There has been a lot of press on the subject of online security. Much of this relates to the use of personal information and how it can and cannot be utilised. We’ve all heard the stories of major enterprises that have been hacked, customer information stolen, and further.
The problem is that as most of us are now online in some form, there is a lot about us stored in places where we have little control.
It’s up to the businesses that hold this information to treat it carefully, especially when it comes to Personal Identifiable Information (PII).
What is PII, and why is it of such great importance in terms of security and commerce? That’s what we’re here to discuss, so let’s begin by defining personal identifiable information.
What is Personal Identifiable Information?
When we talk about personal identifiable information we mean that which is unique to the individual and could be used in unscrupulous ways. It can also be used in ways that we permit – for example, in targeted advertising that we agree too – and there are many different types.
Information of this kind is not limited to the written word. It can also include communications, or even biometric information. To make things easier to understand we’ll now look at some different examples of PII.
Examples of PII
The most obvious example of PII is an individual’s name. This may be found in a wide variety of places online. It will also be linked to a vast amount of data. For example, it will be on your health records and bank details, club memberships and employment records, and on your driver’s licence and government held information.
Other such information could be your IP address, your passport and social security number, your address and even photographic evidence and fingerprints. All of these fall into the first category of PII which is that of information that can directly identify the individual.
There is a second category that is not direct but could possibly be used as PII. This may include information about your religion, your date of birth and where you were born, your race, your employment history and your financial status. Geographical information also falls into this category. This information can be used to identify people in part, and when linked with others may provide a direct identification.
Why is all this important? The IT department of any company has a difficult job as things stand but with the requirement to keep PII carefully contained and inaccessible things need to be taken to another level. Let’s talk about what you can do to ensure this data is private and secure, and why you need to do it.
What You Need to Do
The problem with keeping PII contained is not helped by the prevalent use of social media. Yet this is not a problem for the IT manager, more so for the individual. Be careful what you give away online without thinking as it can be used by those who may have unsavoury ideas in mind. PII hacks are among the most common as the information holds a great deal of value.
For the individual, it is essential that thought is put into what you share on social media. More precisely, share it only with those whom you know and can trust. Don’t leave data such as this lying around on hard copies, and destroy duplicates you do not need. Only give away PII when you are certain it is necessary and never without question.
This may seem like common sense but in fact it is all too easy to overlook the simple things and give away your address or date of birth, for example, without considering what you are doing. Also, avoid public wi-fi networks and don’t access vulnerable data on an insecure network. This is something to keep in mind when on the move.
From a business point of view there is a need to ensure that your IT systems are suitably equipped to protect your employees, clients and others who may deal with you in terms of keeping their PII secure and safe. This is best done using a top-of-the-line data protection solution such as Cipherpoint’s cp. Protect. This clever and easy to use solution encrypts data entering or leaving through commonly used doorways in the network and manages permissions so as to restrict access to sensitive PII. It’s a sensible step towards a more secure system so is worth looking into.