Scribd Logo
Upload

Welcome to Scribd!

  • SCTY310 Assignment 8.3

    Uploaded by

    Carlos Carrion
    6 views6 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views6 pages

    SCTY310 Assignment 8.3

    Uploaded by

    Carlos Carrion

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 6

    Running head: PROTECTING PERSONAL IDENTIFIABLE INFORMATION 1

    Protecting Personal Identifiable Information

    Security Management Article

    Embry Riddle Aeronautical University

    Abstract

    This paper will discuss personal identifiable information and what can be done to protect it.

    Fischer, Halibozek and Walters (2012) state “Protection of personal identifiable information has
    PROTECTING PERSONAL IDENTIFIABLE INFORMATION 2

    become a high priority in recent years, with states and the federal government passing laws

    requiring stringent protection of such information” (p.141). As part of a modern world where

    technology has taken over much of our personal information, safeguarding it has become very

    important and critical. Something as simple as our gender, date of birth or zip code can be used

    by hackers and criminals to take advantage and cause harm. Even terrorists have begun to

    exploit personal identifiable information seeing the advantages they pose and its ease of

    obtainment. The importance of training and being aware of this threat has caused many changes

    in software and internet security.

    Keywords: cyber, security, blocking, hacking, prevention, protection, sensitive

    Protecting Personal Identifiable Information

    Personal Identifiable Information (PII) is any data that could potentially aid in the

    identification of an individual. Specifically, The General Services Administration (GSA) defines


    PROTECTING PERSONAL IDENTIFIABLE INFORMATION 3

    PII as “The Office of Management and Budget (OMB) defines personally identifiable

    information as:

    information which can be used to distinguish or trace an individual's identity, such as

    their name, social security number, biometric records, etc. alone, or when combined with

    other personal or identifying information which is linked or linkable to a specific

    individual, such as date and place of birth, mother’s maiden name, etc.

    The article selected highlights the importance of PII how it is prime for hacking as well as how

    to protect it. Protection of PII affects us all alike whether you are an employee, student, patient,

    client, or employer. Chapa (2016) states “the U.S. Government Accountability Office (GAO)

    added protecting the privacy of PII to its list of high-risk issues affecting organizations across the

    country.” This is due to one of many reasons among them, the increase of cases related to stolen

    identity. Additionally, terrorist have begun to exploit the internet and social media, hacking

    accounts and obtaining PII of possible targets. Due to these growing threats how to protect PII is

    becoming more and more important and time sensitive.

    Discussion

    When PII is leaked, its consequences can affect individuals and companies very

    adversely. According to Chapa (2016) “All organizations, from large federal agencies to

    universities, hospitals, and small businesses, store PII about their employees, clients, members,

    or contractors.” These data breaches can often lead to legal action by either party causing

    damages, costs and sometimes bad reputation, which is even harder to recover from. Chapa

    (2016) also mentions that “According to research by the GAO, 87 percent of Americans can be

    uniquely identified using only three common types of information: gender, date of birth, and ZIP

    code.” This is very alarming as obtaining those three common types of information can be found
    PROTECTING PERSONAL IDENTIFIABLE INFORMATION 4

    on a number of things such as account bills, email, etc. Most recently, Islamic state terrorists

    obtained the names of dozens of US government employees and published a list geared to drive

    fanatics to cause them harm (Blake, 2016).

    When it comes to protecting PII, various steps can be taken by individuals and

    organizations alike according to Angel Hueca, an information systems security officer with IT

    consulting company VariQ (Chapa, 2016). One important aspect of cyber security and

    protecting PII is training. Many individuals are oblivious to the threat that PII poses and for that

    reason they do not think about the consequences they could face from sending information over

    unprotected emails or social media accounts. Gauntt (2016) states “normal email is unencrypted

    and easy to intercept online, so you should never email sensitive data like credit cards, bank

    accounts, Social Security numbers and passwords.” By keeping sensitive information segregated

    there can be additional firewalls installed for the protection of the content making it harder for

    hackers and criminals. According to Chapa (2016) Hueca states that “segregating duties and

    tightly controlling who has access to certain information can help and isolating potentially

    sensitive information can prevent harmful leaks.” Also sensitive data should be encrypted and

    accessible only by the use of organizationally issues electronic devices. In all types security

    having multiple layers of protection is preferred as this strategy can help deter criminals, yet, in

    the event that these layers fail, it is also important that individuals and organizations have a

    response plan to counter any breach.

    Conclusion

    The protection of PII can be a difficult task due to the changing environment and use of

    the internet which is open to millions of users. Hackers often have at their disposal many tools

    which can allow them to obtain your personal information leading to identity theft and other pain
    PROTECTING PERSONAL IDENTIFIABLE INFORMATION 5

    staking situations. Terrorist also have begun to understand the importance of PII having targeted

    government employees, publishing their names and information abroad in an attempt to

    influence violent sympathizers. Awareness is crucial for employees in the work place and

    individuals in general which is why training programs and response plans must be in place.

    Safeguarding PII by encryption devices and passwords should be common sense in the digital

    age. The use approved devices in the workplace for the transmit of this information needs to be

    taken more seriously and controlling who has access to this information must be monitored.

    References

    Blake, A. (April 26, 2016). ISIS supporters circulate kill list of state dept employees. Retrieved
    PROTECTING PERSONAL IDENTIFIABLE INFORMATION 6

    from http://www.washingtontimes.com/news/2016/apr/26/islamic-state-supporters-

    circulate-kill-list-state/

    Chapa, L. (February 16, 2016). How to protect PII. Retrieved from

    https://sm.asisonline.org/Pages/How-to-Protect-PII.aspx

    Fischer, Robert; Halibozek, Edward; Walters, David (2012). Introduction to Security. Elsevier

    Science. Kindle Edition.

    Gaunt, W. (May 1, 2016). Keeping your business information safe. Retrieved from http://herald-

    review.com/business/local/wendy-gauntt-keeping-your-business-information-

    safe/article_4e38ea92-ba17-56ed-9a63-029f89657980.html

    GSA Privacy Program. (n.d.). Rules and Policies - Protecting PII - Privacy Act. Retrieved from

    http://www.gsa.gov/portal/content/104256

    You might also like