Each day, as infosec professionals, we dedicate ourselves to protecting our client’s most valuable assets. We spend countless hours focused on keeping data, intellectual property, systems and files out of the hands of cyber criminals. Our clients win and we win—at work. But what are we doing about protecting our most valuable assets at home—our children’s digital identity?
Child identity theft is considered to be one of the fastest-growing crimes. Kids’ identities are stolen over 50 times more than those of adults! We’re often so focused protecting our kids from so many threats in the real world; we forget that in cyberspace bad guys are stealing children’s identities to open credit cards, apply for loans, rent homes and even receive health care. Bad guys make money by selling and reselling the same child’s identity over and over. And they get away with it because parents don’t think about monitoring their son or daughter’s identity.
Why is this important? Children could potentially lose out on future jobs, internships and loans that require a clean background check or credit report—all because they were victims of identity theft as kids. That’s a future I’m trying to help my daughters avoid. Growing up in the real world is difficult enough that I don’t want their digital lives to hold them back.
Unlike our clients—who have budgets, IT managers, lawyers and executives demanding attention—children only have us on their side. Perhaps in the whirlwind of dollars and income statements, we underestimate the value of our most vulnerable assets—our kid’s entire digital life? Why as infosec professionals do some of us forget about creating a security strategy for our kids at home when advocating for cyber defense is what we do all day?
If we truly want a secure future, we must ask ourselves—what are we doing to protect all the kids in our lives like we do our clients? Kids don’t buy enterprise grade security solutions today. But does that not mean we don’t have a social responsibility to help their tomorrow? This is why I now bring infosec home with me. And it’s something each of us can do.
Here’s what I know: I may not be able to understand my daughter’s infatuation with Elsa but I can prioritize protecting her identity so her future credit isn’t frozen. And it’s not just my daughter; it’s all the kids in my life. One place cybersecurity professionals can begin protecting our most vulnerable assets is by safeguarding the identities of the kids in our own lives— our children, nieces, nephews, grandkids, neighbors, our children’s friends—by protecting those we can and educating those we talk with.
Many parents outside of security circles don’t consider their children’s identities until later in life. But as we know that’s too late. So let’s start by teaching parents the warning signs that their child’s identity might be in jeopardy.
- Has the IRS sent a notice saying your child didn’t pay income taxes or that your child’s social security number was used on another return?
- Are you getting collection calls or bills in your child’s name for services you didn’t receive?
- Did you get declined for government benefits because the benefit is getting paid into another account using your child’s social?
- If your wallet was stolen—were you carrying information about your children inside?
If the answer is yes to any of these questions, it’s time to act! And as infosec professionals, we can encourage parents to do the following:
1. Check whether your child has a credit report by asking each reporting company. Equifax, Experian, and TransUnion—to perform a manual search of your child’s file. The companies will check for mentions of your child’s name and social security number, as well as any files using only your child’s social. In addition, monitor your own credit report for mentions of your children. If your child shows up, it’s a signal that someone might be using their identity because, by law, children under the age of 18 are not to be mentioned in credit reports.
2. Request the credit reporting companies to remove all accounts and collection notices from your child’s name and social security number. Then place a fraud alert on their account and file a fraud report with the Federal Trade Commission.
3. Consider purchasing a service that will monitor your child’s identity for signs of identity fraud. This is a gift I’m giving the kids in my life for the upcoming holiday season.
4. Every “Sweet 16” birthday celebration shouldn’t be considered complete until you’ve checked your son or daughter’s credit report. That way if you find any evidence of fraud or misuse, you have time to correct it before they apply for a job, school or car loan, or a new apartment—when they, or you, are ready to move out of the nest.
Remember treat your kid’s personal information like you treat your own. It seems these days everyone wants information on all of us that they don’t really need. So be especially guarded when it comes to sharing your child’s identity because you might be putting their future at risk. And in my life—my daughters are the most valuable assets of all.
So infosec – let’s protect our kid’s assets like we do our best clients. Our children deserve the very best we can give them in this digital world and an identity free of fraud and abuse is a good start. As our kids live digital lives, we must be Infosec parents too!