Reducing risk of online ID theft

By

The total cost of U.S. identity fraud in 2004 was $52.6 billion, with 11.6 percent of stolen identity information obtained online, according to Javelin Strategy & Research and the Better Business Bureau. The proliferation of online applications providing access to confidential identity data has magnified vulnerabilities that are not adequately addressed by traditional network security techniques. The following policies, procedures and systems are recommended to implement a security program for online applications.

Bruce Pharr is director of marketing for Covelight Systems

Reducing risk of online ID theft
  • Develop secure web applications: Follow best practices in web application development, as represented by the Open Web Application Security Project (OWASP).
  • Check identities and backgrounds before authorizing access: The Identity Theft Assistance Center is one resource where members can quickly check application information against a database of known identity thefts.
  • Institute strong authentication procedures: Strong authentication, such as a PIN token, a smart card calculator or another soft mechanism, makes fraudulent access more difficult, but not impossible.
  • Monitor and compare user activity to detect suspicious behavior: Strong authentication is not sufficient to protect sensitive customer information, especially from employees and other authenticated users who may succumb to the temptation of theft or malicious conduct. 
  • Develop a comprehensive incident response plan: There is no absolute means by which an incident can be prevented. Therefore, it is imperative that companies develop appropriate incident response plans, including remediation and communication strategies.
Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:

Most Read Articles

Qantas contacted by "potential cyber criminal"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

SA Power Networks tackles IAM, cloud security under five-year strategy

Qantas facing 'significant' data theft after cyber attack

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

Log In

  |  Forgot your password?