First things first: P.I.I. stands for Personally Identifiable Information. According to the Department of Homeland Security (DHS), it is any information that can be found either on the internet or other media that can be directly or indirectly tied to an individual, such as a social security number, home address, or even a community affiliation. Sensitive P.I.I. is information that “if lost, compromised, or disclosed without authorization, could result in substantial harm, embarrassment, inconvenience, or unfairness to an individual” (DHS).

Due to the vast amount of personal information that is exchanged on a daily basis, federally mandated safeguards are in place to keep private information out of the public eye, such as the encryption that businesses provide for your credit card number. Regardless, diligence is still required on our behalf for information that may be available both online and offline, in particular the information that we voluntarily disclose. Here are a few essential steps from the Federal Trade Commission (FTC) to empower you to keep control over your information:

  1. SECURE YOUR DEVICES – Make sure you are using up-to-date anti-virus software and screen locks on all devices. Avoid using the same password for multiple sites and avoid saving passwords in your browser. Do not do anything personal like online banking when connected to public WiFi*. Lastly, delete old email, subscription, and social media accounts.
  2. KNOW WHO YOU’RE TALKING TOSocial engineers will use all kinds of tactics to get their foot through your door! If someone reaches out to you looking for information over the phone, do not disclose anything. For example, if someone calls claiming to be from your bank or a legitimate business, hang up and call the customer service line found on your bank statement or the official company website before disclosing any info.
  3. WATCH WHAT YOU POST – We all love a good dog photo but what are the chances the name of your dog is also the answer to one of your security questions? People can discover where you live, what time you leave your home, who your relatives are, and much more when you overshare or give too many details. 
  4. DESTROY THE EVIDENCE! – Did you know that emptying the “recycle bin” on your computer doesn’t permanently remove those files? Before selling or discarding your devices, ensure that the hard drives are erased and overwritten or that they are physically destroyed to permanently delete your information. If you have a phone, remove the SIM card and delete all data and applications. Periodically shred any paper documents with P.I.I. on it like bank statements, application forms, or notes.

Finally, try doing a Google search of yourself. This is known as “egosurfing” and can reveal what information is readily available about you. Click the following link for instructions on removing sensitive information from Google: You have the right and ability to be in control of your online presence. Have fun and stay safe out there! 

*NOTE: Here’s a quick tip for the holiday season and beyond: when surfing the web for the perfect gift, make sure you are browsing sites that use “https” and have the lock icon in the URL bar. This means the site has a valid security certificate and is using encryption for sensitive communications. Do not enter sensitive information in sites that do not have these features!

NMC Information Security