|
|
 |
 |
 |
Return to "Press Releases"
Theft or Loss of Confidential Information: A Grave Danger to Businesses, Employees and Customers
Adopting New Business Policies and Procedures Help Minimize the Risk
Itasca, Ill. (September 18, 2007) - Everyday, corporations deal with
confidential information containing everything from company trade secrets and
marketing research, to social security numbers and addresses of employees,
customers and vendors. Recent news headlines about dumpster diving and stolen
laptops, however, have shown that the release of any kind of proprietary
information can have disastrous consequences for businesses.
In the last two years alone, 85 percent of businesses have experienced a data
breach involving the loss or theft of customer, consumer or employee data1. In
that same period of time, more than 150 million records have been exposed2. The
financial implications stemming from the theft of proprietary information in
the workplace are startling, as the crime cost U.S. businesses and consumers
$56.6 billion in 20053. On average, data losses cost companies $182 per
compromised record in 2006, an increase of 31 percent from 20054.
"With an ongoing exchange of paper in offices, the workplace is an increasingly
desirable target for identity thieves," said Ira Winkler, national security
consultant and author of best-selling "Through the Eyes of the Enemy" and the
recent "Zen and the Art of Information Security." "Small businesses are
particularly at risk because they don't always have the resources to protect
their information. Protecting your data is protecting your business. No matter
how big or small the business, you must ensure that the proper policies are in
place to protect sensitive data."
Limiting Risk and Liability:
Financial implications are only a portion of the consequences, as businesses
can now face penalties, such as fines and lawsuits, if they neglect to properly
store and destroy sensitive information. Federal laws like the Fair and
Accurate Credit Transactions Act (FACTA), Health Insurance Portability and
Accountability Act (HIPAA) and Gramm-Leach Bliley Act (GLB) require businesses
of all sizes to properly manage and dispose of consumer and patient
information. In some states, lawmakers have begun to hold employers responsible
for protecting employees' information, making it vital for businesses to comply
with these guidelines.
A first step toward safeguarding corporate data is to shred anything that
contains sensitive information. While some companies utilize off-site shredding
services to destroy information, on-site shredding offers the convenience and a
greater sense of security in knowing that information is destroyed immediately.
A deskside shredder is ideal for business professionals that regularly handle
sensitive information including legal, accounting, human resource or finance
personnel. Commercial shredders are best for shared use spaces including shared
printing or copying areas where large volumes of sensitive information are
created.
Businesses should look for personal or commercial shredders that destroy
CDs/DVDs, can handle large volumes of paper and feature confetti-cut versus
strip-cut capabilities, ensuring all private information is destroyed into
small, unidentifiable pieces.
"It is essential that businesses incorporate shredders into their office
environment and proactively encourage employees to shred all of their
confidential information," said Nancy Heaton, senior global marketing manager
for Fellowes, Inc., the leading shredder manufacturer. "Shredding with a
confetti-cut machine on-site is one of the easiest ways to guarantee that
private information can't get in the hands of identity thieves."
Shredding is just one of many ways to safeguard sensitive information.
Businesses should consider implementing the following precautions to help
minimize their risk of identity theft:
-
Develop office guidelines for all employees that outlines the proper procedures
for protecting sensitive information.
-
Keep all sensitive information and files locked away. Restrict access to those
who need it and closely watch your files.
-
Work with your company's IT department to limit the access employees have to
electronic files. All files should be password protected and encrypted.
-
Ensure all company computers have the most up-to-date anti-virus, anti-spyware
and firewall software. Also check to make sure wireless networks are protected
with the proper security settings.
-
Limit the use of social security numbers in the workplace. Don't use social
security numbers on items such as employee identification badges, time cards or
paychecks.
-
Conduct thorough background checks on potential employees. It is not uncommon
for confidential information to be stolen from within.
-
Use a locked mailbox to send mail that contains personal or company checks,
social security numbers or account information.
-
At the end of each work day, all employees should log off their computers and
lock their workstations or office doors. All confidential documents should be
filed away rather than left at one's desk.
-
When traveling for business, employees should pay attention to their
surroundings, especially when using a cell phone, laptop or BlackBerry. For
those who frequently utilize hotel business centers, check to see if they have
shredders on-site and never throw away confidential information.
About Fellowes
Headquartered in Itasca, Ill., Fellowes, Inc. offers an impressive range of
products to equip the workspace, including paper shredders, binders and
laminators, desktop accessories and record storage solutions. Fellowes, Inc.
owns and operates subsidiaries in Canada, United Kingdom, Benelux, France,
Germany, Italy, Poland, Spain, Singapore, Japan, Korea, China and Australia,
the company employs more than 2,700 people throughout the world and expects
global sales in excess of $700 million this year. For more information, visit
www.fellowes.com.
Sources:
1. Ponemon Institute: The Business Impact of Data Breach Survey, May 2007
2. Ponemon Institute: Database Security Study, June 2007
3. Javelin Strategy & Research: Identity Fraud Survey Report, January 2006
4. Ponemon Institute: 2006 Annual Study: Cost of a Data Breach
|
|
|