Identity Theft 101: Difficult to Combat. But There’s Hope.

scott-mitic-trustedid.jpgI asked Scott Mitic, CEO of TrustedID some questions about identify theft. TrustedID is a company specializing in helping companies not be a target of identify theft attacks, and helping them mitigate damages from a breach in security leading to identify theft.
It appears that identify theft (the awareness of it) goes and comes. Is it always a threat or is it a “seasonal” threat?
It does seem like we are hearing more about identity theft today than we have in the past and that’s because identity theft continues to grow and affect more people every day. Last year alone over 250 million identities were compromised. That’s almost every American adult in this country. While there seems like there are times when identity theft is more in the news than others, the threat exists everyday.
trustedid.gifThere are so many ways to have one’s identify stolen – ATM machines, web sites, email, postal mail and more. How can one keep up?
It’s becoming increasingly difficult for individuals to not only keep up but stay ahead. Identity thieves are becoming much more sophisticated in their methods and unfortunately without a service that provides advanced protection using technology and sophisticated monitoring solutions it is very difficult to keep your identity safe on your own.
What are the figures on identity theft? How many identities stolen a year? How many from businesses?
There are over nine million identities reported stolen every year, or one every two seconds. The Identity Theft Resource Center, the country’s leading non-profit organization dedicated to identity theft prevention, estimates the cost to businesses due to identity theft in 2007 at $49 billion. In a report by the Center for Identity Management & Information Protection, 50% of the cases identity theft they studied could be tracked back to information lost by a business.
With many businesses working from their home offices, does this affect how secure or insecure a business is?
In many cases, your identity is as secure as the places where you store it. If your home office is well-organized – important information locked up, limited access by people other than you, and passwords to protect your computer – you may be just as safe as you would be working in a more formal office environment. If, on the other hand, you share a computer at home with kids who download software (and possible malware), your financial information gets spread across tables in reach of babysitters or housecleaners, and you don’t own a home shredder, you could be putting yourself and your business at significant risk.
If one has their identity stolen what should one do?
As a first step, place fraud alerts on you personal credit reports, to give you and your business extra protection against a thief opening new credit accounts in your name. Immediately notify any institutions impacted by the theft you are a victim. Contact law enforcement if the crime results in losses greater than $500 in value, so they can provide you with a police report. This documentation may be important later as you try to restore your identity to good standing.
Is all identity theft equal? Meaning – are some thefts not as bad as others?
Like most crimes, identity theft comes in many different levels of intensity. On one side of spectrum is simple credit card fraud which can usually be resolved with a quick telephone call to your financial institution. At the other extreme, child identity theft can often go on for years undetected and involve the IRS, banks and employers. Resolving these complex forms of the crime can consume hundreds of hours and stretch over years.
How can I reduce the risk of my company suffering a data breach, in which information about my customers or employees is compromised?
There are three five key rules to follow:

1. Collect only information you need from your customers. The more information you store, the more information a thief can steal, the higher your costs of secure storage, and the greater potential liability if the information is compromised.
2. Invest in software and hardware to protect your customers’ data. Understand and comply with key industry standards for data storage. Create and display a Privacy Policy that details how your information collects, stores, secures and shares data. Leverage your investment by promoting your security-consciousness to your customers, giving them greater confidence in your business.
3. Create policies to limit access to sensitive information to trustworthy employees who have a valid business reason to access that data. And even if you consider them to be trustworthy, err on the side of caution and require background checks and drug tests every 12 months.
4. Secure your physical workplace by locking mailboxes, desks, file cabinets, computers, and anything that might contain valuable information. Many identity thieves steal information directly from offices and take advantage of any unsecured access point. Require all employees to lock office doors every night. Install video cameras in the office to monitor nighttime activity.
5. Properly dispose of information when you no longer need it. Use a shredder for all paper documents and make sure electronic files are completely destroyed. If your office disposes of large amounts of sensitive information, hire a trustworthy, outside company to do your shredding for you.


About Ramon Ray

Ramon Ray, Marketing & Technology Evangelist, & Infusionsoft. Full bio at . Check him out on Google Plus, Twitter or Facebook

  • Lynn

    This is great information for small business owners. For more information about PCI compliance and to learn how to take steps to protect a small business from credit card fraud, consider a new guide specifically written on the topic. It’s called “Take Charge: Protecting Your Customers’ Credit Card Data.” CalBizCentral, a company we work with, just published this book as a resource to help Level 4 merchants (businesses that handle fewer than 1 million total credit and debit card transactions and fewer than 20,000 online transactions annually) become safe and compliant. The guide is a comprehensive workbook, with examples and resources that are easy to understand. With small businesses quickly becoming the number one target of online theft, this book can be a powerful tool to help keep a business secure and successful. To learn more, feel free to watch a brief video from the book’s author about steps to becoming PCI compliant: