Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Strategic Security: Identity Theft Protection



The statistics are a horror show: ID theft cost U.S. businesses and consumers $56.6 billion in 2005, according to the Javelin 2006 Identity Fraud Report. And phishing schemes are becoming more rampant and more sophisticated. The Anti-Phishing Working Group identified 11,976 unique phishing Web sites in May 2006, up from 3,326 in May 2005 and the highest number ever recorded by the group. Of course, politicians are tripping over one another to introduce legislation--based on a perusal of proposed bills, we wouldn't be surprised to hear a state mandate public tarring and feathering of any CEO whose company leaks personal ID information.

What does all this mean to enterprise IT? Plenty. You must address the problem from two angles: First, tightly control sensitive data to ensure your organization doesn't improperly release personally identifiable information about customers or employees; more on how to implement these controls later. IT also has a legitimate role educating employees on how to keep customer data safe. Work with business groups to define how this information may be used. Maybe you allow only scrubbed data to leave the building, for example.

IT also can help educate employees on how to keep their own identities safe. Suggest that workers turn the phishing knob all the way up on the spam filter--or better yet, default it to maximum and provide instructions on how to turn it down. A victim may spend many hours during the business day filing reports and talking to creditors to clean up after an identity theft, so even a modest investment in prevention can pay off in employee productivity. The FTC's ID Theft education site is a good resource for educational materials.


  • 1