Ready to Start Your Career?

By: ryan c
August 7, 2015
A Synopsis of Personally Identifiable Information (PII) for End-User Security

By: ryan c
August 7, 2015
Updated October 2018 Regarding, end-user security, the term PII is commonly referenced. PII, or Personally Identifiable Information, consists of data that can allow an individual to trace and/or contact another person. This type of information may indicate an individual's name, address, the type of car a person owns, credit card numbers, the names of family members, email addresses, telephone numbers, the locations of schools that an individual has attended and a person's driver's license number.Knowing the limits of what to provide, and when, can be a critical element in end user security. In some cases, criminals are far more clever than simply sending an email asking a user to enter their social security number into a random, creepy website.Given the sensitivity and criminal capabilities behind access to PII, many organizations are tightly regulated and required to treat the storage and transfer of PII in a very secure manner. These regulations often effect the jobs of many - even non-technical staff members within an organization. Therefore, it's critical that all members of an organization know what PII is, and how to treat it when they see that they are handling it. Protecting Data within an OrganizationMany websites that request personal information feature security software that encodes all data in each server. These programs can also alert web designers if a database has been breached, and the software may evaluate the actions of visitors who are using unknown IP addresses. These processes do not generally play a part in the interaction between PII and an individual within an organization. Regulations and Laws That Affect Information in the United StatesAccording to HIPAA's policies, a company may not provide an individual's personally identifiable information to a third party unless the customer signs a waiver. The regulations also prevent companies and medical facilities from displaying the information in a non-encrypted manner. HIPAA's regulations have helped to decrease the sale of personal data, so far.Additionally, the Payment Card Industry Security Standards Council has created regulations that require financial institutions that issue credit cards to:
Stay secure with Cybrary's End User Security training course, free.
- add effective firewalls to their networks
- frequently update software that may prevent a virus
- give a distinctive identification number to each individual who can access personal data
Stay secure with Cybrary's End User Security training course, free.