PII Protection and Security

PII Protection & Internet Privacy Monitoring

With rapid technological growth including the steady rise of online shopping and the recent boom in remote work and learning, protecting PII is becoming ever more vital for security, safety, and basic economics.

What is PII (Personally Identifiable Information)?

Personally identifiable information, or PII, is any data or information about an individual that could potentially be used to identify a particular person. Examples of this typically are divided into two main categories 1) any information used to distinguish a specific individual, and 2) any other information that is linked or linkable to an individual.

PII includes:

Linked information is usually more direct and includes personal information such as:

  • Full name
  • Home address
  • Email address
  • Social security number
  • Passport number
  • Driver’s license number
  • Credit card numbers
  • Phone number
  • Date of birth
  • Telephone number
  • Owned properties e.g. vehicle identification number (VIN)
  • Login details
  • Processor or device serial number
  • Media access control (MAC)
  • Internet Protocol (IP) address
  • Device IDs
  • Cookies

Linkable information is oftentimes more indirect. For the most part, this information on its own cannot identify an individual but when combined with other pieces of information it can be used collectively to identify, trace, or locate a person.

Some examples of linkable information include:

  • First or last name (if common)
  • Country, state, city, zip code
  • Gender
  • Race
  • Non-specific age (e.g. 30-40 instead of 30)
  • Job position and workplace

Whether you are an individual, organization, business, website admin, app creator, or product owner, it’s important to be aware that the traces you or visitors to your website leave behind could be sensitive in nature — PII data protection helps ensure that sensitive information remains secure.

Risks of Not Securing PII

With rapid technological growth including the steady rise of online shopping and the recent boom in remote work and learning, protecting PII is becoming ever more vital for security, safety, and basic economics.

Without privacy monitoring or PII data protection, individuals and customers become susceptible to breaches and violations that can come with some serious consequences — namely identity theft. From a legal standpoint, grasping the big picture regarding online privacy protection is crucial for an individual or an organization’s security and legal compliance.

PII Security Risks to Individuals

Technology is only going to continue to advance and with that our digital footprint will grow larger and larger over time. Privacy monitoring is quickly on its way to becoming one of the most important elements a person can do to protect their own PII, but understanding the major methods behind how PII becomes compromised is another way to easily protect yourself.

The Most Common Ways PII Security Can Be Compromised for Individuals

Public Wifi - If you’re in a popular public area such as a coffee shop, airport, or hotel it’s important to verify the wifi network you’re joining. Hackers are known for setting up fake hotspots in order to steal unprotected data. Avoid logging into any website that stores your important information like your bank or social media while on an open network to stay more secure.

Email and Phone Phishing - Hackers often use the trust we have in a company we engage with regularly to phish for our personal information in order to steal people’s identity and commit fraud in their name. Before you give your personal information to anyone, be sure to verify their identity first, this means calling the company directly or logging into their website without clicking on any email links to ensure no scam is currently taking place.

Documents and Forms  - Even though we all know the importance of keeping our social security number (SSN) secure, it’s still one of the most common ways hackers steal people’s identities, and they can do this by gaining access to documents and forms. One main target is the healthcare industry. Don’t feel obligated to list your SSN on new patient forms, oftentimes you can leave this section blank as the facility may request it, but it is not a requirement.

Social Media - The average online user has at least eight social media accounts-- this leads to many different log-ins and points of sign up for sharing their personal data. Having any social media account always creates the potential for over-sharing as well, in turn the opportunity for online threats increases exponentially.

There are three most common threats to your PII security via social media include:

  1. Cyberbullying - When someone sends, posts, or shares negative, harmful or false content on any online platform such as social media, texts, direct messages or emails with the sole intent of causing harm, humiliation or embarrassment.
  2. Doxing - Publically broadcasting an individual or organizations private information in order to cause political unrest or violence.
  3. Reputation defamation - When your social media account gets hacked and something gets posted that is inappropriate or profane in nature.

When using social media of any kind it’s vital to limit the amount of information you post-- this will reduce threats to your financial and even physical well-being leaving your personal data more secure and less vulnerable to any attack or theft.

You can protect your identity by updating your account passwords with longer and more complex passwords, and not reusing them for every network.

Risks to Companies

As a business, it’s important to make sure your PII data is secure for both your employees and your customers. Hackers are often drawn to businesses because they extract large amounts of PII at one time and then sell that sensitive data on the black market for a pretty penny. Not only can unsecure PII be used for identity theft, fraud, and social engineering attacks, if your company is subject to data breaches, you can find yourself losing customer trust and loyalty as well as potentially paying heavy regulatory fines.

PII Compliance & Regulation

Whether you’re a government-run entity, a retail shop, or a medical office, there are different types of regulations and compliance laws you must abide by depending on the type of organization you are or the industry you work in. The regulations that have been put into place help you prioritize your company’s most sensitive date.

Some of the regulations you could be subject to include:

  • The Payment Card Industry Data Security Standard (PCI DSS)
  • European Union (EU)’s General Data Protection Regulation (GDPR)
  • Health Insurance Portability and Accountability Act (HIPAA) and HITECH ACT
  • National Institute of Standards and Technology (NIST)’s cybersecurity standards
  • The Criminal Justice and Immigration Act
  • The Gramm-Leach-Bliley Act GLBA

Standards exist for PII data protection for businesses to help protect all parties involved including the business, the employees, and the customers, adding additional data privacy monitoring is one solution to bring added security to your daily workforce.

How IDShield Protects & Monitors Your Online Data Privacy

To level up your privacy monitoring consider adding identity theft protection software to your regular security practices.

IDShield helps you:

  • Monitor your credit and catch suspicious new activity quickly
  • Scan the dark web for your email address/account information
  • Alert you of any suspicious activity on your social media, financial accounts, and more
  • Scan social media posts for inappropriate information that could hurt your employment or professional image

Sometimes, identity theft still happens. With IDShield you can feel confident that our comprehensive restoration services and policies will help you restore your identity quickly with a professional team who can guide you through any threats to your identity.