Identification Theft

written by: Gale Yocom; article published: year 2008, month 04;


In: Categories » Computers and technology » Data security » Identification Theft

Does your organization have a written identity theft prevention program in place? Such a program involves educating your customers and members about the importance of identification theft and letting the stakeholders in your business know that you share their concerns about this growing problem. By providing knowledge of how identification theft affects everyone and what your organization is doing to protect its members and customers, you help them understand the levels of security your institution provides.

According to the banking regulatory agencies that released "Identity Theft Red Flags" guidance at the end of October, leaders of financial institutions should expect to do more, not less, of this education in the next few years. With this in mind, how do you show your members and customers you also share their concerns and are doing all you can to address them?

A good place to start is by allowing your members and customers to choose how they receive information from your institution and by having a written privacy policy published on your website for anyone to see. By having choices available to your members and customers and publishing your privacy policy, you make your institution look proactive rather than reactive.

All institutions need to consider increased training in data protection responsibilities and should perform regular inspections to verify compliance with the training. Consideration should also be given to adding institution and customer data protection as an element of employee performance reviews.

Managers should be asked to assess their staff on compliance with these security policies. All email coming from an organization’s employees should re-emphasize the respective company’s anti-phishing and -spamming policies in a footer at the end of the email.

Make your protection of Customer data very clear. Customers who use your web site for their transactions want to know their data is safe. In a consumer survey, 88% of those who responded wanted to know if their data was secure, and 81% wanted to know if they could trust the site. The third most asked question was if the site has a good privacy policy.

Customers are looking for sites with security seals on them. These seals show that the site has been evaluated by an outside source and that it has passed inspection with proof of safety of their information. The seal also tells them you have a solid privacy policy, that your street address and phone numbers are readily available, and that your website has been checked for hacker safety. At your facility, you will want to show customers and members that their data is protected as a part of your normal everyday operations.

Some effective security precautions to prevent identity thefts in the office are:

  • Place the paper shredders where customers can easily see them.
  • Always store customer’s data out of view from others.
  • Place privacy screens over all computer monitors, especially those in offices with windows.
  • Never leave a computer screen unattended without first locking the screen with a password.
  • Keep a tight check on sensitive customer data access, preferably on a "need-to-know" basis. All access to this type of data should be recorded with information such as who accessed the information and when they did so.
  • Ensure that forms and applications do not ask for sensitive information that is not required.
  • Be sure that access to all sensitive data is controlled and that you know where all sensitive material is stored within your facility.
  • Ascertain that information about identity theft prevention is available through brochures, your company’s website and representatives of your institution at public speaking engagements.

(Look at the Federal Trade Commission’s website for a plethora of support materials, video, and brochures on Identity Theft prevention and reporting: www.FTC.gov).

legal disclaimer

1) Our website is not responsible for the information contained by this article as well for any and all copyright infringements by authors and writers. E-articles is a free information resource. If you suspect this article for any copyright infringements, please read the Terms of service and contact us to investigate the problem.
2) The E-articles directory team is not responsible for inaccuracies, falsehoods, or any other types of misinformation this tutorial may contain and will not be liable for any loss or damage suffered by a user through the user's reliance on the information gained here. Please read the Terms of service

Useful tools and features

Translate this article to...    Send this article to you or to a friend

Link to this article from your page   
If you like this article (tutorial), please link to it from your web page using the information above. Linking to this page, this is the only way to help us improve our service, the same time providing your visitors with a way to improve their online experience.

related articles

1. How to protect against Unexpected Inputs
When you surf the Internet, you download one of two types of Web pages to your computer: static or dynamic. A static Web page sits on a Web server until a client computer sends a request for it. Once requested, the Web page is then downloaded to the client computer exactly as it was created, where the Web browser then views the page. A static Web page is really nothing more than a brochure or advertisement, and does not allow the true power of the Internet to be expressed. However, a static page is relatively safe from hackers....

2. What are Buffer Overflows
Exploiting a buffer overflow is an advanced hacking technique. However, it is a leading type of security vulnerability. To understand how a hacker can use a buffer overflow to infiltrate or crash a computer, you need to understand exactly what a buffer is. A computer program consists of many different variables, or value holders. As a program is executed, these different variables are assigned a specific amount of memory as required by the type of information the variable is expected to hold. For example, a short integer ...

3. Protecting the Security of Information
The first and best line of defense against unwarranted intrusions into personal privacy is for individuals to employ e-commerce technology to protect themselves. Industry-developed and supplied encryption technologies and firewalls, for example, provide individuals with substantial tools to guard against unwarranted intrusions. Encryption is technology, in either hardware or software form, which scrambles e-mail, database information, and other computer data to keep them private. Using a sophisticated mathemati...

4. Why Is Authenticated SSL Necessary
Notions of identity and authentication are fundamental concepts in every marketplace. People and institutions need to get to know one another and establish trust before conducting business. In traditional commerce, people rely on physical credentials (such as a business license or letter of credit) to prove their identities and assure the other party of their ability to consummate a trade. In the age of e-business, authenticated SSL certificates provide crucial online identity and security to help establish trust between ...

5. Virus Prevention ~ How to protect against Internet Viruses
There are several elements to a good virus defense. The most important element requires some self-control—you must NEVER open a file/program unless you are 100% sure it is not infected. No matter how attractive the file is, where it came from, or what it promises you, you can never assume that a file is what it claims to be. For example, the Melissa virus reproduced through email and sent copies of itself to every one in the victim's address book. Because of this, relatives and friends of the victim were soon infected as ...

6. How to protect against Hostile Web Pages and Scripting
The dangers of Trojans and viruses are well known. However, many computer users are completely unaware of the dangers involved in viewing Web pages. Through scripting languages, Web page operators can upload and download files to your device (PC/PDA). They can also install mini-programs or grab information from you that can be used to destroy or take over your computer. Every time you go to a Web page, you actually download the full document to your computer. This includes all text, pictures, and even any code that is r...

7. Features of Windows Encrypting File System (EFS)
• Only available on Windows 2000 and Windows XP operating systems using NTFS partitions and volumes. (NTFS v5). • Encryption is transparent to the user. • Uses public-key encryption. Using a public key from the user’s certificate encrypts keys that are used to encrypt the file. The list of encrypted fileencryption keys is kept with the encrypted file and is unique to it. When decrypting the file encryption keys, the file owner provides a private key that only he has. ...

8. What are Denial of Service Attacks (DOS attacks) and how to protect against them
Hackers can wreak havoc without ever penetrating your system. For example, a hacker can effectively shut down your computer by flooding you with obnoxious signals or malicious code. This technique is known as a denial-of-service attack. Hackers execute a denial-of-service attack by using one of two possible methods. The first method is to flood the target computer or hardware device with information so that it becomes overwhelmed. The alternative method is to send a well-crafted command or piece of erroneous data that crash...

9. What is a Sniffer and How to Protect your Data Against Sniffing
A sniffer is a program and/or device that monitors all information passing through a computer network. It sniffs the data passing through the network off the wire and determines where the data is going, where it's coming from, and what it is. In addition to these basic functions, sniffers might have extra features that enable them to filter a certain type of data, capture passwords, and more. Some sniffers (for example, the FBI's controversial mass-monitoring tool Carnivore) can even rebuild files sent across a network, such as...

10. Short history about Internet Viruses on Palm OS
From lessons in biology, we know that viruses infect every other organism, without exception, including even the tiniest bacteria. Thus, biologists and anti-virus experts were not surprised to hear of the first malware infections of mobile devices. The first PDA virus appeared on the Palm platform in 2000. The Palm OS has a different architecture from desktop computers, so it is less suscep-tible to immediate infections from existing desktop viruses. In addition, the Palm has certain safeguards built into the OS to help...