Employee Online Security and Privacy
WHOI is committed to keeping your information private and secure. However, you play an important role in maintaining your security.
- Never give out your Password/PIN to anyone.
- Do not store your Password or other sensitive data on your computer.
- Exit out of Employee Online when you are done using it. For added protection, Employee Online will log you out automatically after 5 minutes of inactivity.
The WHOI’s systems are protected first by “firewalls” set up between the Internet and us. Firewalls are the“traffic cops” of network security. All messages in and out must pass through them, and they allow only certain types of messages to be sent to the other side. So, only messages that are legitimate WHOI Employee Online messages can be sent to our system. Any other requests are refused before they can ever reach sensitive data on our systems. And those systems themselves are also protected using industry standard security methods.
Second, we diligently monitor our systems to detect any attempted intrusions and to ensure that all of the protections in place are functioning correctly.
Finally, we work to remain up-to-date about security system advances and potential risks. Our MIS and CIS staffs work directly with each other to get new information as soon as it becomes available. We will continue to do what we believe is necessary to protect both you and WHOI.
Transmission of Data and Encryption
All communication between your computer and WHOI during an Employee Online session is scrambled with the highest level of encryption available for today's popular browsers. Encryption is the process of translating meaningful communication into undecipherable code and then back into meaningful communication.To ensure a high level of security when accessing Employee Online, Employee Online requires the use of 128-bit SSL encryption. It ensures that communication between you and WHOI cannot be translated by anyone without the correct keys. This level of security is available for Netscape Navigator® and Microsoft Internet Explorer® browsers free of charge.
Technically, using 128-bit encryption means that each time you log in to WHOI Employee Online, your computer is assigned a “key” made up of a string of 128 zeros and ones. All messages from your computer to our systems are then coded based on this “key”, but they can only be decoded using WHOI’s equivalent 128-digit “key”. It is never transmitted on any open network, since it resides only on the WHOI’s system. It’s important to note that each time you log in, a different “key” is assigned, so that anyone attempting to break through the encryption algorithm would have to start over from scratch every time you use Employee Online. To put that into perspective, a 128-bit key has 2128 possible combinations. Spelled out, that’s 340,282,366,920,938,000,000,000,000,000,000,000,000 different possibilities.
For most people, computer access is controlled because the computer is safely in their office or home.However, you can increase your security by creating Password-protect files or by using a computer security product. This is especially important if you travel frequently with a laptop computer or have informationwhere others can easily get to it.
Last updated: October 23, 2007