Is the U.S. Losing the Information War?

By Rick Kam

In a March 13, 2008 article in GovernmentExecutive.com by Gautham Nagesh titled "Feds losing war on information security, senators told",

"The federal government is losing the battle to keep its information systems secure, according to expert testimony at a Senate hearing on Wednesday."

Why?

Protecting information has become a significant challenge for all organizations large or small, in pubic or private industry. The amount of personal information any organization has on its customers and employees and the many ways they are stored; both in electronic and paper form, make protecting information from thieves a daunting task.

What are these organizations trying to protect?

There is value in information considered personal or health related. Your name, address, SSN, mother's maiden name, and yes, even the name of your favorite pet (if you use it as a password recovery keyword) has value to ID thieves who utilize it to access your bank accounts, set up new accounts using this information, or use you to mask their criminal past.

Think about the places you have your information stored in your home like files in your kitchen or home office, boxes in the garage, utility bills, and explanation of benefits statements posted on the refrigerator awaiting payment.

Now think about where you work, whether in health care, insurance, government agencies, car dealerships, accounting firms, etc. You may see a lot of this information accessible to anyone, including ID thieves. There in lies one of the biggest challenges. Protected information is easily available to anyone everywhere you look!

What do you do about it?

In your home, secure this information in a locked file cabinet and away from people who may see it and decide to use. At work, let your supervisor know that there is information that you think should be protected so the organization can secure it properly.

Is this a losing battle?

No. We can win the information war by each of us making an effort to do our part to protect our information and alert others when we see possible exposures. You can make a difference.

Share Your SSN with Anyone?

by Rick Kam

When is it OK to give someone your SSN, if ever?

The answer is ...

NEVER give out your SSN to an organization or person you don't know.

There are only a few reasons organizations need your SSN. One is if you are applying for credit. Say, you walk into your local car dealer and decide to buy a new/used car. The dealer will ask you for a copy of your drivers license and will check your credit report to see if you are an able buyer.

Another good reason an organization will ask for your SSN is if you are applying for a job. The employer will do some background and credit checking depending on the position you are applying for. If you are not comfortable with the organization having your personal information to do this background check, you may want to reconsider working for them.

The other reason is to pay taxes. The IRS will require your SSN on your tax returns. Many of us may ask why the IRS needs your SSN? Well, it is so they can identify that you submitted and paid any taxes due. Unless you want the IRS coming after you, it is probably a good idea to provide your SSN on your return.

If others ask you for your SSN, make sure you ask why they need it and ask how they plan to protect and destroy the information once they are done with it. It is incumbent on organizations to protect your personal information, especially with recent privacy legislation (i.e. HIPAA or GLBA).