Web Site Security
The New York State Commission On Public Integrity (hereinafter "CPI") takes confidentiality and computer security very seriously. CPI's Web site uses industry standard security measures. We also employ the use of digital certificates on our Web site (from VeriSign) to provide a secure, encrypted connection between capable Web browsers and our Web servers. This secure, encrypted connection is required by our servers whenever and wherever you are asked to enter information that may be considered confidential.
We encourage you to read below for further details on the use of digital certificate security and encryption. In addition, CPI recognizes that it is important for individuals and businesses to be confident that their privacy is protected when they visit CPI's Web site. Please see our Privacy Policy for detailed information concerning CPI's Web site privacy practices.
Here are some commonly asked questions and answers about Web site security:
- Does CPI's Web site employ security measures?
- What does the "warning" window that comes up mean?
- Which parts of the CPI Web site employ security measures?
Does CPI's Web site employ security measures?
CPI's Web site does employ security measures. CPI uses SSL (Secure Sockets Layer), the industry standard security protocol, to communicate with secure browsers like Netscape and Internet Explorer. When communicating with a secure server like CPI's, these browsers are designed to encrypt the information you send in a way that makes it infeasible for others to decode. You do not have to know whether your browser supports secure transactions - if it does not, you will not be able to access a Web page that requires SSL. We have included decriptions below of what to look for in your browser window to see if you are viewing a site securely.
CPI's Web site also employs the use of digital certificates. A digital certificate is meant to function in a way similar to a driver's license or passport. A company that specializes in issuing digital (trusted) certificates issues a certificate to an organization for use on a Web site after the owner of the Web site registers with the trusted certificate company and proves who they are. When you visit a Web site that has been issued a digital certificate, you can refer to the trusted certificate company's Web site and the trusted certificate company will verify or "certify" who it is that you are visiting. Thus, when you click on the digital certificate symbol (here, the "VeriSign" symbol), you will access detailed information about the use and the Web site owner referred to on the certificate. CPI uses VeriSign to certify our site. Links to Verisign's certification site appear at the top of this page, to the left and whenever you are entering a secure area of CPI's Web site. The VeriSign digital certificate is also used by CPI's server and your browser to assist in encryption using the SSL protocol discussed above.
Other security measures: many security experts say the most important concern is what happens once a business receives your information. CPI is committed to protecting information against unauthorized access, use or disclosure. CPI follows industry standard best practices for protecting and securing its information technology assets including, but not limited to, authentication, monitoring, and encryption. In addition, CPI limits access to information to only those employees who need access to the information in the performance of their official duties. Employees who have access to CPI information follow appropriate procedures in connection with any disclosures of information. Security procedures have been integrated into the design, implementation, and day-to-day operations of CPI as part of our continuing commitment to security of information.
What does the "warning" window that comes up mean?
If you see a "warning" window, this simply indicates that you are entering an area of CPI's Web site which employs security measures. When going from secure mode to unsecure mode, you may, depending on your browser settings, receive another similar alert message to inform you as to what is happening.
Which parts of the CPI Web site employ security measures?
Most of the activity on CPI's Web site involves the viewing of materials we have prepared and made accessible to everyone, so there is no need for these pages to employ the security measures discussed above. For example, a page describing forms available at CPI's site does not contain or request any confidential information and would therefore not be a secure page.
Most of the interactive areas (all those that request confidential information) on CPI's Web site employ security measures. This is where site users actually fill out information to submit to CPI. The entire interactive process where site users fill out forms and send CPI information takes place in a secure environment.
There are several visual indicators which signal that you are in a secure area. All SSL capable browsers have a symbol to indicate secure mode. The table below contains examples of such symbols used by the most commonly used browsers: Browser Symbol Location Normal (Insecure) Mode Symbol Secure Mode Symbol Microsoft Internet Explorer Lower Right None Closed Lock
You can also tell when you are in an area that employs security measures because the URL to the left of the colon changes from 'http' to 'https' to signify that the SSL protocol is being used to communicate with the server. (http = HyperText Transport Protocol; https = HTTP with SSL.)
Disclaimer
The information provided herein should not be construed as giving business, legal, or other advice, or warranting as fail proof, the security of information provided via this Web site.