A lack of regular information security training could be leaving businesses and their employees at risk from exploitation by fraudsters.
Research from Shred-it’s 2016 Security Tracker survey shows that over a third of small business owners (34%) admit to never training their employees on information security while 58% of C-Suite executives confess to training their staff only once a year or less.
However, a lack of employee security training could have serious reputational, legal and financial implications, both for businesses and their workers. These can range from calls from unhappy customers over lost information, financial repercussions in the form of fines or intense scrutiny from the media - not to mention the hugely time and resource consuming task of cleaning up the aftermath!
Because of this, workers are being encouraged to play their part by calling on their business leaders to provide regular training. This, along with the role they have in educating their fellow colleagues on the risks of fraud, will ensure workers are armed with the necessary tools to protect the workplace.
With International Fraud Awareness Week running from 13-19 November, Shred-it has collated some useful information security tips for employees to share with their colleagues:
- Shred-it’s Fraud Risk Quiz will help employees to understand where information security gaps lie in their business and see just how fraud aware they are!
- Workers should encourage their colleagues to adopt a Clean Desk Policy. Employees should lock away all information when they are away from their desk to hide it from prying eyes.
- Staff need to ensure their co-workers are aware of the most vulnerable areas in the workplace. The printing area for example is a hotbed for sensitive information. Employees must get into the habit of encouraging each other to collect their printing immediately.
- Having a wastepaper or recycling bin close to a desk is handy but employees could accidentally throw away confidential business or personal information. Workers should suggest that their workplace gets a locked and secure console for all unwanted paper documents.
- Flexible and mobile working can boost productivity, but can also leave information more vulnerable to exposure. All information needs to be treated with the same care away from the workplace. Colleagues should advise each other to leave non-essential documents in the workplace when they’re working remotely.
- Employees should warn any colleagues with responsibility for shredding documents that an office shredder is not as secure as they may think. These machines often strip-shred documents meaning they can be easily reconstructed. And documents are often left unsecured whilst waiting for someone to have the time or motivation to shred them. A secure cross-shredding service ensures documents are thoroughly destroyed and cannot be reassembled.
- Workers can remove the hassle and security risk of having to decide what is confidential and what isn't by suggesting their business implements a Shred-it All Policy so that all information is securely destroyed.
International Fraud Awareness Week is organised every year by the Association of Certified Fraud Examiners (AFCE), the world’s largest anti-fraud organisation. It stands up against fraud to minimise its global impact and promotes anti-fraud awareness and education all around the world.
Download Shred-it's factsheet to learn about the increasing risk of occupational or 'insider fraud' facing UK organisations.