Blog Entry dated 11/21/2012 10:04 AM

November 21, 2012

Safe Holiday Shopping Online

Shopping online can be safe, but there are a few tips…

Use familiar web sites: Shop at trusted sites rather than shopping with a search engine as search results can be rigged to lead you astray. If you know the site, chances are it’s less likely to be a rip off. Stick with familiar sites like Just about every major retail outlet has an online store. Beware of misspellings or sites using a different top-level domain (.net instead of .com)—those are the oldest tricks in the book. Yes, the sales on these sites might look enticing, but that’s how they trick you into giving up your info.

Look for the lock: Never ever; ever buy anything online using your credit card from a site that doesn’t have SSL (secure sockets layer) encryption installed—at the very least. The URL for the site will start with HTTPS:// (instead of just HTTP ://). An icon of a locked padlock will appear, typically in the status bar at the bottom of your web browser, or right next to the URL in the address bar.

Never, ever give anyone your credit card over email

Don’t tell all: No online shopping store needs your social security number or your birthday. However, if crooks get them, combined with your credit card number for purchases, they can do a lot of damage. The more they know, the easier it is to steal your identity. When possible, default to giving up the least amount of information.

Check statements: Go online regularly during the holiday season and look at electronic statements for your credit card, debit card, and checking accounts to monitor for fraudulent charges, even originating from sites like PayPal.

Check your credit report: Go to  It is the government offered free report available once a year from each of the credit agencies.  It is suggested to stagger free reports across the year, so you can get a free report every four months.  Also, if you are married, stagger you and your spouse’s reports.  They are different.

If you do see something wrong: Pick up the phone to address the matter quickly. In the case of credit cards, pay the bill only once you know all your charges are accurate. You have 30 days to notify the bank or card issuer of problems, however; after that, you might be liable for the charges anyway.

Inoculate your PC: Swindlers don’t just sit around waiting for you to give them data. Sometimes they give you a little something extra to help things along. You need to protect against malware with regular updates to your anti-virus program.

Use strong passwords: Utilizing un-crackable passwords is never more important than when banking and shopping online. Tips for creating a unique password can come in handy during a time of year when shopping around probably means creating new accounts on all sorts of e-commerce sites.

Think mobile: The National Retail Federation says that 5.7 percent of adults will use their mobile devices to do comparison shopping before making a purchase. (And 32.1 percent will comparison shop online with a computer, as well.) The trick is to use apps provided directly by the retailers, like Amazon, Target, etc. Use the apps to find what you want and then make the purchase directly, without going to the store or the web site.

Avoid public terminals: It’s a bad idea to use a public computer to make a purchase. If you do, just remember to log out every time you use a public terminal, even if you were just checking email.

What about using your own laptop to shop at Starbucks: It’s one thing to hand over a credit card to get swiped at the checkout, but when you must enter the number and expiration date on a web site while sitting in a public cafe, you’re giving an over-the-shoulder snooper plenty of time to see the goods. And public Wi-Fi is not really secure.

Privatize your Wi-Fi: Now is not a good time to try out unfamiliar hotspots. Stick to known networks like those found at Starbucks or Barnes & Noble stores powered by AT&T. Look for the network named “attwifi,” then open a browser to click into the “walled garden” to get final access.

Count the cards: Gift cards are the most requested holiday gift every year. Stick to the source when you buy one. Scammers like to auction off gift cards on sites like eBay with little or no funds on them.

Know what’s too good to be true: Once again, McAfee has compiled a Twelve Scams of Christmas list, all things to be aware of while shopping. The “coupon scam” offers of a free product with purchase, in particular an iPad (a very coveted gadget at any holiday) or even holiday job offers. Many of these “offers” will come in via social media. Beware even of your friends, who might innocently forward such a thing. Be very wary even if you get a message from friend claiming he or she has been robbed, especially a friend overseas looking for money to be wire transferred, unless you absolutely can confirm it by talking to him or her personally. Skepticism in most cases can go a long way toward saving you from a stolen card number.

Consider a temporary credit card number: Many credit card companies offer them.

Have things shipped to your office: If you shop to your home, make sure a neighbor that will be at home can get your packages.  Don’t leave them on the doorstep.  Not only could your package be missing, your entire house could be emptied out.

Electronic Signatures

June 30, 2011

Electronic Signature

An electronic signature is any electronic means to indicate that a person adopts the contents of an electronic message. The U.S. Code defines an electronic signature for the purpose of U.S. law as “an electronic sound, symbol, or process, attached to or logically associated with a contract or other record and executed or adopted by a person with the intent to sign the record”.

Act 722 of 2007 requires state agencies to use or permit the use of electronic records and electronic signatures no later than June 2009. The Department of Finance and Administration and the Department of Information Systems (DIS) were tasked with creating standards and policies governing the use of electronic signatures and this document serves as the technical standard. State agencies may comply with this standard or create their own standards pursuant to the legislation. Agencies determine the appropriate type of electronic signature for their transactions.

Wow, what does that really mean?

When you go into your favorite retailer and swipe that credit or debit card, you have to sign something.  (You don’t enter your debit PIN do you?  You should always use your debit card as a credit card, but that is another post.) Most places have little pads with pens attached where you are supposed to sign.  If you are like me, my signature never looks like it does on paper.  And my daughter thinks she is cool and draws a turtle when she signs.  In theory, the checkout clerk is supposed to verify that your signature matches the one on the back of your card.  That is an electronic signature.  It is equal to signing a piece of paper in front of someone.  Oh, and if you did enter your pin code, (don’t do it) that could count as an electronic signature too.  If you are shopping online and are asked to enter that little CCV code from the back of your card, yep, that is an electronic signature.

Electronic signatures are not the same as “digital signature”, but digital signatures can be electronic signatures.  Confused?  Digital signatures have something else to go with them to prove that you are who you say you are.  This can be an electronic certificate, an extra password, a voice code, or even pricking your finger and testing your blood.  Okay, that last one is probably from a movie, but it would count.

Digital signatures are harder to maintain.  There is a lot of background information and security to maintain their integrity.  That is one reason before you implement any of these technologies, you should know what is at risk.

Look at Electronic Signature Policy (PDF), Digital Signage Instructions and Electronic Signature Standard (PDF) in the Policies and Standards section of our website. They can help your agency decide how to best implement electronic signatures or help determine if an extra step is needed to protect that important data by implementing digital signatures. Microsoft Word, Adobe Forms, and other software offer the ability to do electronic signatures too.  If all you need are the cool little signature pads, SHI has identified a few companies that may have what you want.

DocuSign – Trust Center


ARX – Digital & Electronic Signature

Electronic signatures are probably used by all of us every day.  Getting gas, buying something at a store, or even renewing a license in person or online.  Agencies are now required by law to support them.  I hope this helps your agency as you implement these technologies.  If we at DIS can help, please contact your customer service representative. Just remember, I am not pricking my finger to get a driver’s license, but I promise I will not sign my name as a turtle.

Turtle icon

DIS upgrades voice mail system

January 25, 2010

DIS Teams began a project in Fall 2009 to upgrade our voicemail customers to a new voicemail system. The system that DIS owns is nearing its end of life and service and support may not be available beyond 2010. Approximately 13,000 voicemail users must be upgraded. The upgrade will mostly affect Windstream voice customers.

The new voicemail system, which is owned and maintained by Windstream, will have more enhanced features. The system integrates with email so that users can receive voicemails in an email inbox. The new system also has a web-based application that enables users to setup all voicemail features online by simply clicking through the options. Users will have caller identification and multiple call forwarding options through the interface as well.

As DIS migrates to the Windstream voicemail system, customers should note that there will be no changes in billing. The voicemail access number will change for most users, including customers in the 479 and 870 area codes. We will provide those access numbers for agencies at the time of the upgrade. All technical aspects and migration of voicemail boxes will be performed afterhours to minimize the impact to our customers. Each agency that is affected by the voicemail migration will be notified by a DIS Team member prior to the upgrade, and you will be offered training and materials as part of the effort. The target date for completion of the project is June 2010.

Welcome to the new!

December 9, 2009

Thank you for visiting the new DIS website! We are very pleased with the site, and we hope that our customers enjoy the new look and features as well. We would love to hear your comments. Please let us know your thoughts, and what enhancements we can make to the site to better meet your needs as a DIS customer. We look forward to hearing from you!


Get every new post delivered to your Inbox.