| In the past year, more than 88 million Americans have | | | | are open to any employee just clicking through the |
| had their identity endangered as the result of data | | | | company network on their lunch break. Sensitive |
| breaches according to the Privacy Rights | | | | employee data should not be stored on mobile storage |
| Clearinghouse. Topping the list: a case at the Veterans | | | | devices, including lap top computers and USB thumb |
| Administration, where an unidentified analyst took the | | | | drives. The human resources department should be |
| employee information of 26 million veterans home in a | | | | the only people with access to employee files, paper |
| laptop computer that was then burglarized from his | | | | or electronic. |
| home. | | | | Hold it |
| A recent report authored by Dr. Doug Jacobson, | | | | Usually, the weakest link in the security chain is the |
| director of the Iowa State University's Information | | | | person trying to be helpful to someone on the phone. |
| Assurance Program, finds that the biggest risk of data | | | | Unless an officer of the court provides your company |
| breaches or theft comes from careless employees or | | | | with a subpoena, you should have a strict policy to |
| consultants who don't properly secure the data they | | | | never release employee information to any individual or |
| are entrusted with. The report audited 126 companies | | | | organization except to the employee him/herself. This |
| who suffered a data loss and found that more than | | | | rule should also apply to all consultants. |
| 54 percent of lost data was the result of employee | | | | Hide it |
| error, with only 34 percent being due to outside | | | | For tax purposes it is impossible to avoid using social |
| hackers. | | | | security numbers but they don't need to be printed on |
| Over the past couple of years, thefts of consumers' | | | | every document. Mask the first five digits of the social |
| personal information have been caused by trusted | | | | security number on pay stubs and other |
| employees and consultants who don't risk the same | | | | documentation not submitted to the IRS. This is more |
| security barriers as hackers do from outside the | | | | important for documents sent through the mail. |
| company, said Dr. Doug Jacobson, All of sudden, | | | | Clean it |
| employers are realizing that the biggest security threat | | | | Implement a clean desk rule at your company? It is an |
| they face to the sensitive data they are storing and/or | | | | easy way to increase your company's information |
| sending is now coming from employees who can't get | | | | security from unauthorized eyes. This requires every |
| caught by the millions of dollars of security technology | | | | employee who deals with sensitive information to clear |
| designed to prevent the bad guys from getting in. | | | | their desk whenever they leave their office. Sensitive |
| Steven Hastert, General Manager of Shred Nations, | | | | information should either be filed and locked or placed |
| says that there are some simple steps that every | | | | in a locked shredding bin. |
| company should take to help keep their employees | | | | Shred it |
| information safe from identity theft. | | | | When through processing paperwork containing |
| Lock it | | | | sensitive information that does not need to be stored, it |
| Human resources departments should have security | | | | should be shredded. A shredding service not only |
| procedures for storing private employee information. | | | | makes secure disposal easy but they will provide free |
| Lock up all employee files, both active and terminated | | | | locked containers to store the material in until it is |
| in a secure area. More importantly, make sure that only | | | | shredded. This helps employees focus on their core |
| authorized personal have access to the key. | | | | responsibilities, comply with the clean desk policy and |
| Secure it | | | | documents the shredding program for legal compliance. |
| Employee information stored in databases should also | | | | Best of all a shredding service is cheaper than paying |
| be secured. It is amazing how many employee files | | | | your employees to do the job with an office shredder. |