PII-What is it and why do we want to protect it?
Personally Identifiable Information (PII) is a legal term pertaining to information security. While PII has several formal definitions, generally speaking it is information that can be used by organizations to identify, contact, or locate an individual person. This can be using the information on its own or using it to identify the individual in the context of other information that may not be PII.
Sensitive Personally Identifiable Information (SPII) is a subset of PII that requires additional levels of security control. SPII includes Social Security numbers (or comparable identification numbers), financial information associated with individuals, and medical information associated with individuals.
The reason that PII and SPII require protection is that they can be used to commit fraud or to steal an individual’s identity. Depending on what a thief is trying to accomplish, they will need varying amounts of information. To open certain accounts all they would need is an email address, while others require a name, address, date of birth, a social security number, and possibly more.
It’s also important to consider that accounts of all kinds can be opened over the phone or via the internet without having to meet anyone in person. This leaves room for criminals with enough stolen information to open bank accounts or file claims using another individual’s information.
LFS with Mimecast
Mimecast's Large File Send feature can be used to protect privileged information like PII and SPII. For more information, please see the following article for more assistance: Mimecast Large File Send
Adobe Password Protect
Another way to safeguard information is to encrypt it using Adobe Acrobat. If you want to protect your Adobe PDF documents so that only the intended user can view them, follow these directions:
- Open the PDF and choose Tools > Protection > Encrypt > Encrypt with Password. (If the Protection panel is not visible, choose View > Tools > Protection.)
- If you receive a prompt, click Yes to change the security.
- Select Require A Password To Open The Document, then type the password in the corresponding field. For each keystroke, the password strength meter evaluates your password and indicates the password strength using color patterns.
- Select an Acrobat version from the Compatibility menu. Choose a version equal to or lower than the recipients’ version of Acrobat or Reader. The Compatibility option you choose determines the type of encryption used. It is important to choose a version compatible with the recipient's version of Acrobat or Reader. For example, Acrobat 7 cannot open a PDF encrypted for Acrobat X and later.
- Select an encryption option:
- Encrypt All Document Contents
Encrypts the document and the document metadata. If this option is selected, search engines cannot access the document metadata.
- Encrypt All Document Contents Except Metadata
Encrypts the contents of a document but still allows search engines access to the document metadata.
Note: The iFilter and the Find or Advance Search commands of Acrobat do not look into the PDF’s metadata even when you select the Encrypt All Document Contents Except Metadata option. You can use a search tool that takes advantage of XMP metadata.
- Encrypt Only File Attachments
Requires a password to open file attachments. Users can open the document without a password. Use this option to create security envelopes.
- Click OK. At the prompt to confirm the password, retype the appropriate password in the box and click OK.
For more information please see Securing a Document with Adobe Encryption