minutes, you will be automatically disconnected. As long as you are sending data back and forth through your modem, the idle time out is not in effect.
- Remember too, that if you go to a site, and click on several pages, they are cached or stored locally on your hard drive, so if you start to go back through them, no data is being exchanged and the idle time out will begin the counter again. Just being on-line doesn't qualify as sending actual data through the modem. Writing email doesn't send data through the modem either. You actually have to click the save button to send or receive (error messages) the data. Each time you send the data through the modem, the time is reset to 0.
What is the meaning of "There was no response. The server could be down or is not responding?"
A host error indicates that the site exists, but when your browser tried to contact the site it could not be reached. When you see the host error, any of the following could be true.
- The site is down or having trouble.
- The site is too busy to accept any more connections.
- The site is unreachable due to network problems in between
you and the site.
If you can connect to sites other than the data collection Web site, the best advice is to try the Web site later.
Encryption Related Questions
What is data encryption and why do we care?
- Online banking and many other forms of Internet traffic rely upon secure communications. Since the Internet is a public network, sensitive information, such as credit card numbers and banking information, must be protected from prying eyes. One way to protect data is to encrypt it.
- Without data encryption, secure communication over the Internet is impossible. When information is sent over the Internet, it travels on public lines, potentially accessible to anyone. This means that private and sensitive information can be intercepted and used by any hacker who knows how to do so.
- Data encryption "scrambles" the information sent over the Internet so that only the computer it is intended for can read it. The hacker can still intercept your data file, but, because of the encryption, the information it contains cannot be read or used by him/her.
- 128-bit encryption provides a significantly greater amount of cryptographic protection than 40-bit encryption. Roughly speaking, 128-bit encryption is 309,485,009,821,345,068,724,781,056 times stronger than 40-bit encryption. 40-bit encryption is not considered "strong" security in the cryptographic community.
- Accordingly, 128-bit data encryption has become the standard for securing sensitive information on the Internet.
- Encryption is the process of transforming information (referred to as plaintext) using an algorithm (called a cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. Encryption prevents eavesdropping, tampering, and message forgery as well.
Why does CDE require 128-bit encryption?
- For security purposes, CDE requires that user have one of the highest levels of browser encryption currently available when accessing or sending sensitive information.
- This strong encryption enables you to make secure transactions.
- If the browser supports the higher the level of encryption, it is more difficult for an outside party to break the communication code.
User Access Questions
Can we have more than one user log on to the data collection at a time?
Yes, but more than one user will not be able to edit/add information for the same family at the same time. Users must use their own username and password to access the system. If additional staff need access to the system, the Super User should request additional usernames and passwords for those staff.
What is the difference between a "Super User" and a "User"?
The agency's "Super User" is generally the program director. He/she is responsible for ensuring the CDD-801A and 801B reports are completed. Each agency should always have one active "Super User." The Super User can request additional Users or Super Users and is responsible for who has access to the system. The "User" is the person designated to enter the data by the "Super User." A Super User can see all User and Super User names and passwords for their agency. A User can only see their own username and password and cannot request additional users.
How do I bypass the "Change Password" screen when I log on?
You cannot bypass this screen. When you first log onto the system, you will be prompted immediately to change your password. For security reasons, this is required before entering the system and viewing your families. It is important that you remember your new password. Every 90 days you will be prompted to change your password.
Data Definition Questions
Where do I find the information required for each data field?
Each field in the CDD-801A and the CDD-801B is defined and described in the Data Definitions (also available as a Microsoft Word document – DOC).
