Common workplace practices putting SMEs at risk of fraud

By working with a document destruction partner that also recycles all destroyed paper, businesses can be secured from fraud and sustainable by shredding all documents prior to recycling.

Unsecure practices in the workplace put the confidential information of company customers and employees at risk and may contribute to identity theft, a growing concern in Australia costing the economy around $1.6 billion every year, according to the Australian Bureau of Statistics. Human error by an employee is seen by almost half of small-business owners (46 per cent) and over a third of C-Suite executives (38 per cent) as the biggest security risk in terms of a data breach.* Businesses therefore have a responsibility to review internal practices to mitigate the risk of fraud caused by a data breach as part of the fight against identity fraud in Australia.

Customers and employees want to know that their information is protected by Australian businesses. There is a strong correlation between poor data security practices and data breaches therefore businesses must address the vulnerabilities in their workplaces if they are to mitigate the risk of both breaches and fraud.

We are calling on all organisations to not only address vulnerable areas in the workplace but to do the same for their vendor supply chain, including shredding and document destruction vendors, to make sure that they are operating in a secure manner. In particular, while more than half of all businesses (59 per cent) that work with external document destruction vendors say they do because it is more secure than the alternatives,* many organisations are still putting themselves at risk if they do not audit their service provider’s security practices.

Likewise, companies cannot afford to rely on destruction suppliers who are secure only in name but not in action. This International Fraud Awareness Week, we’re calling on businesses to challenge not only their information destruction partners but all of their suppliers to demonstrate what processes they have in place to make sure that information is adequately protected throughout the supply chain.

Businesses are advised to use International Fraud Awareness Week as an opportunity to review data security practices, both internally and with external vendors. Here are some of the most common risk areas for security breaches in the workplace,15 and how best to avoid them:

  1. Printer stations. Clear abandoned documents from the printer area regularly and encourage staff to collect any documents sent to print immediately – or even better, implement a pin code system so employees have to input a code before their print job can be completed. Confidential documents left exposed in unsecure print areas can prove a huge risk for a company’s security.
  2. Work areas. Messy desks where confidential information is left out for everyone to see and is not securely stored away can cause a security breach. Ensure that a Clean Desk Policy – where information is locked away when the desk is not being actively used – is in place and that it is enforced.
  3. Recycling bins: Disposing of confidential information in unsecure recycling bins puts your data at risk of falling into the wrong hands. By working with a document destruction partner that also recycles all destroyed paper, businesses can be secured from fraud and sustainable by shredding all documents prior to recycling.
  4. Portable devices: Devices such as laptops, smart phones and tablets are great for the modern working office but they can pose a huge risk if they were to fall into the wrong hands. Ensure devices are password-protected and encrypted and encourage staff to only take them out of the office when absolutely necessary. Don’t forget to securely destroy electronic devices at the end of their useful lifecycle.
  5. Bring your own device (BYOD) to work. BYOD can greatly increase the risk of a data security breach as the security on personal devices is not always adequate. Ensure that where possible, work devices are provided to staff, and should this not be possible, guidance is provided to staff on how to protect business information on their personal devices.

As part of the International Fraud Awareness Week, we have provided a quiz on where businesses can evaluate their fraud risk knowledge, and gain a better understanding of areas where improvements are needed. You can complete the quiz at: www.shredit.com.au/en-au/resource-centre/newsletters/shred-it-fraud-risk-quiz.

*www.shredit.com.au/en-au/resource-centre/infographics/security-tracker-2016

Tom Bell, Country Manager, Shred-it Australia

No comments | be the first to comment

Comment Manually

Read more

x

SUBSCRIBE
FREE NEWS BRIEFS Get breaking news delivered

banner