With all the various security exploits of the past several months, I wanted to share two emails that I received over the past week. One was from USAA, the financial services giant that offers a variety of banking and insurance programs to military families. The other was from a security consultant. Both offered suggestions on how to protect your digital and online identity, but both had diametrically opposite suggestions.
The USAA email (and it was really from them) pointed to a page of theirs that reviews various security suggestions. There are tips on how to use social media wisely (such as don’t reveal too much on the first date) and how to watch out for ATM card skimmers (those add-on devices that can collect your PIN and card data).
USAA offers million-dollar liability protection in case of fraud – which more card issuers are doing – and a zero dollar deductible – which more card issuers should do. They also offer Trusteer Rapport software to flag phishing sites for free, along with a free Symantec VIP soft token for additional factor authentication to secure your account logins. Great for them, and one of the reasons why I like doing business with them.
All of these tools and tips are very practical, very easy to implement, and very sensible.
But let’s take a look at my second email from the security consultant. Here you have the opposite approach, of suggestions that border on the onerous if not impossible to implement. I won’t mention their name, but here are their suggestions on limiting ID theft. The first point was:
- Set Google Alerts on yourself and know what information is assessable about you online. (This is a really good idea and something everyone should do anyway, regardless of vanity or security issues.)
But then things started getting weird:
- Get a PO Box that is not in the same Zip code as your house, and have your bank statements sent there.
- Set your insurance address and vehicle registration for the PO Box too.
- Change the deed on your house to a trust that has nothing to do with your name. Set that mailing address to, guess what, the same PO Box.
Does this strike you as somewhat paranoid? I get it, I mean, having the PO Box in some random location could really help if your car is stolen, or if you are robbed and your wallet taken, or someone is doing an online search for your records and decides to target you. But how many of us are going to go through the motions for the above suggestions? Not many.
Sure, ID theft is a problem, especially as Target, Yahoo, Sears, et al. release millions of records unintentionally. For another perspective and what corporate IT managers can learn from these situations, check out my post on Ricoh’s WorkIntelligent.ly blog today here.
Be safe out there people.