State of Texas
Department of Information Resources
Leadership for Texas Government Technology

October 2008
Volume 2, Issue 10.1

Personal Privacy: How to Protect Your Information

As we continue to conduct more business online, such as banking, shopping, and other activities, our personal information (name, Social Security number, credit card account, address, etc.) is increasingly being utilized. Personal information has become a frequent target for data thieves, and the volume of breaches involving personal information continues to grow. According to the Privacy Rights Clearinghouse, more than 240 million records containing sensitive personal information have been involved in security breaches to date nationally.

What Personal Information is Collected?

Many organizations are interested in obtaining and using your personal information, and it’s important to know what information is being collected, by whom, and how it will be used. Web sites track users as they navigate cyberspace. Data may be collected about you as a result of many of your routine activities including:

• When you make purchases and pay bills with credit cards, you leave a data trail consisting of purchase amount, purchase type, date, and time.
• When you pay by check, data such as phone number, home address, driver’s license number, etc., may often be requested to verify your identity.
• When you use supermarket discount cards, the store is able to create a comprehensive database of everything you have purchased.
• When you surf the web, you leave a significant data trail including your name, email address, the Internet address of your computer, the name of your computer, the last time you visited that particular site, the type of browser, and operating system you are using.
• When you sign up for a subscription or service (for a magazine, book or music club, professional association, warranty card, etc.) or give money to charities, your personal information is often collected and stored.

How can I Protect My Personal Information?

Use the following tips to help manage your personal information wisely, to help minimize its misuse, and to lessen the risk of your personal information being compromised:

• Most legitimate websites include a privacy statement. This is usually a link at the bottom of the home page. The privacy statement details the type of personally identifiable information the site collects about its visitors, how the information is used—including with whom it may be shared—and how users can control the information gathered. Be sure to read the privacy statement on web sites you are visiting prior to providing any personal information to gain an understanding of that entity’s policy regarding data protection.
• When shopping online, guard the security of your transactions by ensuring that the transaction is submitted securely. When submitting your purchase information, look for the lock icon on the browser’s status bar to be sure that your information is secure during transmission.
• Periodically check your Internet browser settings (e.g., Security and Privacy) to ensure that the settings are adequate for your level and type of Internet activity.
• If you are not already using anti-spyware or adware protection software, start now. This software is designed to protect against spyware or malware, which extracts private information from your computer without your knowledge. Keep your anti-spyware or adware protection programs updated.
• Install and enable a firewall on your computer. .
• If you store private data on your laptop or other portable electronic devices (e.g., USB), use encryption software to protect your private data in the event the device is lost or stolen. AxCrypt is an excellent, free, downloadable encryption utility.
• Use strong passwords on all of your accounts. Use a minimum of eight characters and a mix of special symbols, letters, and numbers.
• To protect against identity theft, always question anyone who asks you to reveal any personably identifiable information. Find out how it will be used and whether it will be shared with others.
• Keep items with personal information in a safe place. Tear or shred receipts, copies of credit applications, insurance forms, health records, bank statements, or other personal documents, before you discard them.
• Order a copy of your free annual credit report at least once a year. Make sure it’s accurate and includes only those activities you’ve authorized.

ADDITIONAL RESOURCES

To learn more about protecting your privacy, please visit the following sites:

• Consumer Action
• Electronic Privacy Information Center
• World Privacy Forum

For previous issues of the Cyber Security Tips Monthly Newsletter, please visit DIR Cyber Security Tips.

For more information on Internet security, please visit SecureTexas. SecureTexas provides up-to-date technology security information as well as tips to help you strengthen your part of Texas' technology infrastructure. Report serious information security incidents as quickly as possible to your agency's Information Security Officer and to DIR’s 24/7 Computer Security Incident Notification hotline: 512-350-3282.

For previous issues of the Monthly Cyber Security Tips Newsletter, please visit www.dir.state.tx.us/security/reading.
For more information on Internet security, please visit the SecureTexas website – www.dir.state.tx.us/securetexas. SecureTexas provides up-to-date technology security information as well as tips to help you strengthen your part of Texas' technology infrastructure. Report serious information security incidents as quickly as possible to your agency's Information Security Officer and to DIR’s 24/7 Computer Security Incident Notification hotline: 512-350-3282.

Brought to you by MS-ISAC | Powered by United States Computer Emergency Readiness Team | Distributed by Department of Information Resources and SecureTexas

Copyright Carnegie Mellon University | Produced by US-CERT