Hey web devs! We knew you'd look under the hood. Please pardon the mess...we still have some clean up to do. If it drives you crazy and you want to help us get it perfect, maybe you should join our team! We could use another set of hands!
Tonight, when you get ready to retire for the evening, do me favor. Take your wallet — complete with social security card, credit cards, driver's license, and what the heck, throw in the family pictures — and leave it at the edge of your driveway. Then sleep well. “What?!?!? That's insane. Someone might steal it.” you exclaim. Am I surprised by your reaction? Well, no, I agree wholeheartedly — if you leave your most important personal belongings in a relatively public location — light bulb moment — someone might steal it. This is such an intuitive reaction for us in the world of the “tangible,” but make it “virtual,” and we're leaving our wallets all over everyone's driveways — free for the taking. All I can ask is — what are we thinking?
Identity theft is one of the fastest growing crimes in the United States. The Federal Trade Commission estimates that 9.9 million US consumers were swindled out of approximately $437 million in 2003, up about $100 million from 2002. Of which, $200 million can be attributed to Internet fraud. And don't think that businesses and financial institutions are immune — losing nearly $48 billion to identity theft in 2003. Is this surprising? No, not when you consider that in 1995, there was only one bank that had a Web site capable of processing financial transactions, and by 2000, this figure had skyrocketed to 1,850 financial institutions. Not surprising — when Forrester Research predicts that by 2004, online commerce will reach $6.8 trillion. In essence, the wide open nature of the Internet and its explosive growth in commerce has made it very easy for identity thieves to apply for credit and make purchases by using any well-sourced personally identifiable dataset from almost any location.
With the biggest threat to companies and individuals being the illicit capturing of information, there are two elements to consider in protecting online financial activity: fraud detection (stopping theft in its tracks) and security (keeping out those who do not belong). To guard against fraud, software programs use encryption and detection strategies that are sophisticated enough to isolate most damaging crime schemes within a matter of seconds. The tougher goal to accomplish is the security of the overall system that processes online payments, because as protective software becomes more “intelligent,” so do the cyber criminals who seek to manipulate them for evil. Therefore, security should be viewed as a process — it is not a problem solved with a single solution, but rather an ongoing situation that requires vigilant monitoring and software modification to address the specific needs of a business.
As an individual, there are several things you can do to protect your identity online:
The same is true of Outook — great program with great features — but almost every email worm, bug, and virus is designed to bring it down.
For companies, security means keeping dangerous hackers out of the company's backend databases. Success is the result of employees implementing the aforementioned practices, as well as the company establishing and adhering to a sound security policy. It is an essential — and should be flexible enough to allow employees some freedom to work creatively, but firm enough not to compromise the company's data. To do so:
As the Internet continues to mushroom in size, scope, and complexity, so too do the issues related to the access, usage, and protection of Internet-based information — both personal and corporate. Corporations can anticipate that, on average, 6% of their IT spending must go toward security. But ultimately, it is the choice and responsibility of the individuals and corporations to determine to what degree they wish to establish security. Common sense and the various issues covered here are enough to get you started. Just remember that Internet security is an ongoing process that requires a multitude of approaches that vary with the nature of the underlying threat — find a level of security that works for you, but do not ignore it or it will be costly.