Data breaches have become an almost predictable problem with banks and major retailers. Lately, even telephone companies have been fined nearly $10 million for violating security laws designed to protect the confidentiality of customers proprietary information (PI), including names, social security numbers, birth dates, addresses, driver’s license numbers. More than 300,000 customers’ private information wasn’t protected in this incident.
Free eBook: Modern Retail Security Risk – Get your copy now.
Protecting your personal information greatly reduces the risk of identity theft. DriveSavers, an expert in data recovery, security, eDiscovery, and digital forensics, has compiled a list of steps customers should take to protect themselves from a data breach.
1. Stranger Danger
Be sure you know and trust whoever you might be giving your personal information to. Never respond to blind requests for information over the Internet, and do not download anything from an untrusted source.
2. Secure Storage and Disposal
Store sensitive information securely, and permanently dispose of any personal data you no longer need. Don’t forget to secure any computer or other data storage devices, such as smart phones and tablets, with password protection, spam filters, and anti-virus software. Be sure to change your passwords frequently and keep your security software up-to-date with the latest upgrades and patches.
3. Ask Questions
Ask why any specific information is needed before sharing anything private, especially something as important as your social security number. You should ask why it’s needed, how it will be used, and most importantly how your information will be protected. Is any other form of identification acceptable, and what happens if you don’t provide your social security number?
There are some instances where social security information is absolutely necessary, including reporting wage and salary information from a job, applying for a loan, or signing up for a rental property.
4. Pay Attention to Privacy Policies
The fine print can be very revealing, so please read the policy and ask questions if you see anything that’s vague or unclear. What is the information used for? Who has access to it? Are any third parties involved? If you see anything suspicious, ask for clarification. If the answers aren’t convincing, take your business elsewhere.
Do you have any tips to add to the list? If you have a tried and true method that’s kept you protected, we’d love to hear it.
By Michael Hall, CISO and Director of eDiscovery and Digital Forensics, DriveSavers
Bio: As Chief Information Security Officer (CISO) and Director of eDiscovery and Digital Forensics, Michael Hall directs and implements policies and procedures concerning the privacy and security of all data received at DriveSavers, including highly critical data from government agencies, major corporations and research laboratories. Hall was instrumental in helping NIST, FDIC, OTS and BITS identify the risks of improper screening of data recovery providers.
In his previous role as Director of PC Engineering, Michael developed security protocols to handle critical and encrypted data for corporate and government accounts. He also developed and managed the ISO Class 5 certified Cleanroom, the largest and most technologically advanced in the data recovery industry. Hall has over 17 years experience in data recovery technology, focusing on high-end arrays, and has successfully recovered data from over 15,000 storage devices. Michael Hall has been trained and certified by the leading encryption vendors and is a certified eDiscovery and forensic investigator. Prior to joining DriveSavers in 1995, Hall was a Data System Engineer for the U.S. Navy. His responsibilities included computer hardware and software support for Intelligence Gathering Platforms.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.