When thinking about how to protect employees from identity theft, you’re likely thinking first about how they can be cautious around ATM machines, on social media, while doing online shopping and when checking their financial accounts. But what about at their desk?
A previous post discussed the impact around “familiar fraud” and what happens when someone you know is the identity thief. These incidents may involve friends and family members, or even someone in the cubicle right next to them..
According to the Society for Human Resource Management, 30 to 50 percent of identity theft originates at work. Not only are your employees vulnerable to in-office issues, but data breaches and spear phishing can present risks as well.
In a healthy work environment, there’s trust and camaraderie built among team members, but what employees should also be mindful of is that other people may sit at their desk or use their office including freelancers, consultants, interns, potential hires, repair personnel, and housekeeping employees. In terms of computer and data system access, the list could encompass clients, advisors, remote IT support, salespeople and contractors.
With the annual dedication of October as National Cyber Security Month, there’s a theme each week around keeping your identity safe, and here are some tips around Creating a Culture of Cyber Security at Work:
- Encourage employees to lock up your personal information.Make sure purses, bags, wallets and smartphones are always secured, even if just running to the kitchen for another caffeine boost. A thief could take identification in that moment, and your employee(s)may not realize it until the end of the day. Even worse, the thief could copy the information and then replace belongings, which would be realized until an identity theft incident occurred.
- Be aware of insecure filing systems.Especially in smaller companies, long-term file storage might be in a little-traveled hallway or a room in the basement. That may be fine for non-sensitive documents, but if there are HR files with identity information, it’s a problem. Filing cabinet locks are rarely heavy-duty, so ensure that you speak with your head of HR about a more secure filing solution or at least about locating employee records in a safer spot.
- Surf and email cautiously.While it’s tempting for employees to get caught up in banking or paying your bills during lunch hours, encourage them to resist the urge. Most companies have security plans in place, but data breaches happen all the time. And when a company is targeted, a thief will capture as much from the system as possible, including emails, Web transactions and personal data stored on hard drives. Play it safe and separate the personal from the professional.
- Be alert.Spear phishing attempts, which can target an entire company, are becoming increasingly common, especially as employees try to process emails as quickly as possible. These messages can look like they come from a legitimate company but contain malware embedded in attachments and links. Your company may have email security in place, but don’t assume those filters catch everything, so educating your employees on best practices is essential.
How does identity theft happen? In countless ways, courtesy of a variety of potential thieves. But putting the right protections in place and staying aware of the risks can be helpful in protecting identity — at work and everywhere else.