Measure and control IT security

Amid warnings about the risk of identity theft, Canadian insurance companies have begun offering policies that help defray the cost of setting things right, if you fall victim.

Identity theft occurs when a crook uses another person’s name and other personal information such as social insurance number, credit-card number or bank account illegally to make purchases, borrow money or make some other costly transactions without the victim’s consent or even knowledge.

According to research by Phonebusters, a national anti-fraud organization…, thousands of Canadians a year report cases of identity theft — although the rate may be lower now than it was a few years ago.

It can be time-consuming and costly for innocent victims of identity theft to compile the information and get the legal advice required to verify they aren’t at fault. It’s those expenses — such as lost wages, lawyer and notary fees and courier charges — that are covered by identity theft insurance.

“Those are where the real expenses come in. It’s not the $5,000 or $10,000 loan. It’s the expense of clearing everything up,” says Bryan Seaton, spokesman for ING Canada, which recently began offering identity theft protection across Canada.

There has been increased public awareness of the measures — such as shredding documents with account numbers, proper storage of passwords and account numbers and software protections for your computer — that can be taken to prevent your personal information from getting into the wrong hands.

“We have a duty to defend your title. So we do what we can to get it resolved. Or, in a worst-case scenario, we can pay out the money that you’ve lost as a result of this problem,” says Kathleen Waters, vice-president of Title Plus, a service provided by Lawyers’ Professional Indemnity Co.

See full story.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

- Consider investing in a records-management software system to ensure the secure preservation of records electronically.

There are very reputable companies that make software for legal records management. Most of these software systems are licensed per work station, so it can be a costly investment. So whoever is in charge of this should shop carefully.

- Do not consider an e-mail In Box as a tool with which to manage records.

The e-mail systems like Outlook were never meant to be records-management systems. When e-mail files get really large, they tend to get corrupted…

When it’s e-mail, you probably have all kinds of things in there and don’t separate the wheat from the chaff because it takes too much time. So you get sloppy.

If you are going to use your e-mail as a client file, think about what you want in there and what you’d want someone else not to see. Delete it, and then delete the deletion.

- Store records in a location outside the offices of your law firm.

Even in small and midsize firms, there’s so much data it’s hard to back it all up on one tape, and it becomes harder to recover that much data. So some firms are turning to business continuity systems [with which] they send their data electronically off-site so it can be easily retrieved.

- Leave the records-management responsibility to an expert in the field rather than rely on an in-house policy.

Most large firms have had a director of records or a manager of records, which was mostly a paper-pushing position. But what has happened is that 80 percent of records now are electronic, and so it’s an entirely different process to manage electronic records. That’s where an information officer [comes in and] works closely with a records manager to do the overall management of the electronic records.

- Follow the lead of publicly traded business clients, which have had to pay close attention to their record-management practices as federal regulation of those practices has tightened.

Regulation that’s now affecting publicly traded companies, such as Sarbanes-Oxley [a 2002 federal law that established strict standards for corporate governance], will probably come to affect private industries like law firms, and that will mean lawyers will have to be much more careful about how their firms keep their records.

(c) HENRY CHACE

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

Recent files, also referred to as temporary files, are those created automatically and stored on the system’s hard drive. Microsoft Windows uses many temporary files to store data about the users’ web browsing history and settings.

There are some potential risks and dangers associated with recent files, read more about recent files and security risks.

Here are a few simple reminders to help prevent crooks and identity thieves from stealing your holiday spirit:

- Don’t carry your Social Security card with you: Identity thieves can use it to set up new accounts at different addresses without your approval, or your knowledge.

- Take care to remove your bank deposit slips from your purse or wallet as soon as you return home - they often contain important personal information that needs to be closely guarded.

- Carry only one (or at the most two) credit cards with you when you’re out shopping.

- Write the words “see picture ID” on all of your credit cards. While many clerks are trained to check photo identification, it doesn’t hurt to remind them.

- Guard against “shoulder surfers” - thieves hovering around you at the ATM or check-out scanner.

- Carefully shred your bank and credit card statements.

See full story.

We also recommend you to safeguard all sensitive information stored on your PC or PDA. Sensitive data stored on your computer should be protected with specific software tools and kept in a “safe place” on your hard drive or removable devices.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

China has launched an information security certification center in Beijing recently. Information security has become a serious problem in China with the rapid growth of the information industry. “Crimes through the Internet, computer viruses and junk mail has threatened security”.

“Some departments have set up systems on evaluation, licensing or purchase of security products but a unified national system is required to avoid repetition,” said deputy director of the Information Office under the State Council.

Apart from certification of security products, the center would also conduct talents training and technology research and development on information security.

China boasts the world second largest population of “netizens” behind the United States, exceeding 123 million last July.

See full story.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.