Our next topic is the protection of our identities on personally identifiable information.
So today, more than ever, we live in a world of information sharing. There is so much information out there through social media and other channels about about us today, so much more so than ever before.
So what we're doing kind of fighting this battle of keeping what we want to keep private and then sharing what we want to share. And a lot of times those two are mutually exclusive. Once we begin to open up this information about ourselves and put this information out of the Internet
than that tends to lend itself to further further compromises, um, personally identifiable information a lot of times refer to his p I. I
is information that could be used separately or in conjunction toe. Allow someone to locate an individual and to contact them.
So our concern here is that these individuals, but also Mia's data owners and our organization we have access to a lot of this information. So it's our responsibility at work to protect the p i ay of our customers.
But also it's our responsibility at home to protect their own personally identifiable information.
No, Um, 17 million people were victims of identity theft in 2014 and this number is on the rise and it continues to increase. Continues to increase in the way
that identity theft happens is through compromise a p I
maybe I get your name and address, and from that I'm able to access a little bit more information. Maybe based on me having access to your social media, I know where you were born.
So now maybe I can make a reasonable assumption of with the 1st 3 characters your Social Security number are. And maybe I can use those 1st 3 characters to gain access to banking information and so on. It's a lot. So basically, when it comes to identity identity theft, it often starts with just a little bit of information that leads to more and more
in social engineers and identity thieves. They're very good at just starting with that little tiny snowflakes that ultimately leads into a massive avalanche. So our job is to protect personally identifiable information of ourselves and of our customers.
So the way we do that is we make sure that we secure this information
not a good idea to carry your own Social Security card in your wallet. You don't wanna have that written down on cheques. I've seen where banks will put customer circle Social Security numbers
on their customers checks, which is just a horrible idea.
Keep that SS and keep it protected. That yours and a ton of compromise can happen just by me knowing the last four digits of your Social Security number. So don't allow that to happen
along that same line. Never, ever reveal a customer Social Security number or those last four digits.
Uh, just someone on the phone, and I know that kind of sounds like a no brainer. Why would I ever tell somebody a Social Security number,
Remember, Attackers are very, very close,
and you know, anybody can fall prey to some of their tricks. It's It's about just catching the right person at the right time.
So it's very, very essential that we do not divulge any sort of personally identifiable information.
The matter of fact, the people calling us should be the ones to verify.
You know, I had somebody,
uh, that I was dealing with on the phone.
Uh, you know, I gave him a little bit of information, and they said, Is your address one of three of four Silver Street? And I said yes.
And that should have been information that they asked me,
right? I don't say, Hey, is your Social Security one? 1225555
It should be told me. Your Social Security
right? I hope that makes sense, but it's always interesting to me how customer service representatives have all of this information at their disposal, and some people are well trained in some people.
Hey, make sure you don't respond to any sort of requests for personal information. That's never my decision as an end user to reveal that information we always follow company pumps,
shoulder surfers. Earlier in this course, we talked about the importance of physical security.
Letting someone into the building that shouldn't be here
might lead to a shoulder surfing attack, and you know it's got a dramatic to call it an attack. But essentially, if I walk behind you and I'm standing behind you while you're doing your work, I have access to what's going on on the screen.
That's why a lot of times in doctor's offices. We see those privacy screens that make it more difficult. So to shoulder, sir, very important idea.
You know, make sure that you found a clean desk policy. If you're processing sensitive information about individuals, customers patients than when you leave your desk, you need to put that material somewhere secure. Doesn't need to be out front where anybody passing by can see the information,
makes sure that you shred sensitive information or whatever your company's policy is made. You have incineration bags, whatever that is. But we want to make sure that the days of wanting up paper and tossing him in the trash can those days were going as faras sensitive information.
Make sure your personal information is stored in a safe place at home and it.
So again, we want to be very careful where we keep
any information on customers or on ourselves, and it won't with that. Also, be very, very conscious about your passwords. You know, today we have so many passwords, stacks as so many systems,
you know, I could probably name
15 or 20 different sites to which I have a password.
Very cautious about using passwords,
writing passwords down
it becomes very challenging, but we have to find a good solution to manage all those passwords. Ah, lot of the cell phone applications that are available, like password vaults and password protectors. Those may offer a good solution, but before you store your password in a file on your phone,
make sure you have information
about how well protected that information is. If it shared isn't encrypted, you know it's it's not necessarily that it's wrong, right? Passwords down.
It's all about how we protect the list of our passwords, and that's obviously an important part to any secure environment protecting the network. Protecting our data are again if he's whatever,
Uh, and then the last piece installing firewalls and virus detection software on a home computer?
Absolutely. My sumption would be that that's already installed on your work, he says. You also want to happen installed,
and your home computer says, Well, regardless of how frequently you connect to the Internet or not
a very important piece of security,
make sure you don't disable these applications and make sure that you do your best to help them up today.
And that's really, um, you know, the things that we have to do immediately. They're always additional steps, but these are some good basic starting points
for protecting the identity of yourself as well with your custom.