As International Fraud Awareness Week approaches (November 7 -13), experts at Shred-it, the information destruction organization are warning businesses of the need to protect themselves from the growing threat of employee fraud.
Approximately 36 percent of security breaches reported this year originated within companies, according to a recent TELUS and Rotman study. The same study shows that unauthorized access to information by employees is up by an alarming 112 percent and is the fastest-growing breach category. Yet despite these statistics, Shred-it's own research shows that just 1 percent of business operators rate employee fraud as their top security concern.
"Based on our research, there is a clear disconnect between the perceived risk of employee fraud and the reality," said Mike Skidmore, Privacy & Security Officer, Shred-it. "Many organizations associate the mechanics of identity theft and fraud with external sources, while failing to recognize that insider access to sensitive data can potentially be abused by their own staff. International Fraud Awareness Week is an ideal time to highlight these internal risks to organizations and encourage businesses to be increasingly vigilant when it comes to securing loopholes in organizational security strategies."
In support of the week-long international campaign and based on its 20-plus years of industry experience providing information security solutions to business, government and non-profit clients around the world, Shred-it has the following quick tips for organizations wanting to protect the security of employee information and eliminate the potential for identify theft and fraud:
- Make sure you have formal information security policies in place; train your employees to know the policies well and follow them rigorously
- Limit the number of people who handle confidential documents. Be careful when hiring new employees. Perform full reference checks and, where warranted, ask your new hires to sign confidentiality agreements.
- Demonstrate a top-management commitment to the total security of your business and customer information.
- Conduct a security audit of your organization. Shred-it offers free security assessments.
- Adopt a Shred-all policy making sure all paper documents are securely destroyed on a regular basis
- Outsource document destruction to reliable vendors, whose methodology ensures total security of the document disposal process