Identity Theft in the Workplace

Workplace Negligence Fuels Identity Theft Epidemic

What is the fastest growing crime in America? Identity theft. In fact, one out of twenty-five adults will become a victim of identity theft. Why? Today, almost every bit of information related to an individual is entered into a computer system and accessible one way or another via the Internet. As more and more transactions and private correspondence take place in cyberspace, the more information becomes readily available to steal.

Out of an estimated 210 million Internet users in the United States today, only 1% have adequate security.  This is great news for identity thieves since this type of crime is considered low risk/high reward. To these types of criminals, the possibilities are endless. But, the reason why it has become such an epidemic is surprising. Identify theft is usually not perpetrated by an unknown hacker, but negligence in the workplace.

Carelessness at Work

The main reason identity theft is the fastest growing crime is a direct result of the digitized workplace. Back in the day when personnel files and financial data were gathered and filed as actual physical files, it took an office “break-in” for a criminal to obtain sensitive information for criminal use. In today’s technological world, the cybercriminal can access data from anywhere in the world, at any time. This means anyone can be a target, especially professional organizations that gather and store sensitive information.

There are two main ways the workplace exposes itself to identity theft:

  1. Lack of security policies and procedures
  2. Low-level employees with too much access

Ninety percent of workplace identity theft involves payroll or employment records. Ten percent of stolen data comes from customer records. More than half of these security breaches are caused by internal company errors involving:

  • Accidentally placing personally identifiable data online
  • Missing office equipment
  • Lost backup files

Hacker involvement is only responsible for 31% of identity theft crimes, so a company or organization storing personal data is usually the responsible party.

Minimizing Risk in the Workplace

The good news is there are ways to ensure careless actions do not expose data under a company’s care to unlawful parties. Listed below are ways to prevent personal data from becoming available to criminals either working inside the company or total strangers who stumble upon information due to carelessness.

  • Monitor part-time or contracted data entry employees by giving them limited access to company or customer records
  • Encrypt sensitive data (i.e. social security numbers, credit card numbers) once they are entered in the organization’s system(s)
  • Establish data disposal policies and procedures
  • Always shred sensitive documents with either personal or financial information
  • Train employees to never access company files over free Wi-Fi (aka “Evil Twin Attack”) or any unsecured connection to the Internet
  • When getting new computer equipment, dispose/recycle/donate used computer equipment properly via companies that will delete the hard drive or thoroughly overwrite sensitive files

The most effective way to prevent identity theft starts in the workplace. By being vigilant with proper security policies and procedures for access and disposal of sensitive data, the workplace can minimize the fuel of information to the identity thief.

SACS Consulting Can Train Your Organization to Minimize Data Breaches

Don’t wait until your organization or one of your customers becomes the victim of identity theft due to your negligence. SACS Consulting & Investigative Services, Inc. can help establish policies and procedures and train employees how to properly access and deal with sensitive data in workplace. Call us at 330-255-1101 to speak with one of our training professionals about our Identity Theft Training today!

Tagged , , , , , .