Data breaches at companies like Equifax, Yahoo, Anthem, Uber and others have driven many consumers to purchase identity theft monitoring solution like LifeLock, ID Shield and TrueCredit. These services generally have the same modus operandi: you give them your social security number and they let you know if there is activity on your credit report.

While this can’t hurt, identity theft monitoring solutions are not protecting you from cyber crime. Think of it this way: ID theft monitoring solutions are like when a hotel’s security guard calls you to tell you your empty wallet was found in the trash. Wouldn’t it be more useful if the hotel had better security in the first place to prevent the theft from occurring?

It’s not too helpful to be notified of a problem after the issue has occurred – and the model suffers from a few other fundamental flaws as well. Let’s look at how ID theft monitoring and cyber security compare in a few key areas.

Crime prevention and coverage

Identity theft monitoring watches for transactions to hit your credit report, but what if your email is hacked and you are impersonated to initiate a bank transfer? What if your cell phone or laptop are compromised, giving the hacker access to all your information and communications? ID monitoring does not address this.

In contrast, cyber security solutions proactively protect you from loss by securing your connection to the Internet, your communications, your information and your devices. Cyber security reduces attacks such as malware, phishing, or other methods used to gain access to your personal information, your reputation and your money. There are hundreds of attack types that cyber criminals use, and new ones emerge every day. A good security solution will be adaptable and “future proof” to continually identify new threats and proactively protect you against those.

Liability and insurance

While cleaning up identity theft can take a long time, liability rests with the credit reporting agencies (CRAs). If your identity is used to open fraudulent accounts, the CRAs will help get these accounts closed and removed from your credit report – although it will take significant effort. So, while monitoring can be informative, you were never liable for any loss resulting from someone fraudulently using your credit. A key point here is that it is very easy for ID monitoring services to make a guarantee because they are not liable for your loss. For example, LifeLock offers to “spend up to $1 million to hire experts to help your recovery.” This is nice, but it won’t repay your stolen money. Check the fine print and multiple reviews online to confirm this.

However, if someone hacks your devices or accounts to steal your personal information (versus just using your credit) and you don’t have cyber security protocols in place, you might be held responsible for losses (whether for you, your family or your clients). For example, let’s say someone gains access to your email through a cyber attack, sends your assistant a fake bill for payment, and your assistant goes to the bank to pay it. In this case, the bank is unlikely to be responsible and you will be personally liable for the amount, even though the bill was fake. Cyber security solutions reduce the chance of loss of this sort in the first place, and can be backed by insurance companies such as PURE that offer up to $1 million of loss coverage.

Loyalty to the customer

Credit reporting agencies often make money when you buy ID monitoring. Even if the ID theft monitoring service doesn’t appear to be a service from aCRA, typically there is a revenue-sharing agreement between the two parties. This should be a red flag for everyone, as there is high potential for fraud – or at least a conflict of interest. It’s like a bank leaving the safe unlocked and then selling you a service to let you know if your money was stolen. It is particularly unsettling that credit monitoring is offered on free promotions right after a big credit breach.

Unlike ID monitoring, cyber security firms are solely focused on keeping customers safe and maintain a transparent relationship with customers, with clear incentives for the buyer.

What you pay for

You can circumvent the need for credit monitoring altogether by freezing your credit, which prevents anyone but you (with a code) from accessing your credit report. And it’s typically free, or may involve a small fee depending on what state you live in. This is a much more efficient model than monitoring, since it fully locks your credit (rather than just watching it) so only those with authorization have access.

You get your money’s worth with cyber security as it is the only way to use the Internet safely in todays modern digital landscape. Unless you can avoid going online, the reality is that everyone needs some level of cyber security, and if you are a juicy target for cybercriminals you need more than others.

To summarize:

  Identity Theft Monitoring Cyber Security
Does solution prevent crime?
Are you responsible if crime happens? Maybe
Do firms selling service have clear motives?
Is the service needed?

Best practices for effective digital security

With increasing digital threats against both businesses and individuals, staying on top of cyber security can be a full-time job. You could do it yourself, but even for tech savvy individuals, there are benefits to offloading digital security to others. With enough time and effort, we could all fix our own cars, do our own taxes, and manage our own cybersecurity – or we can hire experts to handle that for us.

The key takeaway here is that identity theft monitoring solutions are simply not effective. Instead, here’s what we recommend for effective digital security and ID theft protection:

  1. Get a robust cyber security solution. Yes, you will have to pay for it, but it’s worth it to prevent cybercrime and mitigate your risk. Unlike basic credit monitoring which is a simple, automated service, effective cyber security requires constant monitoring, adaptation, analysis and response by human experts. To encourage more people to consider cyber security, we’re offering 10% off Rubica for a limited time.
    Freeze your credit Be sure to do it at all four credit reporting agencies Equifax, TransUnion, Experian, and Innovis (not three as you may think!).
  2. Use a password manager. Having different passwords for all of your accounts is a best practice, but it’s nearly impossible for most people to keep track of them. Try LastPass, 1Password or Dashlane  – those who enroll with Rubica via the 10% off link will get a password manager service for free.

 

For more information and to learn how Rubica can help protect you, your family, your assets and your reputation please contact Rubica at 866-278-2422.