I don’t know about you, but I’m always a bit paranoid with how much information is out there about me. Whether it comes from Credit Card receipts, or data stored on other people’s servers.
Whether it is your information, or your customer’s, you should always mindful of how personal information is being used. This is the idea behind Data Privacy Day (http://dataprivacyday2010.org/).
Personal identifiable information (PII) while necessary to have in many businesses needs to be handled with care. Consider the following steps when working with your clients (and make sure the companies you work with have similar practices).
- Limit access of PII to only necessary individuals
- Destroy PII documents after they are no longer needed for business or by law. (cross cut shredders, and secure deletion from the computer)
- As a minimum format the hard drives of computers removed from service. (My mother works for a school which has computers donated periodically – you would be surprised what they find when the clean them up before they install them.)
- Perform a security audit to see if any PII is located on unauthorized computers, then close the security holes. (http://www.dbdatafinder.com/ is a link for an application which searches for Social Security Numbers and Credit Card Numbers in all different types of files)
- Come up with a good password requirements guidelines for yourself and your business. (more on this later)
About Walter Wimberly