13 Jul Workplace Identity Theft: Protecting Sensitive Customer Data
Identity thieves are constantly looking for new ways to obtain personal information from unsuspecting victims. While businesses are well aware of hackers and the risks they pose, one of the more popular techniques for stealing information comes from inside an organization.
Customers trust businesses in every industry to keep their sensitive information private and secure. From flower shops to the dentist’s office or a tax professional to a dog groomer—customer information is everywhere. Business owners should do their due diligence to take extra steps to ensure personally identifying information stays private.
The steps to helping prevent workplace identity theft for your customers are simpler than you may think.
Not all employees need to have access to every application or all customer data. Employees who do require full access should be asked to sign a confidentiality agreement explaining their responsibility to handle the secure information in an appropriate manner. Ensure supporting policies are outlined in the employee handbook and review with all essential employees annually.
Invest in Modern Technology
New and modern technology solutions help mitigate risk on their own, simply by being newer than the technology most smaller businesses already have. Firewalls, encrypted backup systems, and antivirus are the areas where dollars matter. Keeping these solutions updated and in top-notch condition are a sure way to mitigate risk for data and security breaches.
Technology Requires Human Management
The technology we choose to implement for security purposes is only as good as the care the operator has for the application. For instance, if a homeowner has an alarm system but never turns it on, the house remains unprotected and open to burglars at any time. In the workplace, an integral step to maintaining customer information security is ensuring the technology is operating properly. When stepping away from a computer or laptop, lock the screens. Restaurant and retail staff should log out of terminals and point of service (POS) systems prior to stepping away to help a customer or serve a table.
Managing the Paper Trails
The majority of most businesses large and small are going paperless for both customer communication and internal reporting or record keeping. In the event your business maintains paper records, it is important to provide employees a way to dispose of sensitive material. Some organizations offer shred bins (the material is transported off-site and shredded regularly), while others offer the ability to shred information on-site. Regardless of the method of disposal, employees should also be trained on how to
handle personally identifying customer information while it is in use. Employees who require paper versions of customer data should lock up the documents when they are either not in use or when the employee is away from their desk.
Business owners know the risks associated with maintaining customer data. The potential for encountering identity theft while handling customer data is increasingly likely. Urge employees to use their best judgement when handling personally identifying customer information. Questions should be directed to their supervisor to ensure they are not side-stepping any in-place security measures.
Core ID offers the ability to protect customers, employees, and your business through educational resources and fully-managed recovery and protection services. With Core ID you have a partner against workplace identity theft. Contact Core ID for more information.