July 09, 2014

FIFA: Why Information Security is Key for Major Events

In preparation for the World Cup, security experts told FIFA authorities to expect the unexpected... and the unexpected is exactly what happened.

An hour before England played Ecuador in a 2-2 friendly draw, the passport numbers of England's World Cup squad were mistakenly included in team sheets that were handed out in the press box at the Sun Life Stadium in Miami. Within minutes, the passport numbers were published on social media.

This was a great example of why information security is a huge issue at these kinds of major events. Any security issue is heightened by the sheer number of people involved – in the case of FIFA, millions were likely logged on to watch the game. Furthermore, the speed at which information is now shared online means stopping a data breach is next to impossible.   

While the press made light of the incident, passport numbers are on the list of numbers that identity thieves want, says U.S. identity theft expert Adam Levin.

In a blog posted at credit.com, Levin reported that passport numbers are critical elements of personally identifiable information that represent major pieces of a person’s identity puzzle.

“Once you have the number, the document can be counterfeited,” he said.

Identity theft continues to be a huge problem everywhere.

In the U.S. for example, the 2014 Identity Fraud Study released by Javelin Strategy & Research reports an increase of more than 500,000 fraud victims to 13.1 million people in 2013, the second highest number since the study began. Identity fraud is the unauthorized use of another person’s personal information for illegal financial gain.

Identity theft happens to individuals but the data breaches often occur in connection to a workplace. Business identity theft is becoming more common too. 

While individuals are advised to protect their private information at all times especially when giving out personal details on the phone or online, here’s how a workplace can lower the risk of a data breach: 

  • Create a culture of information security from the top down.
  • Develop information security policies and protocols that mandate secure document storage and disposal practices.
  • Utilize all of the latest IT security including encryption, data loss prevention, identity and access management, and endpoint security tools.
  • Provide training so employees and everyone involved are familiar with and follow information security best practices.
  • Conduct regular security audits to assess performance and identify risks.
  • Shred documents that are no longer needed on a regular basis. Partner with a professional shredding company that provides a secure chain of custody and a certificate of destruction after every shred.
  • Implement a shred-all document destruction policy – to avoid the risks of human error or poor judgment about what needs to be shredded.
  • Ensure electronic data is protected too by securely and safely destroying hard drives and e-media.

Learn how to prevent identity theft in your workplace with secure document destruction.