January 22, 2015
Protecting Personally Identifiable Information (PII) is a big challenge whether that information is in paper or digital format. A few simple steps will take you a long way to securing PII used in your job:
Personally Identifiable Information (PII) is any data on its own or in combination with other data about an individual that could identify that person, such as a name, fingerprints or other biometric data, email address, street address, telephone number, driver’s license number, social security number or personal financial information.
Harm to an individual resulting from an information breach involving PII may include identity theft, embarrassment, or blackmail; organizational harms may include a loss of public trust, legal liability, or remediation costs.
What steps should you take to protect Personally Identifiable Information in your area?
- Don’t share your passwords or write them anywhere around your desk. Lock your computer (password protected screensaver) when you walk away from your desk.
- Files containing Personally Identifiable Information should be kept in locked file cabinets, except when an employee is working on the file. Employees should not leave sensitive papers out on their desks when they are away from their workstations.
- Avoid keeping PII on a laptop by storing the file on a personal (U Drive) or workgroup network drive (V Drive).
- If you don’t already have a laptop lock, request one from the Help Desk. Always secure your laptop. Laptops should never be left visible in a vehicle or at a hotel luggage stand; neither should it be packed in checked luggage, unless directed to do so by airport security.
- At the end of the day, employees should put paper files away, log off of their computers, and lock file cabinets and office doors.
If you have questions about this subject or any other technical matter, please call the Help Desk at (805) 493-3698 or send e-mail to firstname.lastname@example.org.
As a reminder, ISS staff will never ask you for your password.