December 12, 2017

Protect Confidential Data This Festive Season


The festive season is in full swing... and so are information thieves.

Whether these criminals are prowling around online or in person, it’s an especially vulnerable time because employees are often distracted by Christmas shopping and seasonal activities.  

Here’s a guide to where confidential information is at risk and how to protect it:

Online Shopping: E-retail sales worldwide keep going up. Statista.ca reported that they accounted for 8.7% of all retail sales in 2016 and will almost double by 2021. Watch out: Criminals disguise attacks as ‘amazing’ offers in scam emails and fake ads to trick people into providing personal details. Financial Fraud Action UK (FFA UK) reported that 31% of online shoppers are more likely to take a financial risk if an online retailer offers them a bargain.

SHhopping by Smart Phone: The use of smart phones for purchasing and doing online banking has doubled in a year, according to the Kaspersky Lab Beyond Black Friday Threat Report 2017. Watch out: Cyber criminals are increasingly targeting mobile device users with scams and apps. Tactics such as one-click buying make purchases easier.   

Home Work:  Employees often take work home during the festive season. Watch out: During the Christmas season, there’s a tendency to be careless and rushed. For example, instead of being selective about information to take home, entire documents are downloaded.

Travel: Many employees bring their mobile devices as they travel to visit family and friends. Watch out: Leaving mobile equipment including USB drives in taxis, hotel rooms, parked vehicles, and coffee shops, is common. A Kensington study showed that over half of IT theft occurs in cars, airports, and hotels and restaurants.

Skeleton Staff: Many offices all but shut down over the holidays. Watch out: With a skeleton staff, there’s an increased risk of insider fraud and possibly theft by outsiders.

  • Here are some information security tips for the festive season:
  • Provide ongoing employee training about common online scams.
  • Research retailers you plan to buy from. Access websites by typing in the address, not linking from ads and emails.
  • Always verify email requests that you receive before you act on them. Do not click on any suspicious links, especially from unknown sources.
  • Keep software current on all devices; patch automatically.  
  • Only remove the confidential information that you need for work.
  • Lock down all computers and equipment, and leave the office area clear of exposed documents when taking holidays (as per the best practice of enforcing a Clean Desk Policy).
  • Use strong passwords and password locks on all devices. This type of security can decrease laptop theft by as much as 85%, according to Kensington.
  • Avoid public Wi-Fi especially when making financial transactions – unless you have a Virtual Private Network on your device.
  • Never leave mobile devices unattended. Have a process for checking that you don’t forget devices anywhere.
  • Lock mobile devices in the boot of vehicles.
  • Provide a Fraud Hotline in the workplace.  
  • Continue with scheduled secure destruction services. Your document destruction partner should provide a secure chain of custody for paper and hard drive destruction.

Start Protecting Your Business 

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and data security survey.