August 02, 2018

Why Financial Institutions Must Do More to Protect Their Workplace and Their Customers


When it comes to information security, you could say bank customers are tough customers.

The 2018 State of the Industry Report by Shred-it showed that when choosing a bank, 92% of American consumers always check the organization's data protection track record.

A Carnegie Mellon University study of 500,000 customers of a leading U.S. bank showed that, compared to customers in other sectors, bank customers are more likely to leave a bank after experiencing fraudulent charges on an account – and they did so within 6 months. 

The Data Breaches and Customer Loyalty 2017 Survey by Gemalto reported that almost half of consumers worldwide are unlikely to do business with a firm that had experienced a data breach involving the loss of personal information.

It all makes for challenging times in the financial services industry, which is attacked 65% more often than any other sector according to research compiled by Shred-it.  

Furthermore, 2018 research showed that the average number of breaches per financial services firm has grown from 40 in 2012 to 125 in 2017. The sector is heavily-regulated and as a result, had the second highest per capita cost of a data breach at $206.

While theft of information and money are bad enough, the loss of customer loyalty impacts financial services companies more than any other sector. Cyber attacks have led to one of the highest customer churn rates of 6.1%, according to Ponemon.

With all the press about data breaches, it would seem logical that bank customers would do everything they could to protect themselves against data thieves. But according to Gemalto, almost two-thirds of consumers feel that businesses should be the ones responsible for data security, and many do not take advantage of security measures made available by banks such as two factor authentication for social media accounts and smart password advice.

What can financial organizations do to protect their workplace and customers? Here are 3 important information security strategies identified by Shred-it.

  • Build a total security culture. The shift towards security has to start at the top with a commitment to high-security strategic thinking by the C-Suite. This should be supported throughout the workplace with transparent security policies, processes and values, and on-going security awareness training. Bank customers should be made aware of security strategies and culture.
  • Identify all the areas of information risk. Conduct a security risk assessment of the workplace to identify risks to data. A recent paper showed the common areas of risk in the financial sector range from negligent employees, third-party partners and malicious insiders to different types of cyber attacks, financial malware, and dated equipment. Put a plan in place to mitigate risks, and create an information security strategy that keeps all data secure.  
  • Implement secure workplace policies. Employees throughout the organization should protect confidential information as part of their job. Implement policies like a Shred-it All Policy and a Clean Desk Policy to provide a practical framework for the workforce to follow. Also, partner with a professional document destruction company that has a secure chain of custody for paper and digital data destruction.  

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.