Locking up sensitive documents is one of the most important and underutilized ways to protect company data. Of the individuals surveyed by the Ponemon Institute, 56 percent state that over 50 percent of their company’s sensitive or confidential information is contained within paper documents. Since 49 percent of all breaches involved paper, locking up what cannot be eliminated or destroyed is essential. To get you firmly into the business mind-set of thinking like a spy, start with this simple three-step classification process:

1. Classification: Set up a classification scheme. For example, you might have four levels of access: public, internal, classified, and top secret.

• Public documents are the only documents meant to be seen by outsiders (the public). This might include sales and marketing materials, websites, public filings, and the like.
• Internal documents are those appropriate for employees of the company to see, but inappropriate for outsiders. These are generally not high-risk documents, still it’s better to keep them confidential, just in case.
• Classified documents are a security risk if the wrong people see them, either internally or externally. Only certain employees and executives would have access to these documents (see step 2). Classified documents might include human resource files,customer lists, product development papers, department financials, strategy frameworks, and so on.
• Top secret documents are those meant for only a small number of very carefully vetted people at the company. Top secret documents tend to include trade secrets (e.g., the recipe for Coke), intellectual capital, merger and acquisition data, and proprietary financials.

2. User-level Access: Set up a system of locking that grants only qualified individuals access to the corresponding level of confidentiality. Continue Reading….

Privacy Means Profit

Prevent Identity Theft and Secure You and Your Bottom Line

“This book builds a bridge between good personal privacy habits (protect your wallet, online banking, trash, etc.) with the skills and motivation to protect workplace data (bulletproof your laptop, server, hiring policies, etc.).”

In Privacy Means Profit, John Sileo demonstrates how to keep data theft from destroying your bottom line, both personally and professionally. In addition to sharing his gripping tale of losing $300,000 and his business to data breach, John writes about the risks posed by social media, travel theft, workplace identity theft, and how to keep it from happening to you and your business.

Related posts:

1. Achilles 3 Fatal Business Mistakes (or How to Protect Your Heel)
2. Workplace Identity Theft: Shredding

MOUNT CLEMENS, Mich. – A judge removed a juror from a trial in suburban Detroit after the young woman wrote on Facebook that the defendant was guilty. The problem? The trial wasn’t over. Hadley Jons, of Warren just north of Detroit, could be found in contempt when she returns to the Macomb County circuit court Thursday.

Jons, 20, was a juror in a case of resisting arrest. On Aug. 11, a day off from the trial and before the prosecution finished its case, she wrote on Facebook that it was “gonna be fun to tell the defendant they’re guilty.”

Read the Complete Post on Yahoo.com

This highlights an emerging issue in the world of information exposure and control. What you post on Facebook (words, videos, photos, status) can be used for other purposes (good and evil). Take a look at some of the ways law enforcement is using social networking profiles to keep tabs on you.

Related posts:

1. Facebook: Press 2 For Law Enforcement
2. Facebook Installs a Panic Button for Children
3. Facebook ‘Dislike Button’ is a Scam!

I received an email last night from a well-known TV anchor wanting my input on a new Facebook issue.  He’d read that when calling Facebook Headquarters, the automated attendant comes on and gives you options to reach each department, and the second option was to press 2 for “law enforcement.”

It could seem odd to many, but it’s true. If you call the Facebook Headquarters (650-543-4800) and reach the switchboard, the 1st option is “For customer support, press 1″ and the second option is “For law enforcement, press 2″. Law enforcement comes ahead of business development, marketing, press, and employment verification in the list of options.When you press 2, the next message says: “This message is only for members of law enforcement. Please note that due to a very large volume of incoming calls, the current call back time is two to four business days. For a faster response, please leave your work authorized email address… A member of Facebook’s security team will email in a timely manner.” Which means that Facebook is very busy fielding calls from law enforcement.

The anchor, and the rest of us, want to know why!

Facebook receives all kinds of requests by law enforcement, as it is essentially a diary of each and every user. Don’t confuse it with a typical diary of the pre Web 2.0 era. The modern diary (or dossier, as I more commonly refer to social networking profiles) is a photo journal, video log, friendship org chart, location status, written history, browsing analyzer, that is so effective because it can be so addictive. In other words, the Facebook activity of an average user  is a digital representation of  that user’s identity. So, to net it out, here several reasons law enforcement officers call Facebook:

• Tracking listed sex offenders for inappropriate use of the Internet
• Civil dispute subpoenas (domestic cases, child custody, harassment, etc.)
• Evidence used in the discovery process (establishing intent, state of mind, relationships, etc.)
• Cases of libel or defamation
• Terrorist activity tracking and fundraising
• Background checks for local, regional and federal governmental positions
• Background checks on potential jurors (see tomorrow’s story about a juror who was dismissed because of a Facebook post)

This is a fascinating and under-reported aspect of social networks – they are providing an open book on people (for good and evil) that used to take investigators (and scammers) weeks or months to collect. All you really need is a subpoena, or to friend the person on whom you are collecting data.

John Sileo became one of America’s leading Social Networking Security Speakers. You can learn more about Facebook Safety and how to protect yourself online here. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Related posts:

1. How to Disable Facebook Places
2. Facebook Hits 500 Million Users: 3rd Largest Country
3. Facebook Safety Survival Guide

“Privacy Means Profit” John Sileo with Ted Garrison

LISTEN NOW

Related posts:

1. Business Identity Theft Radio Interview, Part I
2. Identity Theft Speaker on The Bill Handel Radio Show Today!
3. Facebook Privacy Policy: Zuckerberg Interview

“DODGING THE HIT FROM IDENTITY THEFT: WHY YOU SHOULD CARE” John Sileo with Ted Garrison

LISTEN NOW

Related posts:

1. Business Identity Theft Radio Interview, Part II
2. Identity Theft Speaker on The Bill Handel Radio Show Today!
3. Facebook Privacy Policy: Zuckerberg Interview

Here is the step by step process to disable Facebook Places:

1. Log into your Facebook account, and at the top right drop down menu under Account click Privacy Settings.Once you are in Privacy Settings you will see this screen:

2. Click Custom (if that isn’t your selection already) and then click below 0n Customize Settings.

3. You should see the following screen, where you will need to make 2 changes – first, to Things I share and then to Things others share. Under Things I share click on the drop-down box next to Places I check in to click custom and chose to make this visible to  Only Me.

5. Scroll down on the Customize page to Things others share:

Under Things others share click Disabled to the right of Friends can check me in to Places.

One More Thing…

There is one last step you should take. You need to adjust one last setting that allows third-party applications (such as quizzes and games) used by your friends to access your location data. Facebook makes it difficult by stating that you only need to “uncheck the new box in your Privacy Settings under “Applications and Websites.” Facebook should have specified which box they were talking about, and they should NOT have turned this on by default. Alas, in reality, we’re not working with what Facebook should do, but what we must do to turn off data leakage.

Go back to the main privacy page (above) and under the heading, “Applications and Websites.”click on “Edit your settings.” You should now be looking at a screen similar to the one below. Click on the “Edit Settings” button across from “Info accessible through your friends.”

You should see a pop-up window (like the one below) that lists a variety of identity information from your profile including biography, birthday, hometown, current city, and so forth. Any of these items that are checked off are available to third-party applications used by your friends.

Find the checkbox called “Places I check in to,” and uncheck it (if you don’t want third-party applications that your friends use to harvest your check-in data). While you are here, uncheck any other data that you don’t want your friends sharing with corporate America.

TIP: Third-party applications you use personally can gather your geographic data only if you authorize that application to do so. The downside is that if you don’t want an application to access your location data then you won’t be able to use that application.

These steps will help tighten your security and minimize the amount of location tracking data that is stored and shared. Facebook, however, will always reserve the right to collect and utilize this data internally, but that’s the price you pay for using Facebook. Although this disables Facebook Places now, it is best to stay current on the changes that Facebook is making and always check your privacy settings to make sure that you are protected.

John Sileo became one of America’s leading Social Networking Security Speakers. You can learn more about Facebook Safety and how to protect yourself online here. His clients include the Department of Defense, Pfizer and the FDIC. To learn more about having him speak at your next meeting or conference, contact him by email or on 800.258.8076.

Related posts:

1. 6 Abuses for Facebook Places
2. Facebook: Press 2 For Law Enforcement
3. A Facebook Privacy Tool, Finally

• Help people share where they are in a social context
• See which friends are near by
• Discover nearby places and new places through friends’ profiles

But, by default, it also allows your friends to tag and publicize your location for you. It’s like being tagged in a photo, except the other person gets to share your location instead of your picture (even if you don’t want others to know where you are, and even if you are not there).

Here are some of the rarely discussed ways that Facebook Places will be used (now or in the future) that you might want to think about before checking in:

1. Facebook will sell (share) your current location and profile to stores in your vicinity so that they can server you hyper-targeted advertising (e.g., here’s a coupon for the store you are about to enter).
2. Friends who aren’t actually your friends will be able to check you in to questionable Places even when you are not there (the practical jokes for the Check Friends In feature are limitless)
3. Facebook will compile and analyze your Places and then sell this profile to companies that would like to have you as a customer. If you “check in” frequently while in Casinos, get ready for a healthy dose of advertising from Bally’s.
4. Thieves will track your location to know the best time to rob your home. It happens every day.
5. Your suspicious spouse or boss will have a handy tool to track your whereabouts when you’d rather keep it private (this could actually be seen as a positive use of Places).
6. The police will be able to subpoena records of your location at the time of a crime (again, if you have done nothing wrong and can prove it, this is a great way for law enforcement to establish location).

The solution isn’t to completely avoid all use of places. It’s to customize your Facebook Places Privacy Settings so that you are in control of the flow of data.

Social Networking Safety Speaker John Sileo

Related posts:

1. How to Disable Facebook Places
2. A Facebook Privacy Tool, Finally
3. Facebook Announces New Privacy Settings

Protecting Your Children

Acting now on behalf of your child will protect them from consequences common to child victims:

• Starting adulthood with a credit rating low enough to scare away the hungriest of loan sharks
• Being denied a first loan, credit card or apartment rental because of a crime committed 10-15 years earlier (the passage of time makes this crime very hard to clear up)
• Being denied access to college or a new job
• Having a warrant out for her arrest for crimes that she didn’t commit

In the same way that you can’t protect your children from every bruise and scrape, you can’t entirely remove the risk of identity theft. You can, however, prevent or soften the fall if it does happen. Take these steps first:

1. Stop giving out your child’s personal information. Until you are confident that it is absolutely necessary to receive the services desired, withhold their personal information. More than 80% of organizations that ask for your child’s Social Security Number don’t actually need it to establish services. If you must give it, ask them how they will use it, how long they will keep it and how it will be protected while they have it. Vigilance is highly effective. Never carry your child’s SSN with you.
2. Order a free credit report for your child at least once a year. All three major credit reporting bureaus (Equifax, Experian and TransUnion) offer one free credit report per year per individual. Order one for your child at the same time you order yours and review them both for any red flags indicating fraudulent activity. I recommend that you order the first one (Equifax) right now; order a second report (Experian) in 4 more months; order the third report (TransUnion) four months after that and then repeat the process the following year. For a more convenient option, use an identity monitoring services for you and your family.
3. If you find evidence of fraudulent activity, contact the police, the source of the fraud and all three credit bureaus. Filing a police report helps to establish your child’s innocence in an official way. Have the credit bureaus FREEZE your child’s credit for maximum protection. Keep detailed records of all correspondence between yourself, the police, the merchant and the credit bureaus. It will come in handy should you ever find yourself in court, as I did.
4. Educate your children on the importance of protecting their personal information. Teach them about the value of their personal information: their name, address, phone numbers, email address, Social Security Number and any passwords and PIN numbers. Reinforce that they own their private information and that it should not be shared with friends, over the internet or with anyone whom they don’t know or trust. Education is absolutely the best financial gift you will ever give to them. Because you love and protect your children as much as I do, you should start this process immediately.

In the case of child identity theft, an ounce of prevention is worth a lifetime of financial security. Don’t let the center of your universe become just another statistic.

After losing his business to data breach and his reputation to identity theft, John Sileo became America’s leading identity theft expert. He speaks to audiences around the world about protecting personal and professional data. To learn more, visit www.ThinkLikeASpy.com or John’s LinkedIn Profile.

Related posts:

1. Child Identity Theft Expert – Part II
2. Child Identity Theft Expert – Part III
3. Child Identity Theft Expert: A Growing Concern – Part I of 4

If you’re thinking “this couldn’t happen to my child,” think again!

Who Does This?

The identity thief is not always a stranger. In many cases, it’s a relative with bad credit who takes advantage of a child’s pristine credit. Conveniently, these family members generally have access to the information necessary to maximize the fraud with little attention.
This seems absurd, but imagine a parent who is strapped for cash, has a bad credit score and needs to buy groceries. In this case, short-term thinking blinds the relative or friend to long-term consequences. In other instances, the child’s future is not taken into consideration at all.

Frankly, it doesn’t take much to get the crime underway; all a criminal needs is the child’s name and Social Security Number. These pieces of personal information are exposed in a variety of ways:

• When registering for daycare, schools and recreational sports
• On medical, dental and hospital records
• When joining organizations like the Girl Scouts, Boy Scouts, etc.
• When the above information is permanently stored and accessed by volunteers or employees
• When one of the above organizations is breached by a hacker or malicious software
• When an adult befriends your child on a social networking site (MySpace, Facebook) and eventually socially engineers private information out of them

The Three Basic Types of Child Identity Theft

Child Identity theft generally falls into these 3 categories:

1. Financial identity theft occurs when the name and Social Security Number is used to establish new lines of credit.
2. Criminal identity theft happens when the criminal uses the child’s identity to obtain a driver’s license or substitutes the child’s identity if caught in a criminal act.
3. Identity cloning entails using a child’s identity (via information collection or a black market ‘purchase’ of personal information) for financial, criminal and governmental purposes. The most common form of cloned identity theft is committed on behalf of undocumented workers looking for an identity that will keep them working in this country.

For parents, cleaning up the disaster of identity theft for their children is costly and incredibly time consuming. Getting a new Social Security Number is almost impossible, and rarely the best option.

Taking steps right now to protect your child from this horrible crime is one of the greatest investments you will ever make in their financial and emotional future.

Tomorrow, I will cover the steps on How to Protect Your Children from Identity Theft.

Child Identity Theft Speaker John Sileo

Related posts:

1. Child Identity Theft Expert – Part II
2. Child Identity Theft Expert – Part IV Protection
3. Child Identity Theft Expert: A Growing Concern – Part I of 4

Were you surprised the other day when I said that your children are highly attractive targets of identity thieves because they have untouched and unblemished credit records?  Let me tell you just how easy it happens.

How Does It Happen?

All an identity thief needs to ruin your child’s bright financial future is her name and Social Security Number.

“Shouldn’t my child’s age show up on any credit background check, shouldn’t the merchant recognize that the person in front of them buying a car on credit isn’t seven years old?” you ask.

Yes, it should, but the people screening the credit report rarely give it the time and care necessary to detect fraud.

All too often, background checks involve simply matching the name and the Social Security Number provided. This leaves doors wide open for scandalous minds to wreak havoc on your child’s perfect credit. The most unsettling part is that the age of the applicant (in this case, the person posing as your child) becomes official with the credit bureaus upon the first credit application. This makes clearing a sabotaged credit record even more difficult because you have to prove to the credit bureau that your child is only seven and isn’t responsible for thousands of dollars of debt.

In no time at all, your child could have a maxed out credit card, unpaid bills and a huge mortgage for beachfront property across the country. You might not discover the illegal purchases until your child opens a bank account, applies for a job, tries to get a driver’s license or enters college. At that point, you are left with the time-consuming dilemma of cleaning up someone else’s fraudulent mess. If only clearing up a credit report was as easy as cleaning up after your kids.

Do the gaping holes in our current credit system and the audacity of criminals leave you enraged? Me too. And it is imperative that you use your anger as fuel to protect and prepare your children’s future before it is too late.

Child Identity theft is the fastest growing sector of the identity theft “industry,” and the numbers are staggering. Although it’s difficult to estimate exactly how many children lose their identities since the crime can go undetected for years, the FTC states that 5% of identity theft cases target children, which translates into 500,000 kidnapped child identities per year, and growing. The Identity Theft Resource Center discovered that in 54% of the cases, the child was under the age of six.

In my next blog, I’ll talk about Who Does This.

Identity Theft Speaker, John Sileo

Related posts:

1. Child Identity Theft Expert – Part III
2. Child Identity Theft Expert – Part IV Protection
3. Child Identity Theft Expert: A Growing Concern – Part I of 4