You might assume that data security is high on agendas, yet many businesses appear to be some distance from having the right safeguards to keep their most private information out of the wrong hands.
An alarming number are taking big risks when it comes to workplace confidentiality, with Fellowes’ Keep it Confidential campaign, which runs this September, revealing some scary statistics about companies’ abilities to keep their data under lock and key.
One experiment conducted with 3M has revealed that nearly half of undercover ‘workers’ sent in to spy on their unwitting colleagues, with the permission of the businesses concerned, were able to view or photograph confidential information within 15 minutes of entering an office.
Whether they are aware of it or not, lapses in protecting sensitive information can cost any organisation dearly, not just in terms of regulatory fines, but in lost customers, an erosion of trust, a diminished reputation and the resulting breakdown of commercial and working relationships.
Here are four of the biggest errors that businesses can make when it comes to confidentiality – and how to prevent them:
Failure to handle personal data properly
Fellowes’ research has revealed that only 52% of companies have policies in place to protect people’s identities and 54% of people are worried about their personal information being stolen.
Any business that handles personal information, such as names, addresses or credit card details, needs to understand the Data Protection Act 1998, because aside from the reputational risks of data leaking, failure to comply can incur penalties of up to £500,000.
A few basic requirements of the Act include only using personal data for the purpose specified, using it lawfully and not holding on to it for any longer than necessary for that purpose.
If you’re a reseller then ensuring your customers are aware of the Data Protection Act and have a policy in place to comply with it, is key.
Visual theft of confidential work data
As outlined in the below infographic from 3M, their ‘visual hacking’ experiment shows that open plan offices and unattended computer screens can quickly expose companies to data theft.
In every trial run, an average of five pieces of private information were obtained, with undercover ‘spies’ able to take 53% of confidential information from computer screens and use smartphone cameras to take a photo of screen images in a matter of seconds:
Staff awareness is critical to combating this potential risk. A policy of never leaving desks without putting screens into password protected, screensaver mode is one step, as is keeping all confidential documents in a locked drawer and not out on desk tops.
Resellers should educate end users about privacy filters. These can be used on any screen, enabling only the direct viewer to see the screen contents when working at close range.
Remote working without safeguards
Reports show that around 67% of employees now work from a non-office location at times. In this mobile, remote working age, that equates to many thousands of devices and confidential paper documents being taken away from the office.
With 39% of employees admitting that they do not shred work documents when working remotely, companies need to make confidentiality as vital when working remotely, as in the office.
The problem of data theft is real because 129,000 victims of ID fraud were recorded in 2013. Confidential data left in bins un-shredded is like an open invitation to many criminals, who often only need one or two pieces of information to get all they need to steal an identity or commit fraud.
As well as privacy filters for all screens, equipping remote and home office workers with small yet highly secure cross cut shredders could be an invaluable investment. Cross cut shredders are recommended by the Home Office, police and many security groups because they can shred an A4 sheet into as many as 410 pieces.
Leaving a paper trail
We are either a trusting – or a careless – nation of workers if our handling of confidential paper documents is anything to go by.
Fellowes’ research revealed that 49% of people have seen confidential documents on a printer at some point, with 27% admitting they have left papers on a fax machine, photocopier or scanner. Another 11% are guilty of leaving confidential items on desks or in meeting rooms.
Shredding anything that is no longer needed, as soon as possible, rather than throwing it in the bin, should become a mantra. It makes sense to equip all staff handling sensitive data with desk side shredders, particularly in the case of HR and finance departments.
Resellers should carry out shredder audits, checking that departments are adequately provided for and that the shredders in use meet security standards. The need for shredder oil and shredder waste bags should be included in these assessments.
For more information on products to support data security, in and out of the workplace, please visit www.voweurope.com