Security matters: Protecting your computer and yourself

It seems like there is a month for everything these days.

October is National Breast Cancer Awareness Month, National Cholesterol Awareness Month, and National Collegiate Alcohol Awareness Month (really).  But did you know that October is also National Cyber Security Awareness Month?

Started in 2001 by the National Cyber Security Division of the US Department of Homeland Security, its singular focus has been to help US citizens secure personally identifiable information that is stored on personal computers as well as personal data that is stored out in “the cloud.”

Unfortunately, it’s unclear if we are succeeding. In 2010, over 4 million online records of sensitive, personally identifiable information were accessed by unauthorized persons — and that was just for healthcare providers and educational institutions!

So, what exactly is “personally identifiable information,” and what can be done about all of these breaches of computer security?

“Personally identifiable information,” or PII, refers to data that can be used to determine who a person is. For example, there are more than 5 million people named “John Smith.” So, a person’s name, by itself, is usually not enough to identify someone. However, if a person’s name is placed alongside a Social Security Number, then bingo, you have two pieces of data that are valuable if you want to steal that person’s identity and then deplete his/her bank account.

Insofar as PII being accessed by unauthorized persons, not all of these incidents involve computer criminals. Many “breaches of security” involve paper reports that are recycled but not shredded, PII that are emailed but not encrypted and phishing e-mails to which someone replies.

We can protect our own PII by following this short recommendations list:

1. Never email anyone your passwords, SSN, bank account numbers, credit card numbers or department store account numbers.

2. Never tell anyone your passwords, SSN, bank account numbers, credit card numbers or department store account numbers over the phone unless you initiated the call.

3. Always have a complex password on your computer, smart phone, etc. (even though passwords are considered a weak security measure).  If you lose your iPhone or Droid, no one should be able to find and use your smart phone without having to first crack your password.

4. Install, run and keep anti-virus software current on your computer, smart phone, etc..

5. Every month, review your bank and credit card statements.  Research any questionable activity.

6. Once a year, visit to get your three free credit reports, then scrutinize them and research any questionable activity.

7. Buy a cross-cut paper shredder, and use it for any documents containing your SSN, bank account numbers, credit card numbers or department store account numbers.

Even if you follow these recommendations, you may still have your PII accessed by unauthorized persons and perhaps even have your identity stolen. But, if you do follow these basic recommendations, you will, at least, have done what you can to safeguard the data that uniquely identifies yourself to the rest of the world.