Identity Theft: How to Protect Yourself and Your Staff

by securedatamgt | 12 Feb 2014

Lost Credit Card Information

Your identity, no matter who you are, is valuable. In the age of technology, criminals are finding new ways to access your identity online. Although businesses and individuals are now better equipped at recognising identity fraud early on, an average of one out of five of us are still affected by it.

In recent years hacking and cybercrime has been the method of choice for identity thieves. With the increase of multipurposing crime online, identity theft has become more rewarding than ever for criminals. There is an abundance of software and hacking programs that are now available to criminals, such as spyware and key logger. It is apt to coin the phrase of Gunter Ollmann at this point: “Interested in credit card theft? There’s an app for that.”

To learn more about the risks that your company faces check out out post: Data Storage breaches are a Major Business Threat in 2015

What is Identity Theft?

Identity theft can be split into two different types. Both of which consist of the criminal possession of confidential information usually resulting in economic loss for the victim.

Personal Identity Theft

This is the criminal activity concerning only individuals and normally consists of mundane personal details being stolen. These details are typically used for the financial gain of the criminal. Bank accounts, loans and even state benefits can be set up using this information.

Corporate Identity Theft

This normally involves a criminal imitating a business by stealing employee or customer information. Small businesses are most vulnerable to identity fraud, due to inadequate security systems. Business information is typically more easily available and normally criminals don’t even need to steal illegal information in order to impersonate a business.

Preventing Personal Identity Theft

Identity theft of personal information is easily avoidable. Often everyday individuals engage in some form of identity theft prevention without even realising, from covering your pin at an ATM to carrying around a wallet; we all engage in identity theft prevention. However, with identity theft on the rise individuals should consider using these more unfamiliar steps to protect their information:

1.)   Strong Passwords

Today the internet is the number one site for identity theft and so it is of vital importance that you take measures to protect your digital information. It is highly recommended that you do not use the same password for multiple websites and that your password cannot be easily detected. A password with numbers and letters around 8 characters long is ideal, and should be regularly changed.

2.)   Security Measures for your Computer

Often victims of hacking are unaware that their personal details are being stolen before it is too late. Using an anti-spyware programme can prevent data on your personal computer from being hacked. Even when you are getting rid of your computer it is important that you still consider your computers security requirements. It is recommended that you wipe your computer completely and return it to the manufacturer’s settings before you dispose of it.

3.)   Protect Your Mail

The UK postal system is a common target for identity theft. Those who frequently move house are particularly at risk. A method for minimizing this risk is to digitalise your personal documents and keep a strict record of incoming bank statements. Many banks now offer ‘paperless’ statements and online banking is offered by every major bank. These steps will help you protect your identity but there is no way of eliminating risk completely.  Therefore always report any suspicious activity immediately. The longer you wait the more damaging the consequences are likely to be.

Preventing Corporate Identity Theft

Preventative measures often depend on the size of your business and the type of service you provide. However, there are some general precautions every organisation should consider.

1.)   Encryption

Encryption is the process of encoding data, making it only accessible to certain individuals. Encryption does not prevent information falling into the wrong hands; however it does make that data useless to the perpetrator. The process involves key information being turned into ciphertext, making it incomprehensible to criminals, whilst your company is able to read the data using a decryption algorithm. Encryption can be used to protect data that is being transferred from one device to another. It can also protect information that is being stored offsite, to give your data maximum protection when it has been sent away for external management.

2.)   Document Storage

Storing your documents in the office, whether it is in a filing cabinet or on an employee’s desk, increases the risk of your company becoming a victim of identity fraud. Offices are busy environments and it is often difficult to monitor who has access to confidential documents. Storing your documents at an offsite record management facility can give your company a peace of mind when it comes to the security of your confidential documents. It is your company’s responsibility to protect client and employee information. As outlined in the 2006 Fraud Act, it is a company’s legal obligation to prevent identity fraud at the workplace. Storing information in an offsite facility is a responsible measure to prevent identity theft.

3.)   Document Destruction

Improperly destroyed documents are targets for identity thieves. Securely destroying documents containing confidential information is the responsibility of the organisation charged with their care. Using a shredding service is the best way to make sure your documents are of no use to identity thieves. For high volume shredding consider outsourcing your documents, as shredding high volumes onsite can be time consuming for employees.

With over four million victims of identity fraud in the UK alone it is important that at home and work we take suitable measures to protect our confidential information.