A breach from any angle
Surprising sources of information security breaches and how businesses can prevent them
In this issue, we will discuss the unexpected ways your company can become the victim of a security breach.
The 2015 Information Security Tracker conducted via Ipsos Reid, revealed that 68 per cent of British businesses, both large and small, don’t provide regular training on information security procedures for their employees. When it comes to preventing information security breaches and safeguarding your business, one of your business’ greatest enemies is a lack of awareness. The information provided below provides advice on how not to let both the most common and uncommon risks turn your company into a victim of a security breach.
Start Download
1. What are the risks?
In today's on-the-go economy, chances are high that your employees spend as much time out of the office as they do inside it. However, next time an employee stays at a hotel, think twice and don't let the following story become a reality:
-
A worker with your company is on a business trip in a neighbouring province to meet with one of your organisation's major clients. The worker is looking to sign a major deal and as part of the deal, your company must share the client's vital financial information.
-
Instead of couriering the documents, the mobile worker offers to bring the files back to the head office as they have done many times in the past. As it's a Friday, the worker returns to their hotel for a well-deserved rest and to make a quick call home.
-
On Monday, it is discovered that the financial documents have gone missing. The worker has called the hotel but none of the staff reported finding anything. Was the worker a victim of theft? Were they left in a drawer or on the desk? Could they have been forgotten at the breakfast table? The worker has no idea where the documents ended up and now you must disclose the breach to your client and shareholders.
2. Don't let your business become a victim!
The 2015 Information Security Tracker revealed that 31 per cent of large businesses and 60 per cent of SMEs have no policy in place for secure storage and disposal of confidential documents for off-site work environments; however, a data breach from a carelessly handled document can not only lead to potential financial damage – it could create a loss of reputation and diminished trust.
By following a number of information security protocols and policies, you can better arm your company and your staff against taking unexpected risks with sensitive information and prevent the above story from becoming a reality.
3. Be aware of both internal and external threats
It’s important to be aware of all potential information security threats in order to protect your business both inside and outside of the office. Keep in mind the variety of common locations where fraud may occur.
Outside of the office, take precautions when you or your colleagues access sensitive information while in hotels, restaurants, airports or off site meetings. Ensure that documents are not left in cars or closely watched while taking public transport.
Along with the rise of external threats, don’t forget that some of the most malicious risks are all around you on a daily basis. Think of the ways vital information is not properly secured in your office: the recycling bin, the photocopier, even your own desk. Have you ever left files unattended over lunch or when you go home at night? Any number of people, from building to cleaning staff, have access to the office after hours.
Being more vigilant not only in your office, but also when you’re on-the-go is definitely a start. Below are additional tips on how to prevent your company, employees and clients from becoming victims.
Tips:
-
Implement ongoing risk analysis processes and create a policy specifically designed to limit exposure to fraud and data breaches
-
For employees working on-the-go, ensure your information security policies and procedures include mobile security rules/precautions
-
Train and review your information safety protocols and policies regularly with staff, and ensure your policies evolve alongside changes in your workplace
-
Encourage employees to maintain full control over all vital information, in and out of the office
-
Consider a shred-all policy for all documents that are no longer necessary to your organisation
-
Don’t overlook electronic devices or hard drives on computers and photocopiers; physical hard drive destruction is proven to be the only 100% secure way to destroy data from hard drives permanently
-
Remind your employees that information security is even more important when outside the office
When it comes to protecting your organisation’s sensitive information, you can never be too careful. In today’s information-driven economy, it’s more crucial than ever to take precautions to ensure confidential data doesn’t fall into the wrong hands. By taking proactive steps now, your business can make the right moves in preventing an information security breach down the line.
YOUR FREE SECURITY CONSULTATION
Shred-it has developed an online survey to help businesses better understand security gaps in their processes. To conduct your own security self-assessment, visit our website at: Risk Assessment Survey.
For more tips on improving information security, please visit the Shred‑it Resource Centre at shredit.co.uk/resource-centre
You can also stay informed with Shred-it on Facebook and LinkedIn or follow us on Twitter at @Shredit_UK.
Start Download