Skip to Local Navigation
Skip to Content
California State University, Long BeachCalifornia State University, Long Beach
Skip to Content

November 2007

printable version

Next Page

101. Introduction to Information Security Management

Prerequisites: None
No grade.

  1. Foundations of Information Security Management It is impossible to pinpoint the date when concerns about information security actually began but by 1977 the legislators of the state of California had already begun to worry about threats to individual privacy. Their concerns resulted in the passage of the Information Practices Act of 1977. While the legislation is lengthy and complex, the legislative findings are clear and to the point: "The Legislature declares that the right to privacy is a personal and fundamental right protected by... the Constitution of California and by the United States Constitution and that all individuals have a right of privacy in information pertaining to them." The Legislature further makes the following findings:
    1. a) "The right to privacy is being threatened by the indiscriminate collection, maintenance, and dissemination of personal information and the lack of effective laws and legal remedies.
    2. b) The increasing use of computers and other sophisticated information technology has greatly magnified the potential risk to individual privacy that can occur from the maintenance of personal information.
    3. c) In order to protect the privacy of individuals, it is necessary that the maintenance and dissemination of personal information be subject to strict limits."
  2. Definition Information Security Management is the application of "techniques, technical measures, and administrative measures to protect information assets from deliberate or inadvertent unauthorized acquisition, damage, disclosure, manipulation, modification, loss, or use." McDaniel, George, ed. IBM Dictionary of Computing. New York, NY: McGraw- Hill, Inc., 1994.
  3. Responsibilities:
    WE ARE ALL RESPONSIBLE FOR INFORMATION SECURITY

Identity Theft – A Growing Concern

Identify theft, by legal definition, is "taking someone else's personal informationand using it for unlawful purposes." Over 8,000,000 U.S. residents were victimsof identify theft in 2006. That represents about 4% of adults, including more
than a million Californians.

In 2006, the average victim spent $531 repairing the damage done by an identitythief. This included costs such as postage for certified mail, letters to creditorsand credit bureaus, photocopying, and legal fees. It took 25 hours, on average,
for a victim to clear up his or her situation.

The total cost of identity theft in the U.S. in 2006 was $49 billion. Victimspaid about $4.5 billion of this and the rest was paid by merchants and financialinstitutions. Because consumers ultimately pay the business costs through higher
prices for goods and services, we all pay for identity theft.

Criminals can only assume your identity if they have access to your personal
information. The following tips may prevent you from becoming a victim:

  • Never give anyone your credit card number or related information over the phone unless you initiated the call or are dealing with someone you know. Similarly, avoid confirming such information to a stranger on the telephone.
  • Never respond to e-mails requesting account numbers, passwords, or other personal information.
  • Do not carry your Social Security number with you.
  • When using an ATM, shield the viewing screen or keypad so that others cannot read your Personal Identification Number (PIN).
  • Do not write your Social Security number or credit card numbers on checks. The Social Security number is a prime target of criminals and provides them with the key to unlock a variety of personal facts about you. (See related article: "Restricted Use of Social Security Numbers")
  • Do not leave outgoing mail in your home mailbox. Use secure mail drops or drop off mail at the post office.
  • Shred all documents containing account numbers or other personal information before disposing of them. Bank and other financial statements, ATM and credit card receipts, and pre-approved credit offers are among criminal's favorite source of information.
  • Stop mail solicitations of pre-approved credit card applications by removing your name from credit bureau marketing lists. You can do this at www.optoutprescreen.com or by calling (888) 5OPTOUT.
  • Keep a list of all credit card account numbers and expiration dates so that you can contact creditors quickly.
  • Finally, review your credit report regularly and check for unfamiliar accounts or charges that may indicate fraud. California law allows you to receive free credit reports annually from the three major credit bureaus - Experian (formerly TRW), Equifax, and TransUnion. You may request your free credit reports at www.annualcreditreport.com or by calling (877) 322-8228.

Most importantly, remember that personal information about you –your SocialSecurity number, account and PIN numbers, and birth name – is the key to youridentity. In the wrong hands, such information can be used at your expense.Bureau of Crime Prevent & Youth Services, Los Angeles County District Attorney's Office