Identity theft at work is just as feasible as it is at home. In 2011, 36 million Americans experienced a data breach; whether the data breach occurred at home or at work is unknown.
The number of U.S. data breaches tracked in 2016 hit an all-time record high according to a new report released today by the Identity Theft Resource Center (ITRC) and CyberScout (formerly IDT911). This represents a substantial hike of 40 percent over the near record high of 780 reported in 2015. This raises the question: are there actually more breaches or is it because more states are making this information publicly available?
One of the things we need to think about is how to protect your identity not only at home, but also at work. When we enter the office each day, we believe that our security is greater and have a tendency to let our guard down. However, we are just as much exposed at work as we are at home.
Here are a few ways to protect your identity from theft at work and at home:
Email scams
Email scams are not limited to personal email accounts, and very often target work email accounts. Because we spend most of our time at work, we have a tendency to use our work email accounts much more often than our personal email accounts. This opens us up for greater exposure and opportunity for the bad guys to capture our data and use it against us.
The rules should remain the same: if you receive email from someone unexpectedly, verify before opening any attachments or clicking on any links. Do not share your information with anyone that does not need to know it, and limit where you list your email accounts on social media sites.
Travel risks
When traveling for business, pay attention to the small details. Never use open Wi-Fi, be careful for shoulder surfers when using ATM machines, and limit when and if you need to take your laptop on a trip.
All too often we see individuals who have laptops stolen from hotel rooms, rental cars, restaurants and bars. They also have a tendency to put down their cell phones, which in today’s age are handheld computers holding massive amounts of private and corporate information.
Consider using security pin codes on cell phones to ensure no one can easily gain access to your work or personal phones. Ensure that all of your devices such as laptops, tablets etc. are password protected and have the appropriate software to protect against viruses.
Credit cards
Treat your corporate credit card as if it were your own.
- Run frequent checks on your credit history to see if there are any abnormal charges against your credit line, as the credit card is matched to your social security number.
- Never give out the number unless you can verify who you are providing that number to.
- Always ensure that you are using secure websites with the HTTPS symbol prior to providing your information.
Women in the office, in particular, are a great target for thieves. It’s important that if they bring their purses into work, they are secured in a locked desk. Otherwise, leaving their purse exposed can lead to it ending up in a contractor’s, cleaner’s or delivery personnel’s hands.
A quick visit to your office or cubicle can lead to quick and easy access to your most critical assets.
Social Media Sites
Sixty-eight percent of people list their birthday on social media sites; another forty-five percent of those individuals list the specific month, day and year.
A lot of organizations have set standards around whether employees can or cannot use social media websites such as Facebook and Twitter at work. If you do allow employees to use these sites, ensure there is some means to track usage and ensure they are following security protocols.
Shredding
Whether at work or at home, always use a shredder to destroy confidential and critical documents. Never throw credit card receipts, billing statements or anything that possesses any bank, credit, or personal information in the trash.
Dumpster diving is still a very profitable business and is used daily by criminals.
In addition, never place bills in your home mailbox or leave out on your desk to be picked up by anyone. These envelopes will have your account information and a check with all of your private banking information.
Digital data
Almost every device we use today stores data, which is a significant win for the bad guys. Prior to getting rid of older equipment, make sure you remove hard drives, memory sticks, thumb drives etc. Be sure to have a corporate policy that outlines how these should be recovered, destroyed or scrubbed prior to any equipment leaving a corporate facility.
CD’s and DVD’s can be broken in half or destroyed rather easily. Do not just place them in the trash for someone else to gather personal information. Some shredders are capable of destroying these as well – but check to be sure before putting them through a shredder.
Educate
Most organizations fall short when they stop educating employees beyond the initial welcome introduction. Identity theft, data breaches and fraud are growing. Organizations need to train and educate consistently.
Have a structured program where employees receive information regularly about how to protect themselves personally and professionally. If employees feel valued and informed, they are much more likely to use the same protections at work as they would at home. Getting them to buy into these good habits can have a major impact on how they treat your information while at work.
If we can be of assistance from a training perspective, please reach out and let us know.