A little quiz
Here’s a little quiz for you…What do all of the following have in common?
Ameriprise Financial
Providence Health System
Boston Globe and Worcester Telegram & Gazette
Blue Cross and Blue Shield of North Carolina
Fidelity Investments
Baltimore’s Mercantile Bankshares Corp
Ernst & Young
Veterans Administration
Before I tell you the answer, the last one on the list should be a clue. And here’s a subtle one word clue: stupid.
Since January 1 of this year, stories have been seen in the press reporting over 1.4 million credit cards either stolen or at risk. During the same period, 31.2 million U.S. Citizen’s Social Security numbers along with their names, addresses and other information have been stolen. Think about it - 31.2 million records with enough data to foster Identity Theft.
Whether or not any of this information gets used illegally remains to be seen, but one thing is certain; the folks on the list need to make some management changes.
The answer to the quiz: They all have very stupid employees. The list is the companies who have had employees do painfully stupid things like leave laptops with confidential data in their cars or take them home. The Boston Globe used printouts from their business operations to wrap and distribute bundles of newspapers. And let’s not forget Blue Cross and Blue Shield of North Carolina who probably topped them all by putting Social Security numbers on mailing labels. Fortunately, they only sent out 629 of them.
I’m thinking about starting an annual ‘Stupid Data Handling’ award but I have no idea who to give it to. Do I give it to the VA because they lost 26.5 million Identity Theft records or do I give to Earnst and Young who only lost 240,000 credit card accounts but really should know better since they’re auditors?
Tell me what you think.
Compile a Top 10 list every year. This way you get to highlight 10 dumb companies and annoint one of them #1. Media outlets will eat this list up.
June 10th, 2006 at 11:25 amWhy not have either an honorable mention or possibly a graduated scale from “dimwit” to “numbskull” to “How did management last this long”?
June 10th, 2006 at 11:34 amIsn’t it time that we used a more sophisticated system to prove identity? All it takes is my SIN, phone number, address, birthday and mother’s maiden name for me to prove who I am. This information, in effect, is my identity “password”.
The trouble is that I must disclose my “password” to everyone I need to prove my identity to, and now they and anyone else who looks over their shoulder, or takes their laptop, or breaks into their network, can prove they are me. While it may be true that these companies have not taken proper precautions to safeguard important information, I think that the fundamental identity system is flawed - it is just too easy to break.
I propose that we move to a central, government run database of fingerprints and / or identity passwords. In order to prove my identity I would have to use a special, tamper-proof scanner to enter my finger print or password. It may be that for important documents, such as a mortgage, I would have to go to one of several “depots” where I would see a copy of the document I am trying to sign, and I would have to prove my identity at the depot with my fingerprint. This may be invonvenient, but at least I am protected against someone else imporsonating me and putting a mortgage on my house!
June 10th, 2006 at 12:29 pmLet me get this straight. You want the Gub’ment to run this thing?
Arent they the ones that just lost 31.2 million social security numbers? Is this the same government that has printed “Not to be used for identification purposes” on social security cards for years but allows it to continue?
Not necessarily a bad idea, but let’s let someone else run it. At least with private enterprise, we can punish them if they mess it all up.
June 10th, 2006 at 12:55 pmTom,
I think you should not only do a top 10 list but generate a small web site of a few pages to honor the list. More likey to get picked up by the search engines. The member’s of 911 could put a small link to it from home pages or anywhere. Google and the likes would find it.
Now is just needs a catchy name and keywords so people actually enter it on searches.
A small donation of $5 from 6 to 12 members would cover a year’s costs. I would volunteer to host it but last time I hosted a site like this I just drew flies to the site causing too many hits from nefarious computers.
June 10th, 2006 at 4:12 pm