Keeping your identity safe in a world of clouds
When it comes to protecting personal information on the Internet, Kemesa’s ShopShield operates on a straightforward principle: Give out nothing; CEO Steve Bachenheimer says that “Thieves can’t steal what isn’t there”; the “give out nothing” approach is one of three major approaches to protecting personal information on the Internet: the other two emphasize risk assessment and sidestepping malware.
Identity fraud has been on the rise, and cybercriminals are becoming more cunning and sophisticated. According to Javelin Strategy and Research, 9.9 million Americans were victims of identity theft in 2008, up from 8.1 million in 2007.
The New York Times’s Riva Richmond writes that with all kinds of private information residing in all kinds of places – and cloud computing will make that information reside not only in more places, but in more places we know nothing about — vigilance can be difficult. Using caution when surfing the Internet and keeping antivirus software up to date are vital steps, experts say, but they are not enough. What is more, most tools for fighting identity fraud — credit-monitoring services, fraud alerts, and credit freezes — are reactive, not proactive, and they primarily address abuse of financial accounts, not other types of identity fraud.
Richmond writes that a new breed of products is tackling the trickier matter of preventing identity theft. New approaches include scouring the Internet in search of signs that criminals have your information, so you can move to block them. Other approaches “focus on keeping your data away from criminals in the first place, locking it down while you bank, shop or do other personal tasks online. Here are some ways to keep your information yours,” Richmond notes. She divides the new category of products into three categories:
Assessing risk. There are several services that look closely at Web site for signs of sticky fingers, to know when data reaches the hands of criminals so people can act quickly. LifeLock monitors change-of-address filings and applications for credit cards and jobs made in the names of its customers, so it can alert them. TrustedID, a LifeLock competitor, recently introduced a service that analyzes both public and proprietary data to assess a person’s risk of identity theft.
LifeLock and CardCops, among others, scour the Internet and hacker chat rooms and warn customers if their data is spotted. LifeLock, for one, also tries to infiltrate hacker communities.
Richmond writes that one of the more interesting new arrival in this space is StolenIDsearch.com, a site operated by TrustedID, which uses a database created by Colin Holder, a 30-year veteran of Scotland Yard, that contains stolen records gathered from longtime, trusted informants. The database holds about 138 million records
