|
Oct 6 2008
Equifax, a leading ID fraud expert, is offering guidance to workers and their employers as National Identity Fraud Prevention Week aims to raise awareness of the risks of identity fraud in the workplace.
Despite the raised profile of the risks surrounding ID fraud, a recent survey conducted amongst Equifax customers* revealed that of those who are responsible for the personal data of fellow staff or customers, more than one in ten hadn’t had any formal training on how to keep it secure. And it’s not just firms that need to worry about the risk of ID fraud in the workplace.
The Equifax survey also revealed that over 1 in 5 access bank accounts and credit card details at work. This could put them at serious risk of ‘shoulder surfing’ where less honourable colleagues might see personal or private details and use them for their own gain. With a worrying 7% using the “remember me” setting on personal accounts on their PC at work, Equifax believes workers are taking unnecessary risks that could leave them seriously out of pocket.
“Workers can be lulled into a false sense of security when conducting personal transactions at work” confirmed Neil Munroe, External Affairs Director, Equifax. “Even if you think you know everyone you work with and you use log in passwords, etc, the potential for colleagues to find out usernames and passwords and use them to access your accounts is increased if some basic precautions aren’t taken. And this culture of data security needs to extend beyond the personal to the business, especially as our survey revealed that consumers are most concerned about ID fraud at 41%, compared to credit card fraud at 37% and online fraud at 14%.
“Organisations need to ensure that only key members of staff have access to sensitive documents as a means of securing data. And all those employees given that responsibility need to be properly trained to ensure information does not fall into the wrong hands. The reality is that organisations stand to lose a great deal in the wake of a data breach. Reputation can be severely damaged as customers lose confidence in companies that don’t take proper care of their personal data.
“Increased focus by the media, regulators and consumers, means the problem of data breaches isn’t going to disappear. ID fraud has become an immensely sophisticated and lucrative crime. The issue of personal data security, therefore, needs to come much higher up the agenda for all UK organisations.
“Data breaches can occur as a result of insider fraud, hacking or loss or theft of laptops and files. But no matter which way a data breach occurs, the consequences can be far-reaching. And with the regulators now sitting up and taking note, negative press could be the least of an organisation’s worries. “
Munroe concludes, “It’s clear that both organisations and individuals need to do more to protect the data in their possession, whether it’s their own or that of colleagues and customers. National Identity Fraud Prevention Week provides the ideal time for businesses and individuals to reflect on data security and think about ways to protect themselves from the threat of ID fraud.”
Equifax survey conducted amongst 590 customers, July 2008
Equifax’s top tips on preventing ID fraud in the workplace
For Workers
1 - Make sure you know who is around you when accessing personal bank or credit accounts
2 - Don’t use the same password for all your accounts – especially not your mother’s maiden name
3 - Don’t save passwords or PINs on files on your computer
4 - Don’t use the ‘Remember Me’ settings for account log-ins
5 - Use privacy settings on social networking sites
For Businesses
1 - Provide proper training for staff with access to sensitive data
2 - Limit the numbers of people who deal with personal data
3 - Put in place a strict document disposal policy to protect staff and the business from fraud
4 - Store sensitive documents in a safe place and limit access to key staff
5 - Shred all documents to protect customer and employee information
6 - Inform staff about the risks of corporate identity fraud
7 - Maintain an up-to-date firewall and anti-virus system
8 - Create a data breach procedure to minimise the impact and ensure proper communication with staff and customers
9 - Always check the identity of business and consumer customers
10 - Check registered details at Companies House to make sure they are correct and haven’t been fraudulently changed.
|
