This completely free feature gives you an understanding of how exposed employees are prior to purchasing DeleteMe coverage for them. 

This feature allows admins to:

• Gather quantitative data to help prove exposure and risk across their employee base
• Advocate effectively for increased coverage with critical stakeholders and leadership

The results of each scan will give administrators visibility into total exposed PII per employee, their relative risk levels, and proactively suggest recommendations for appropriate DeleteMe coverage. Admins are also given a simple process to request and add additional seats/coverage based on these results.

How to use the new Risk Scan feature

Administrators can upload data for up to 100 employees at a time by either CSV or manually adding details for each. The data required to scan for PII exposure is the same as required for our Instant Coverage feature, which are:

• First and Last Name
• Address
• Phone Number
• Email Address
• Date of Birth (optional)
• Title (optional)

You can easily manage and view historical scans in the Privacy Center. Admins can rename scan reports for easier reference, review or delete older scans if you no longer need them, and take action to notify your Customer Success Manager if you’d like to purchase additional coverage.

FAQs:

Do employees need to be onboarded DeleteMe members to run a risk scan?

No. Administrators can run scans for any individual in their organization and they are not required to be current members in the program.

Will uploading employees to Risk Scan onboard them into DeleteMe?

No. The employees you run through a Risk Scan will not automatically be onboarded into DeleteMe. Risk Scan only searches our covered websites on the public web for matches from the data you provide and gives you visibility into the total amount of exposed PII.

How long does a scan take?

Scan length depends on how many employees you’re scanning for at once. Scans can be as short as 5 minutes and as long as a few hours.

Does DeleteMe keep the personal information of employees we scan?

No. Administrators can select how long results and the uploaded personal data are stored for reference. We offer options from as short as one week to up to one year.

Table of Contents

Defending American rights, this nonprofit organization is no stranger to going against the grain.
But as politics have become more polarized, charged issues often make its staff and volunteers
targets for threat actors.

For the information security team, personal threats against individuals and the organization made it increasingly important to prevent staff and volunteer personally identifiable information (PII), including their personal phone numbers and home addresses, from falling into the wrong hands. This information was becoming frighteningly easy for threat actors to find online—often through little more than a Google search query.

To mitigate the operational security risks created by PII exposure and protect the people behind its
mission from personal threats, the nonprofit needed a way of finding and stopping PII from appearing online. With millions of supporters, the nonprofit also needed a way of doing so at scale and without placing an extra burden on individuals.

The Solution

The nonprofit’s security team understood that they couldn’t rely on training alone to mitigate
threats such as harassment and social engineering campaigns.

They knew that data brokers constantly collect and distribute publicly available PII from their
staff and volunteers without their permission. While individuals could attempt to remove their
information themselves, it would just reappear online unless they did so repeatedly.

To fight back, the nonprofit needed to give its supporters and employees access to a proactive and
trustworthy PII search and removal service that takes data offline automatically. The nonprofit
chose DeleteMe. With over 12 years of experience helping NGOs, charities, and nonprofit organizations protect staff PII, DeleteMe was able to provide this nonprofit staff with a bi-monthly automated PII search and removal service that covered various online sources of PII exposure. Volunteers were also given access to the same service at a heavily discounted rate, subsidized by the nonprofit.

Results

Soon after deployment, PII removal became a core security tool for the nonprofit and a benefit
for the organization’s staff. The staff felt supported and valued because their leadership took their privacy and security concerns seriously. Through monthly removal reports, DeleteMe delivered a measurable privacy improvement for covered individuals.

Staff and volunteers could see how each month, DeleteMe found and removed more of their
information from the web, making it harder for threat actors to find where they live, what their
family situation is, or how to contact them.

Table of Contents

With millions in annual revenue, this company has been developing high-profile multiplayer games enjoyed by millions of people worldwide for decades but with their success came the danger of harassment and doxxing for staff and executives.

When it comes to online gaming, not everyone plays by the rules. As the number of players
grew, the company was forced to remove individuals who violated its platform’s terms of use.
Unfortunately, some of these individuals responded by threatening the company’s executives
and developers directly.

Faced with the risk of their Personally Identifiable Information (PII) being leaked online by
disgruntled individuals, doxxing became a danger for executives and developers within the company. As the volume of threats grew, company employees began to fear both for their personal safety and that of their families. The company’s executive protection team knew they needed to respond and put a solution in place to protect their employees from PII exposure.

Any tool the company used to remove PII online also had to provide scalable protection and
work continuously, by finding and removing PII when it found its way online. With employee
numbers expanding and personal information exposure increasing, the company needed an
effective PII monitoring and removal solution that could grow alongside them.

The Solution

DeleteMe provided the company with a custom platform for employee PII monitoring
and removal. For at-risk staff, DeleteMe’s data broker monitoring and removal capability immediately
delivered clear PII exposure reduction without any extra operational burden. Onboarding was
simple. After a quick sign-up process, employees could rely on bi-monthly automated personal information search and removal from online sources, including more than 60 data brokers.

Meanwhile, Human Resources could also administer additions or upgrades to DeleteMe
coverage autonomously, adding or removing individuals in response to developing threats.

Results

After initial use by a few key staff members, the company rapidly expanded DeleteMe coverage
to protect at-risk individuals across its organization.

Used as a tool to protect employees from personalized threats, DeleteMe also became a
valuable cultural asset. This was thanks to the immediately visible impact that DeleteMe’s
regular PII monitoring and removal progress reports provided for staff.

Knowing that their employer is taking the initiative to protect them, individuals’ well-being
benefited immensely from using DeleteMe.

Table of Contents

A household-name social media company partnered with DeleteMe to reduce its phishing risk and improve its cybersecurity posture.

For this social media platform, cybersecurity is critical for ensuring business continuity. However, despite steady investment in market-leading security solutions and talented personnel, as the organization grew, its security posture developed a critical human vulnerability. Within the company’s global workforce, increasingly targeted phishing attacks were allowing advanced threats to bypass security controls and enter their corporate network.

Although the company had introduced a phishing awareness training program, phishing attacks were still succeeding. Particularly for high-profile employees used to receiving hundreds of emails per day, it was becoming nearly impossible to spot fake emails. These emails appeared credible because they used personally identifiable information (PII), including their names and job titles.

Mitigating this rising security threat meant doing more than just relying on employee anti-phishing training. In addition, the social media company needed to identify the individuals most at risk from targeted phishing attacks and reduce how much of their PII was available to threat actors.

At the same time, because the high-profile employees most often targeted by spear-phishing attacks typically had incredibly busy jobs, whatever method the company chose to protect these individuals needed to work without placing any extra burden on the staff themselves.

The Solution

The company’s Chief Security Officer partnered with DeleteMe in order to take a triple-layered approach to reduce their phishing risk. Training employees on evolving phishing risks was the first step. Then, by proactively scouring the web for instances of employee PII, DeleteMe gave the company’s security team a better picture of how PII was creating phishing risk vectors within their organization. This meant security teams could identify key individuals whose information profiles and job titles put them most at risk from advanced phishing threats.

Results

Covered executives and employees quickly saw the results of having the DeleteMe Solution in place to find and remove their PII from online sources. For the social media company itself, the risk of a cybersecurity incident due to phishing was dramatically reduced. Since deploying DeleteMe, none of the company’s covered staff have fallen victim to a phishing email.