Kroll Fraud Solutions Blog – A Dialogue on Data Security

The holiday shopping season is in full swing, and this time of year always fuels interest in the latest cyber security threats that are affecting retail and associated industries. With that in mind, Kroll’s upcoming newsletter will feature tips and threat information that’s essential this holiday season. Of course, sometimes it’s not the latest and greatest risk or new technologies that companies have to worry about – and as the following case studies illustrate, retailers would do well to brush up on history.

As Director of Operations with responsibility for product development, I do my fair share of media interviews. I can only guess it’s that visibility which caused me to receive a very interesting e-mail recently. Now, bear in mind that I’m also a Licensed Investigator – which makes me (sometimes unreasonably) skeptical. But I’m convinced my instincts were spot on this time. And, because you may not be as cynical as I am about such invitations, I want to share my experience with you so that you’re on guard against leaking your own intellectual property. Here’s what happened.
I got an e-mail offering me a small stipend to lend my product expertise and perspective to a survey. The researcher was interested in talking about market drivers, customer channels, and trends in the identity protection market. We could do it over the phone, and it would take only 45 minutes or so. Flattered? Sure – doesn’t everyone want their ideas and suggestions to be considered valuable? But I balked … it didn’t feel right. In fact, it felt like a way to pick my brain (and probably a few others’) in order to develop product features based on my answers.

Sure enough, a phone call by our PR team to the researcher uncovered that the study results would not be made available to the public. It was a private report, commissioned by a private client. The researcher “got a little jittery” and cut the call short when we asked about that client.

Now, admittedly, this may have been a completely legitimate study. But why risk freely giving away insight that can stoke a competitor’s fire? What would happen if someone at your company received an invitation like this? Are you confident that your colleagues are protecting sensitive, confidential data – client and employee information of course, but also proprietary knowledge or ideas that are unique and valuable?

Stay on guard, and let us know if we can help you stay secure.

Simply put, data minimization is the practice of eliminating unnecessary information stored by an organization or individual for the purpose of decreasing risk of information breach and, possibly, identity theft. Why is this important? Because thieves can’t steal what you don’t have – if you eliminate data, you eliminate risk. Naturally, you can’t eliminate what’s necessary for business functions or what’s required by law for record keeping purposes, but most companies have a long way to go before they hit the “minimum required” threshold. If you’re planning on revising your data minimization policies this year, here are a few tips to consider:

Tip #6: Seasonal Deal or Scam?

This time of year, scammers are out in force, and if an offer seems too good to be true, it probably is. A few traditional scams to be on the watch for:

Tip #4: Protect Your Home for the Holidays
Will you have guests in your home for the holidays? Once upon a time, the biggest concern you might have in hosting a get-together for friends, family or co-workers was the snoop who peered inside the medicine cabinet. Unfortunately, many identity theft victims know their perpetrator, or else have had personal interaction with him or her. It’s particularly alarming to think that the threat of identity theft could come from a friend, relative or neighbor, but there are several simple steps you can take to ensure your safety: