"It’s not if, but when" Part II: Why Consumers Also Need To Be Just as Vigilant as Companies About Data Security and Preparing for the Next Breach.

In what has become the Nightmare before (and after) Christmas, millions of individuals are dealing with the fallout of the data breach at Target.  The holidays have passed and not a creature is stirring except for mom and dad scrambling to take care of that pesky Target bill showing that they owe a few thousand dollars for a dozen Blu-ray copies of "Pineapple Express," five flat screen televisions, and ten Xboxes.  The wrapping paper, decorations, ornaments and trees have all been packed away and the only remaining vestiges of Christmas are the lights frozen to your gutter and that headache of a bill reminding you that you now have to deal with being the victim of identity theft.  Every year there seems to be another major security breach that hits the news:  Target last year, Yahoo in 2012, Sony in 2011, Facebook in 2010, and T.J. Maxx in 2006.  It really is enough to make you want to go live in a shack on the side of a mountain.  (Okay, maybe not).  But the truth of the matter is that even shunning online transactions and credit cards all together really does nothing to keep your information from digital exposure.  If you have a bank account or credit card somewhere, even only one, then you have some form of digital exposure for your account information to include account numbers, names, ID’s and possibly passwords.  Indeed, even if you choose to only use paper, the banks and vendors you frequent are part of the Internet community.  After all, a man can never be an island.  To engage in the world today is to engage in the digital economy.  A while back, we blogged about the inevitability of data breach for companies and what they could do in advance to mitigate the impact.  Well, the same is true for consumers.  It is inevitable that our data will be involved in one data breach or another.  So, here are some basic steps you can take to minimize the threat of your information being stolen.

1.  Clip the strip! Cash is not always the safest bet for lots of reasons.  For instance, the ATM and credit card you use more than likely has a magnetic strip on the back of it which contains your sensitive information.  This is how information was stolen in a major hack and bank run in 2013 and it was at issue in the Target breach as well.  Push back on your bank or financial institution to cease use of such cards or select a provider who embeds your encrypted information in a chip instead of a strip.  Major card providers are moving in this direction, but slowly.

2.  Credit or debit. Use credit whenever possible.  This may not be the best for financial purposes (assuming you do not pay off the balance), but it can provide better security as it does require a signature instead of a PIN.  PIN information is often stolen with the card, so using only credit provides at least one layer of protection against outright theft in taking your card.  Also, signing your card “SEE ID” instead of signing it with your name provides yet another step, at least with in-store purchases.  More and more vendors are being trained to ask for ID.

3.  Passwords still matter. Use strong passwords and demand strong passwords from those companies that house your sensitive information.  A strong password, generally, is no less than eight characters in length, contains a letter (upper and lower case), a number, and a character (%$!@*).  And don’t use words you find in a dictionary.  Creating such passwords enhances the level of protection for your accounts against password-cracking programs.  At a minimum, it buys time to enable you to cancel or freeze your account.  Regularly change your passwords as well—no less than every six months and any time you think your account may have been compromised.

4.  Get skinny in the New Year! Limit your accounts in number and monitor them regularly.  Every account you have is another opportunity for your information to be stolen.  Not only is limiting the number of credit cards a good financial decision, it can make good security sense.  Use security protections provided by each company as a distinguishing factor on which accounts you keep open (i.e. choose only to use banks with two-factor authentication).  Secondly, the less accounts you have, the easier it is to notice fraudulent activity.  Indeed, with the Target breach, that was one of the first things recommended to all potential victims.

5.  Take credit! Take advantage of your free annual credit report and keep up on accounts opened in your name.

In the end, these tips may do nothing to stop your information from being stolen, but they at least provide some layers of protection, maybe enough of a barrier to enable you to act and disable accounts in the event of a publicized breach.  All you can do is all that you can do, but waiting on others to do it for you is not a good option.  You truly are the first line of defense.  Be vigilant in protecting your information.  No measure is fail-safe, but being proactive can certainly frustrate those who are trying to steal your information.  So, until the next security breach, kick back and relax in the comfort of your family room, pop in "Pineapple Express," and enjoy one of your five brand new flat screen televisions which, mysteriously, seem to have all the picture quality of staring at the wall.

About The Author

Christopher Herman |