Friday, May 15, 2009

Who's Identity Information is safe anymore? Probably no ones.

I reading up on the latest security breaches and stumbled onto this web site which has recorded hundreds of known security breaches since 2005. Check it out here:

http://www.privacyrights.org/ar/ChronDataBreaches.htm

It's amazing how many different ways your personal identity information could be compromised. So much of this can be prevented with the proper security measures. I don't know if the number incidents is rising or not, but it seems the same vulnerabilities continue to be exploited, lost equipment, compromised web sites, internal users' mishandling of data.

There is a link to another great web site full of the latest statistical information about breaches which I find very interesting:

http://datalossdb.org/

Protecting peoples' identities is an ongoing battle which most security professionals recognize must be fought on many fronts. There's not too much you can do about an employee whom you place trust to not misuse data, but you can certainly implement good auditing tools which security managers can use to help keep the honest people honest. Then of course there is always human error. Well, again even though people make mistakes there are some safeguards that can be put in place to prevent people from doing stupid things like inadvertently sending out mail with peoples SSNs on the labels. As for the missing or stolen equipment, well there's some great disk encryption solutions out there.

Makes you think twice about giving any company or government your information doesn't it?

No comments: