Private Information Security Personal Information Security Proprietary Information Security

pINFOSEC^SM

With 92 percent of the public concerned about threats to privacy, you need a security policy that meets regulatory, customer, employee and your personal needs.

According to Federal Trade Commission research, 1 in 4 Americans will become an Identity Theft victim at least once.

How can I protect my family and myself from Identity Theft?

When it comes down to Identity Theft protection, there is an important point to realize: no matter what protective measures you may take, a determined adversary will find a way to counter. However, if you take defensive measures, a not so determined adversary will seek easier opportunities.

Defending your personal information takes several forms.

There are the things you do day to day that can serve as protective measures most at little or no cost that serve as a Passive Defense, and those will be outlined in greater detail.

The next form of defense is an Active Defense where measures are taken on you behalf by service providers to help detect, stop, and recover from Identity Theft.

There are the items that reside outside of your control. It is up to companies and others to safeguard your information as a matter of trust, so consider who you are doing business with. For this, we offer workshops on how to take the Active Defense to the next level yourself and actively manage your exposure.

Passive Defensive Measures

The following are day to day activities you may perform without considering, but things that criminals have. These are some of the most common means used to gain information about a person’s identity so that criminals may utilize that information. Consider the following solutions when it comes to your protection. You don’t have to do everything, but doing something may make the difference.

The basic personal information that would be useful to criminals includes your

• Your full name
• Social Security Number
• Date of Birth
• Drivers license number
• Passwords
• Credit Card Numbers
• Account Numbers
• Family Information as related to the previous items listed previously

Mail

• If mail is delivered to an unlocked mailbox, pick it up as soon as possible.
• If you’re going to be out of town, have mail stopped or have someone you trust get it for you.
• If your mailbox can’t be locked, consider getting mail delivered to a P.O. Box.
• Lobby the neighborhood to get lockable boxes.

Displaying Personal Information

• Be aware of what information is on display for any certificates, degrees, or award documents.
• Keep personal information at least stored out of sight.

Internet sites and unsolicited vendors

• Don’t provide personal information unless you know they are legitimate.
• With trusted sites, only provide information if there is a lock displayed showing the site is secure (little icon found usually found at the boom of the screen).

Trash

• Some people are known to go into trash to get personal information. It is best to shred or at least tear anything with you or your family’s personal information to include: Credit Card Applications, or other solicitations with your personal info.

Your Personal Computer

• Try to keep current with Firewalls, Anti-Spyware, and Virus Protection Software.
• Minimize the total volume of personal information you store on your computer especially if you use it to surf the Internet.
• Treat any detected threat seriously and immediately, and if you can’t remove a threat, call someone to help.

Your Work Computer

• Don’t conduct personal business using a work pc.
• They are generally monitored, and the IT Department will know what sites you navigated to and how much time was spent there.
• Some work monitoring software can capture passwords.

Email

• Set filters for junk mail.
• Do not have the preview screen open. Sometimes a virus or program is launched when the email is open, and this feature will cause this to happen automatically.
• Don’t open email with suspicious subjects, an unknown sender, or any identified with virus alerts.

Web Sites

• Be cautious where you navigate.
• Be aware of hazards associated with Active X content. These programs will sometimes contain malicious code, but really any type of application can contain code as well.
• Consider disabling cookies.

Downloads

• Malicious code can be written into almost every form of application.
• Only download material from known or trusted sites.

Carrying Personal Information

• While you probably don’t leave the house without you Drivers License/ID Card as well as your favorite credit cards, you may want to leave the following behind unless needed:
  • Checkbook
  • Anything with a Social Security Number on it
  • Not regularly used or unused credit cards

Using Public Facilities

• ATM – Don’t share your PIN or let those around you look at the keypad when entering the code.
• Public Computers
  • Don’t let strangers see any login Ids or passwords
  • Try not to let others see passwords for accounts or credit cards or the account numbers
  • Log off when finished
  • Lock the computer screen when you step away (even for a moment)
  • Be careful if you write passwords and IDs down when you carry them with you

Cell or Cordless Phones

• Be aware of who is around you and may be listening to what you say.
• Be aware of the type of information you’re providing to the person on the other end and who else may be listening.
• Since both types of phones broadcast their signals, they may be recorded without being considered as a wiretap.
• Ensure cordless phones use encryption between the handset and the base. The higher the number the harder it is to crack the code.

Passwords

• Be careful of where and how you keep passwords if you write them down. Don’t actually store them on your computer.
• Be aware that there are programs designed to break passwords, so if you use easy passwords, they are more likely to be broken.
• Use what are considered strong passwords to protect your information. Here are some guidelines:
  • Don’t use any word as a password.
  • Don’t use initials or part of you or a family member’s names.
  • Don’t use birthdays, anniversaries, or other special occasions.
  • Mix numbers and letters in a remember able pattern
  • They should be at least 6 characters and up to 12
  • Longer doesn’t equal stronger in some cases
  • You can put the letters together to form a meaningful phrase
    • B4itz2L8

Credit Card and Financial Institution Fraud Protection

• All For It! Remember about one in four cases does involve this type of fraud.
• Make sure the company reports suspicious charges to you on existing accounts.
• Read the details of the plan to know their contact information policy and your liability for fraudulent charges.
• We won’t recommend one Credit Card or Financial Institution over another.
• Keep in mind that these companies have these policies for several reasons:
  • Helping to protect you from fraud
  • Making you feel like they provide better service than the competition
  • Limiting their own losses

Active Defensive Measures

Establish a Baseline

• You need to have someone check to see if there is anything associated with your identity that is unrelated to you. This is the starting point from which to build a solid defense.
• Review your credit report. Check to see in particular
  • Address Change Requests
  • New Credit Cards (you didn’t apply for)
  • Anything against your public record to include arrests and warrant for arrest

Identity Monitoring

• Get 24/7 monitoring of your record.
• Be sure they offer real time notification. That way if something happens, you will be notified as soon as possible.

Restoration

• This can be a long, challenging process, and you don’t have to do it yourself.
• Be aware of the difference between Restoration and Restoration Assistance.
  • Restoration – Someone acts on your behalf, usually with a limited power of attorney, and takes whatever actions are necessary to restore your identity and fix your record
  • Restoration Assistance – Someone offers to help with the process, but you are required to do whatever actions are necessary to restore you identity and fix your record

Legal Representation and Counsel

• Defense against civil law suits brought by companies or creditors to recoup damages where they believe the victim is liable to pay. This can make being a victim twice.
• Letters or phone calls from an attorney written on your behalf to companies or creditors posting negative items on your credit report due to identity theft.
• Seek legal advice from a specialized attorney concerning your rights and protection as an identity theft victim.

It is through the combination of defensive measures that offers a person the best defense against Identity Theft. There is no single action one can do to prevent Identity Theft from occurring. A determined adversary will find a way if you are their intended target. Remember, it took terrorists two attempts to bring down the World Trade Center. As tragic as this event was, we will remember the lessons learned, and will succeed in spite of their efforts to bring us down.

The only Active Defensive Measure service that we recommend is that offered through Kroll Fraud Solutions' ID TheftSmart affinity program.

Taking Active Defensive Measures to the Next Level

Learn how to apply information security methodologies to your personal information at one of our Personal Private Information Security Workshops.