Monday, March 10, 2008

Security Tips : How to prevent Identity Theft

Most companies handle, process, and store personal information of employees, clients, and business partners every hour of every day. It is more important than ever to safeguard this information due to the growing problem of identity theft.

Identity theft occurs when someone takes another's personal data--such as their social security number (US), social insurance number (Canada), drivers license number, and birth date--and uses it to commit fraud. The thief might apply for telephone service, credit cards or loans, buy merchandise, lease cars or apartments, apply for a mortgage, even get a job--all in someone else's name. The victim could be left with serious damage to their credit record, their bank account, and their good name.

Your vigilance can help prevent identity theft. Follow these security tips at the office to lower your own risk and your company's exposure to this crime.
  1. Guard others' personal information as if it were your own.
    • Guard sensitive information such as social security numbers (US), social insurance numbers (Canada), drivers license numbers, addresses, birth dates, mother's maiden name, bank account and credit card numbers, policy numbers, health care data and employee numbers.

  2. Take care when exchanging sensitive personal data in conversations.
    • Do not discuss sensitive information in public places, such as in a restaurant, gym, lobby or elevator, or on public transportation.
    • Do not discuss sensitive information on a cell phone, which is vulnerable to casual and electronic eavesdropping.

  3. Lock up.
    • Lock up sensitive papers and digital media overnight.
    • Lock your computer with a password-protected screen saver before leaving your desk unattended.
    • Keep your wallet or purse in a locked drawer or cabinet.

  4. Don't give passers-by easy access to sensitive papers.
    • Put away sensitive papers before leaving your desk.
    • Don't leave sensitive papers unattended at copiers, fax machines, or printers.

  5. Rather than email sensitive personal information, consider other options.
    • Fax it, or send a printed copy in a sealed envelope.

  6. Shred papers containing sensitive information before discarding.
    • Preferably, use a cross-cut shredder, which cuts paper into confetti-like pieces, rather than a strip-cut shredder, which cuts paper into long strips that can be reassembled.

  7. Have an IT professional overwrite or destroy your digital media (such as a CD, diskette, hard drive or backup tape) before discarding.
    • Note that when you delete a file using the Windows "Delete" function--and when you empty your PC's Recycle Bin--the file is not actually deleted. Instead, that file's media space is simply made available to be overwritten by other data. "Deleted" data that is not overwritten can still be recovered, possibly by an identity thief.
    • Contact your IT support personnel to have them overwrite the data or physically destroy digital media before discarding.

  8. Contact internal or external information security specialists to take advantage of their expertise.
    • Information security specialists can help you design ways to store, transmit and process sensitive online and paper-based information in a secure manner.

  9. Learn more about how identity thieves steal personal information, ways to help protect yourself, and how to take action if you know or suspect you are a victim. You can begin at websites like these:
 
 

      

No comments: