Social Security numbers and dates of birth are exposed to foreign customs officials when traveling on official orders.
Social Security numbers are exposed, all or in part, to contracted transportation companies and truck drivers during military moves.
Virtually every Department of Defense form requires the Social Security number. Privacy Act statements on these forms typically dictate that disclosure is required.
Many organizations create unofficial local forms and databases mandating disclosure of the Social Security number, with or without a Privacy Act statement.
Dependent identification cards put the military sponsor's full Social Security number in the hands children as young as 10 years old.
Many official and military administrative processes require service members to send unencrypted paperwork, such as leave requests and travel vouchers, containing Social Security numbers across the Internet. These forms are then stored, unencrypted, on myriad computers.
Some military organizations use portions of Social Security numbers in email addresses and as computer user names.
The Social Security number is stamped in steel on an individual's dog tags. Secure destruction of these tags is nearly impossible.
Until recently, a Service Academy Alumni Association published books listing all graduate's dates of birth. Copies are available on eBay.
Service members, and their family members, frequently provide their Social Security number-laden military identification card to merchants, clerks, and night club bouncers for military discounts or as proof of age.
Service members in Iraq, Afghanistan, and other foreign countries must show their military identification card to locally contracted, foreign national security guards to gain entrance to dining halls and other facilities, again disclosing their SSN and date of birth.
Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.
From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:
Understand the current cyber threats to all public and private sector organizations;
Develop a multi-tiered risk management approach built upon governance, processes and
Implement NIST's risk management framework, from defining risks to selecting, implementing
and monitoring information security controls.