Title: How Information Security has Failed to Protect Personal Identifiable Information?

When it comes to protecting private information, no one wants to feel exposed. The most precious information a person may ever possess is their personal identifiable information: a Social Security Number, address, date of birth and even a name. If this information is stolen or tampered with, it may never be restored. Personal identifiable information, or PII as it is commonly known, has been strictly protected for years by lengthy information security regulations. Information security, or IS, works to inspect, maintain, record or destroy information while guarding it against unauthorized access, use or alteration. Most often, this type of security refers to computer-based security, simply because most precious information is now recorded on these electronic systems. The question is: is your information really being protected?

Unfortunately, your PII might not be under lock and key. There are several issues with IS, many of which revolve around people – the ones both protecting and sabotaging your information. Out of all the issues plaguing IS, these are the most dangerous:

• Ignorance. Computer security threats most often occur when computers are hacked or infected through sites, files and other media found through the internet. Employees and individuals that are uneducated in smart internet searching and threat recognition are more likely to invite hackers, infections and identity thieves into their databases. These days, many employees receive very little training on protection against internet dangers, which can result in serious consequences.
• Covering, not solving. When problems are encountered in a system, many individuals focus on finding the infection so that it can be destroyed. Other avenues include wiping the computer altogether to rid it of the virus. However, neither of these methods takes away the source of the problem; if there is a site that is causing the problem, it should be avoided; if there is something else causing the disturbance, it should be discovered, reported and destroyed. Too often the focus is on fixing the immediate problem instead of devising a permanent solution.
• Personal irresponsible action. PII is often disclosed through more simple means than computer hacking; many times, information security problems come directly from people. Individuals that place important information on sites, communicate information over internet messaging, or even disclose private information in the everyday world are at higher risk of security threats. Theft of computers, hard drives and flash drives also occurs frequently in unwatchful workplaces.

All of these issues make IS less effective, and should be taken into serious consideration when any government organization, company or individual is seeking to protect precious personal identifiable information.