Total Pageviews

Tuesday, 4 October 2011

Identity Theft. What do you know?

Following my recent Shredder blog post, I stumbled upon an informative article in the October 2011 trade magazine Office Products International by Simon Tempest, Senior Vice President - EMEA Marketing at ACCO Brands. You can follow Simon on Twitter: @simon_tempest.  What follows is an extract from Simon's article.

The loss or mishandling of sensitive data can be expensive both in direct costs and the time taken to resolve consequences.  The impact can be considerable, damaging reputation, credit rating and profitability.  HSBC was fined more than £3 million in 2009 in the UK "for not having adequate systems and controls in place to protect their customers' confidential details from being lost or stolen" (FSA)

So - what about a solution?   The starting point is awareness, not just at a senior management level but throughout organisations.  beyond that there are some simple steps that will reduce risk and greatly enhance data security.  Start with a review of company specific data, follow up with a well though through policy and finally, effectively implement an ongoing action plan.  The following is a guideline for conducting a review and constructing policy.

  1. Verify the identity of customers, suppliers, business partners and employees.
  2. Review online security arrangements; a firewall and wireless encryption are simple steps.  More complex businesses dealing in e-commerce need to consider secure payment systems and compliance with legislation.
  3. review all your information, not just paper-based. Think about all the data held by various departments whether in files, on PCs and so on.
  4. Classify the data, for example general, sensitive, confidential and secret.
  5. Define how each classification should be stored, accessed and destroyed.
  6. never allow company information (even seemingly innocuous items such as company letterheads) to be thrown in a bin.
A key consideration when purchasing a shredder is the level of security required.  This is directly related to the assessment of risk.  To find out how to select the right shredder please click here.


No comments :

Popular Posts