Businesses devote time and resources to attracting and retaining customers, but these days all it takes is one data breach or other loss or theft of personally-identifying information about customers to lose their business for good. That's why a major concern of businesses entrusted with the custody of personal data about customers or employees or third parties has become preventing identity theft.
Businesses have been stockpiling more and more personally identifiable information (PII) about customers since the advent of the digital age. PII -- including credit card numbers, social security numbers, birth dates, addresses, etc. -- is often collected in the course of sales, applications for credit or loans, and in the course of employment. This information is often maintained by businesses in computer databases or on disks or is transmitted over networks, such as the Internet. Stealing PII often leads to identity theft -- a crime through which someone uses stolen personal information to get credit cards, take out loans, and/or perpetrate other fraud.
While large corporations may keep more PII, sometimes smaller firms are targeted by ID thieves because they don't have as rigorous data security. "In in a large business there is typically a well-defined set of people who have responsibility for security of computers and information assets. In small to medium businesses, that activity is not as clearly well defined," says Lawrence R. Rogers, a senior member of the technical staff at the CERT Program of the Software Engineering Institute, part of Carnegie Mellon University. "In Mom-and-Pop businesses that collect personal identifying information, they may have someone who installs patches and secures information. It's the same information a big business would have -- although not as much -- but perhaps it's more vulnerable because it's easier to attack."
The following sections will cover the ways thieves use businesses to perpetrate ID theft, how to use encryption to fight ID theft, and other steps businesses can take to better protect data.
Preventing Identity Theft: How Thieves Use Businesses for ID Theft
The Internet has helped fuel the spread of ID theft. Thieves for decades have sought to profit from identity scams, but it used to be that they had to pilfer paper files from record rooms or sort through your trash to find personal information. Nowadays, business information is aggregated on computers and one stolen or lost laptop computer could compromise the PII of millions of customers. In addition, the Internet can be used by thieves and organized criminal gangs to steal information from a business computer halfway around the world and trade it on an underground black market.
Data thieves are just hackers and they are in it to sell this information to others who can use it to carry out financial fraud. "The information has a very short shelf life. Your social security and credit card only goes for about $50 on the black market because it can only use it for a short period of time before it's discovered," Bachman says. That's why thieves are targeting bigger repositories of data. It's like the old adage about asking a criminal why they would rob a bank. The answer is usually because that's where the money is. "That's why data breaches occur," Bachman says. "That's where the data is."
A date breach can be costly for a business. In 2009, the average cost of a data breach rose to $202 from $197 per customer record in 2008, according to The Ponemon Institute, a Michigan-based research center focusing on privacy and data protection. The study found that the average cost of a data breach tallied $6.6 million, ranging from between $613,000 to nearly $32 million.
At DKC associates, we believe that, depending on your needs, you should consider a card with at least one security feature, to protect your company and your valued customers.
We can assist you with choosing the right security features, then the right card printer for the job. For help, please contact us at http://idcardscanada.com/pages/contact-us.
C/O www.Inc.com