Personally Identifiable Information
IFSM 201

Everyone in today’s society is at risk for identity theft or other fraudulent actions against them using unauthorized use of their personally identifiable information. Luckily, there are many different ways to prevent such actions. The Department of Homeland Security defines” personally identifiable information (PII) as any information that permits the identity of an individual to be directly or indirectly inferred, including any information that is linked or linkable to that individual, regardless of whether the individual is a U.S. citizen, legal permanent resident, visitor to the U.S., or employee or contractor to the Department.” (Callahan, 2012).
Some Personally identifiable information that can be used to cause harm on their own are social security number, driver’s license number, password number, alien registration number, etc. Other PII that can be used to cause harm when combined with other information are: name, email address, home address, date of birth, last 4 digits of social security number, mother’s maiden name, account passwords, phone number etc. There are numerous ways to combine someone’s information and gain access to private information.
Unfortunately most PII are not difficult to get access to, because these information are use in everyday activities. Whether it is the doctor’s office that basically has all PII on a person or the lawyers office or a store that a credit card was used to purchase something or the car dealership that copies driver’s license before a test drive. Regrettably, most of these businesses does not know how to protect PII, therefore does not train there staff accordingly. Businesses or reckless in protecting customers PII by; mishandling, leaving the information in un lock cabinets or in plain view on a desk, sending the information through un-secure internet emails or fax or not a high enough security on their computer system making it easy for hackers to get access that information. Just in 2014, numerous companies were hacked including two of the largest retail stores in America, Target Home depot. According to the Washington post “Hackers also grabbed personal information, including names, home addresses and telephone numbers, of up to an additional 70 million Target customers in that attack.” (Douglas, 2014). It was also reported that “The cyber­attack has resulted in 2,400 cards from customers being used in fraudulent transactions so far.” (Douglas, 2014). Similar attacks were also against home depot where millions of customers personal information where compromised. These are just a few examples of what hackers been up to. Protecting ones PII for the most part is intuition, knowing what is sensible, making sure the information is being left in capable hands, kind of like protecting ones baby. It can hard to have to do at times and on the other it can happen by mistake. Like forgetting to shred and important piece of document with PII and it ends up in the wrong hands or leaving the information with someone whom you taught was trustworthy, turns out that person has a different agenda. Some common practices that everyone should participate in regarding PII but do not are: securing personal information in your home, don’t leave a social security on the dining room table, not everyone who visits you have to best intentions. Do not walk with social security number in wallet, this should be common sense unfortunately it is not. Do not leave electronics or other personal information documents in the car, if it must be the car it should be locked in the trunk out of plain view. Do not discuss PII over the phone or forward same information in an email. Do not post sensitive information on social media networks for examples do not create a status saying all your passwords are the same. It is imperative for everyone to know the risk that are involve in using social media and websites. Social media should be treated like a stranger and everyone should act accordingly. The Department of Homeland Security list more technical ways to protect ones PII that may not be so much of a common sense action. For mailings containing a small amount of Sensitive PII materials, Seal Sensitive PII materials in an opaque envelope or container, Mail using the U.S. Postal Service’s First Class Mail, Priority Mail, or an accountable commercial delivery service ,For large data extracts, database transfers, backup tape transfers, Encrypt the data (if possible) and use a receipted delivery service (i.e., Return Receipt, Certified or Registered mail) or a tracking service (e.g., "Track & Return") to ensure secure delivery is made to the appropriate recipient. (Callahan, 2012).
Taking precautions are not always successful with the right amount of motivation any decent hacker can get to the information they want. The hacker may not even get your information from you but a business that you shopped with. The thing is to not make it easy for hackers, maybe after couple tries to crack a password with success the hacker will give up. Make passwords and username unpredictable and change them for each online line account. Always take every precaution that is out there to make sure Personally Identifiable information for as long it they can be. Recklessness can lead to more than one attempt at identity theft and there may no way gain back what was stolen.
Bibliography
Callahan, M. E. (2012, March ). Homeland Security. Retrieved February 25, 2015, from http://www.dhs.gov/sites/default/files/publications/privacy/Guidance/handbookforsafeguardingsensitivePII_march_2012_webversion.pdf
Douglas, D. (2014, January 29). The Washington Post . Retrieved February 25, 2015, from http://www.washingtonpost.com/business/economy/holder-pledges-to-hunt-down-thieves-in-target-breach/2014/01/29/6f97517a-8900-11e3-833c-33098f9e5267_story.html
Identity Theft Resource Center . (n.d.). Retrieved February 25, 2015, from http://www.idtheftcenter.org/ITRC-Surveys-Studies/2014databreaches.html
Tsukayama, H. (2014, April 22). Washington Post . Retrieved February 25, 2015, from http://www.washingtonpost.com/blogs/the-switch/wp/2014/04/22/hackers-are-getting-better-at-offense-companies-arent-getting-better-at-defense/

--------------------------------------------
[ 1 ]. “Without a doubt, 2015 will see more massive takedowns, hacks, and exposure of sensitive personal information like we have witnessed in years past,” said Levin. (Identity Theft Resource Center )
[ 2 ]. "We’ve got a lagging situation here, where businesses are not acting quick enough to keep up with the capabilities of threat actors,” said David Burg, the global and U.S. advisory cybersecurity leader at PricewaterhouseCoopers (PwC). (Tsukayama, 2014)