|One Step Ahead
March 17, 2009, Volume 55, No. 25
Another tip in a series provided by the Offices of Information Systems & Computing and Audit, Compliance & Privacy.
What's The Half-life on an SSN?
We are sometimes surprised at what’s on our computer.
With the advent of data breach notification laws, when an employee computer goes missing, data privacy is the first concern. Employers want to know their risks and common practice is to scan any available backups for confidential information. Often, news coverage of data breaches note that the employee was unaware of sensitive records on the stolen computer.
But if we’ve upgraded our computer a couple of times and it’s been our practice to cannibalize data from the old computer, it can be easy to forget that we’ve carried forward into the present a growing privacy risk. The same is true of our confidential personal information any time we use computers to prepare our taxes, make credit card purchases or manage our finances.
Help is available. Under Penn’s Social Security Number policy, faculty and staff are remedying past practices. Through Penn’s Office of Software Licensing “Identity Finder” software is available for purchase to track down sensitive data before it becomes a problem, www.business-services.upenn.edu/softwarelicenses.
To receive weekly OneStepAhead tips via email, send email to firstname.lastname@example.org with the following text in the body of the message: sub one-step-ahead <your name>.
For additional tips, see the One Step Ahead link on the Information Security website: www.upenn.edu/computing/security/.