As individuals, we are used to protecting our digital assets on our home computer, in our home, and in our workplace. But when we hit the road as road warriors or seasoned travelers, we expose ourselves to potential threats that we are not always prepared for, even for the wariest of digital natives.
I read recently an article on how loyalty programs can deepen traveler engagement, improve profits and drive brand allegiance. But it is not just loyalty programs that bring benefits in this digital age but traveler protection programs, specifically in the form of identity protection. The travel industry, as well as insurers and corporate travel organizations, are starting to see the benefit of educating high-worth individuals in protecting their digital assets. I call this identity protection as a service (IDaaS), and the trend here is to provide this in a business context as part of relationship-building between organizations and their high-value clients. Yes, consumer identity theft protection programs have been around for quite a while, but this is focusing on those traveling for business and exposing data assets while in motion.
I recently did a “test drive” of such a personal identity protection solution, thanks to Generali Global Assistance (GGA) letting me have a look and feel of their Iris Identity platform. There are many consumer-oriented solutions out there, but this one was unique in that it tries to not only protect the business individual but educate them on the risks that exist as well as focus on rapid and high touch service in the remediation. The Iris solution is unique to their platform, and their system continually scans the Internet and alerts you if suspicious activity is found. They are searching for compromised credentials and potentially damaging use of your personal information, detecting fraud and providing alerts so you can take immediate action. The high-end aspect of this service is the 24/7 remediation services and their certified identity theft resolution specialists. The solution also provided a resources area in the dashboard for articles and information about protecting yourself from identity theft.
As a user, you start by logging into the identity monitoring dashboard and provide a number of identity pieces of information, such as your social security number and date of birth. The more information you provide; the more data they can comprehensively monitor on your behalf. But there is the kicker, and I chose to provide a limited set of data. Because I am not a trusting soul, I wanted to see what it did with my data before I went any further. The good news is that a month and then two months later, I received my monthly Identity Status Reports which reassured me I was low-risk, and gave me several articles to read on identity protection to be better informed of issues and trends. My low risk status may be based on my travel patterns and data habits while traveling, and it also might be that my data sets are outliers as I am a resident overseas, therefore not the usual kinds of data fraud occur with my data set. In working with another Know Your Customer (KYC) solution provider recently, I also had an overview of the kinds of data correlations in use in banks and other institutions looking for fraudulent data usage in a business context, and I could see what kind of data correlations would lead to potential exposure issues, and have changed some of my own data habits as a function of this insight.
I can see where this kind of IDaaS service solution can be beneficial to creating a trusted relationship between a service provider and a high worth individual (one who stands to lose significantly in an identity breach). I can also see the need for education in business travelers, especially those not actively in the technology business sector, who may not be aware of best practices to protect themselves. If something like this can both protect and educate, the benefits are longer lasting.
In that light, I recently read an article on way to stay secure while traveling , which was pointing out eight tips for travelers. I want to point out that the first one I disagree with in that relying on a password alone to protect yourself in this day and age is too soft for protection. Authentication is critical in protecting your digital assets, and exposure of your digital assets should be like packing for a trip: pack light and efficiently. The last point of this article focuses on the fundamental point of changing business user behavior when it comes to digital asset protection, especially when we are so focused on so much of our personal data on a device, even if the data is stored in a cloud.
I recently had a visit from an old friend who is a VP of Engineering in Silicon Valley, and he had access to everything for his trip via his iPhone, including his hotel and car reservation, directions, agenda, photos, business contacts, mail access, etc. He had nothing printed out, which made him green and environmentally conscious. But had his phone been taken while visiting with me overseas, he would have not only been severely disrupted in his trip, but made fundamentally uncomfortable for the rest of his business trip because even he received a new device, he would not know the ramifications of the potential of the data loss to both the business and to himself of the missing device for several months. It is now worse than losing your wallet or purse, given the amount of personal and corporate information your device has had access to during a prolonged period.
For me, IDaaS is leading us to one I had predicted several years ago, which is personal data protection as a service (PDaaS). This is where all of your identifiable data (from birth certificates onwards) is managed for you by a third party provider who is bonded and has the necessary audit ability for you to take a job in certain industries (e.g. defense, media, politics….?). We already have reputation managers who can audit your persona online as to what is being said about you and by whom.
Is IDaaS perhaps a bit too much like Big Brother watching over you, or watching out for you? Given what is known about you already, it may be actually a better option than constantly watching your back to wonder what is happening with your data without you knowing while in motion.