WNYC theft sparks questions about donor security: Radio station didn't know it had been hit.Sometimes those who are scammed don't know Don't know (DK, DKed) "Don't know the trade." A Street expression used whenever one party lacks knowledge of a trade or receives conflicting instructions from the other party. it until the police show up. The same can be said of charities that have had a security breach. WNYC, New York New York, state, United States New York, Middle Atlantic state of the United States. It is bordered by Vermont, Massachusetts, Connecticut, and the Atlantic Ocean (E), New Jersey and Pennsylvania (S), Lakes Erie and Ontario and the Canadian province of Public Radio, was among numerous other targets of identity theives who accessed donor records. A WNYC janitor, Kenyel Dotts, was arrested on July 15 and charged with grand larceny A category of larceny—the offense of illegally taking the property of another—in which the value of the property taken is greater than that set for petit larceny. At Common Law, the punishment for grand larceny was death. and conspiracy, according to according to prep. 1. As stated or indicated by; on the authority of: according to historians. 2. In keeping with: according to instructions. 3. Paul Larrabee, spokesman for New York State Attorney General The New York State Attorney General is the chief legal officer of the State of New York. The office has been in existence in some form since 1626, under the Dutch colonial government of New York. Eliot Spitzer's office in Albany. Dotts was charged and released on his own recognizance own recognizance (O.R.) n. the basis for a judge allowing a person accused of a crime to be free while awaiting trial, without posting bail, on the defendant's own promise to appear and his/her reputation. . He has since been terminated by WNYC, a station spokesperson said. Station officials have initiated an independent investigation to uncover exactly how 198 donor names were stolen. The station also wants to change procedures to better prevent such theft. The probe that identified thefts at several locations began a year ago with an arrest of a state worker who allegedly stole the identifying information of thousands of people, according to Larrabee. The case could include additional charities, the state Insurance Fund, the federal. Social Security Administration, Empire State College, a Westchester video store, WorldCom Wireless and American Express American Express (NYSE: AXP), sometimes known as "AmEx" or "Amex", is a diversified global financial services company, headquartered in New York City. The company is best known for its credit card, charge card and traveler's cheque businesses. in addition to the radio station, according to Larrabee. The first WNYC knew of the theft, according to station officials, was when authorities came calling. Authorities have not revealed the specifics of how the names were stolen from WNYC. However, Larrabee down-played the possibility that the names were simply lying out in the open. He also suggested the theft seemed not to have occurred by using a password and downloading material. "I can't mention the details, but the method was not that sophisticated," he said. A statement released by Laura Walker Laura Anne Walker (born July 1, 1970) is a former freestyle swimmer from the United States, who was a member of the Women's Relay Team that won the bronze medal in the 4x100m Freestyle a the 1988 Summer Olympics in Seoul, South Korea. , president and CEO (1) (Chief Executive Officer) The highest individual in command of an organization. Typically the president of the company, the CEO reports to the Chairman of the Board. of the station, said the staff was taking this incident very seriously. She said that the station took swift action to dismiss the employee and to enhance the security of physical and electronic donor records. Harry Freedman Harry Freedman (Henryk Frydmann) (April 5, 1922, Łódź, Poland - September 16, 2005, Toronto, Canada) was a Canadian composer, musician and educator. In 1984, he was made an Officer of the Order of Canada. , director of institutional advancement for the Lankenau Institute for Medical Research An independent, nonprofit biomedical research center located in suburban Philadelphia. Specializes in basic, clinical, and translational research on cancer and cardiovascular disease. (LIMR LIMR Lankenau Institute for Medical Research (Wynnewood, Pennsylvania) ) in Wynnewood, Pa., has been in fundraising for 20 years, but he hasn't received as many telephone calls in the past as he now gets from fearful donors. "They ask not to be listed as a name in the building," he said. "Four major donors with a $1 million or more gift recently declined having their names in a building." Freedman, whose donor base is approximately 10,000, said that security is the first priority. "Many places accept that the staff leaves an office door open for cleaning," he said. "But then the office needs to be secure with different keys for the file cabinets." Freedman warned about being lax. Some people place the names of donors on files, which becomes an invitation to a theft. Another problem can arise when people leave the keys hanging in the cabinet lock. "The janitorial staff in our building has keys to the door, but not the file cabinet," he said." Only one person has access to the entire key system." Freedman pointed out that a potential problem is a lost key. Organizations should require reporting a lost key immediately, along with a charge of $50 to replace it. "When a staff member leaves, it's also good to replace keys," he said. Files with donor information should be locked and remain only in one location. Freedman suggested that many institutions will have records in several places, such as accounting, along with copies that are held in bookkeeping. "There's no reason for a lot of people to have access," he said. "Most of the board people are executives and the likelihood of them getting involved with donor files is not high, so the file shouldn't leave a central office." The message is that should other staff want additional information, they can email within the building. "We have three buildings 30 miles apart, and we can look up those donors through the computer system," Freedman said. "But the files for the individual hospital donors are kept in the development office or accounting, but that is only in one place." Prevention goes beyond the file cabinet to cover other office equipment. A theft of donor names might involve the culprit trying to copy a series of names. "We have passwords for the copy machines," he said. "We have a code system and we change it every six months." A desk can be a target. Confidential information Noun 1. confidential information - an indication of potential opportunity; "he got a tip on the stock market"; "a good lead for a job" steer, tip, wind, hint, lead might be in the desk, but one barrier to theft is a locked door. "Many people walk through our corridor asking for directions," he said. "I don't know who they are so we have a policy of closing the door." As WNYC struggles to outline new procedures, many items from Freedman may have already been in place. The station acknowledged that part of its investigation has forensic accountants and electronic information security experts analyzing the station's security. Forensic accountants look at every aspect of a financial transaction, compared to an auditor, who just excerpts the number. According to Emma Dunch, director of communications Director of Communications is a position in the private and public sectors. The Director of Communications is responsible for managing and directing an organization's internal and external communications. for WNYC, the crime did not compromise the computer network. "Our security measures Noun 1. security measures - measures taken as a precaution against theft or espionage or sabotage etc.; "military security has been stepped up since the recent uprising" security protected all of the (electronic) WNYC donor records and they weren't breached that way," she said. "We're talking about an isolated incident by a trusted employee with a free access that others might not have. The event was an opportunistic theft." The crime brings to mind questions about computer protection. "Nonprofits have to use passwords for all the files," said Brian Larsen Brian Larsen (born April 9, 1986 in Laurel, Maryland) is a guitarist, singer, and record producer. "Twilights Moon" is Larsen's main musical project, and as a solo artist and contributor to other artists' work, he has been awarded six RIAA gold/platinum sales awards, but is , president of Systems Support Services support services Psychology Non-health care-related ancillary services–eg, transportation, financial aid, support groups, homemaker services, respite services, and other services , a fundraising consultant in Charlotte, N.C. "Many are lax in security and might even place the password up on the monitor to remind the staff." Larsen suggested limiting the access to the file to fundraising people. "A volunteer should be able to add names but not export the names or look up information," he said. Most large organizations, have a built-in series of levels of security. The fundraising system for large donor bases usually are equipped with a complex series of passwords. From the attorney general's position, tens of thousands of individuals suffer when their identity has been stolen, according to Larrabee. "Many places exist in public databases, colleges, video stores where records can be misappropriated mis·ap·pro·pri·ate tr.v. mis·ap·pro·pri·at·ed, mis·ap·pro·pri·at·ing, mis·ap·pro·pri·ates 1. a. To appropriate wrongly: misappropriating the theories of social science. ," he said. "We encourage vigilance for consumers to review monthly billing statements so they can be cognizant of transactions." WNYC's Dunch stated the station had limited reaction from donors and was working with individuals affected. "Most have been understanding knowing this could happen to any nonprofit," she said. "Most are grateful that we acted quickly." Nonprofits have to be proactive, according to Freedman. "If you have a problem where security breeches your organization, the effects will hurt you in terms of future support." RELATED ARTICLE: Security Quiz Here are 10 steps you can take right now to protect donor information, according to Johnny R. May, CPP cpp - C preprocessor. , CPO (Chief Privacy Officer) An individual who manages the privacy issues within an organization. Arising out of the privacy regulations in finance and health care in the late 1990s, the CPO position eventually crossed over to all industries. , an independent security consultant and trainer in Pontiac, Mich., who specializes in protecting individuals and organizations from identity theft. His Web site can be found at www.identitytheftinfo.com More than 750,000 consumers will become victims of identity theft this year, according to May. People can become a target without knowing until a credit application is denied or a telephone call comes from a debt collection agency seeking payment. 1. Does your organization shred personal information and other sensitive material prior to placing it in the dumpster? 2. Does your organization conduct background checks on all individuals with access to personal and/or sensitive information? 3. Does your organization limit the number of temporary agencies it uses? 4. Does your organization use alternative numbers in the workplace instead of employee social security numbers? 5. Does your organization train staff on information security issues? 6. Does your organization control access to personal information and limit it to those who have a legitimate reason for access? 7. Does your organization implement and enforce password security procedures for all computer users? 8. Are employees' personal information locked in a file cabinet or other secure area? 9. Has your organization developed guidelines to safeguard sensitive information? 10. Does your organization promote company wide security awareness Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical and, especially, information assets of that organization. on proper information handling practices? Tom Pope is a New York City-based journalist who writes about management issues. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion