Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.
Jan
10

15 Security Tips for Employees

By

Here are 15 time proven security tips that employees can do to protect your company from a data breach and your customers from identity theft.

TACTIC DESCRIPTION
1. Clean Desk
  • Don’t leave personal documents unattended on a desk
  • Don’t leave credit applications unattended on a desk
  • Don’t leave important company documents, strategies, designs, etc. unattended on a desk
2. Document storage
  • All documents with anyone’s personal information must be locked up in a file cabinet with limited access
  • All company sensitive documents must be locked up when not in use
3. Password Management
  • Don’t write passwords on notes and place them by the computer
  • Hiding passwords notes under keyboards, tissue boxes, blotters, etc. is not security
  • Don’t share your passwords with anyone and be careful of over the shoulder surfers
4. Clean out the wallet or purse
  • Remove any cards or information from your wallet or purse before travelling
  • Photocopy both the front and back of every card you carry and store them in a safe location
5. Social Engineering
  • Don’t give out phone numbers or other personal information of fellow employees to people you don’t know
  • If a caller sounds suspicious, ask them for their name, company name and phone number to call them back
  • Have a person tasked with security that other employees can contact and report incidents to
 6. Tailgating
  •  When unlocking security doors, don’t let other employees follow behind you
 7. Phishing and Spear Phishing
  • Beware of emails form people, even fellow employees or management asking you to send passwords or other sensitive information to them. Call and confirm first. 
 8. Car rental agreements
  •  Bring home the car rental agreements to dispose of by either shredding or submitting with your trip report
 9. Laptop computer security
  • Don’t leave laptop computers in any unattended car
  • Remove all valuables from the car before valet parking
  • Laptops stored in a car’s trunk is not secure
 10. Secure PDA’s and cell phones
  •  Password protect the PDA’s and cell phones with at least an eight-digit code
  • When upgrading to a new phone or PDA, physically destroy the old one. Don’t sell them on eBay
 11. Document disposal
  • Don’t place sensitive documents in the garbage or recycle bin. Shred Them!
  • Don’t throw a customer’s old credit report or application in the garbage or recycle bin
 12. Receptionist security training
  • Train the receptionist how to securely handle phone calls
  • Train receptinist how to securely admit visitors
  • Train receptionist how to securely admit employees who have forgotten their employee ID badge 
 13. Secure ID Badges
  • All employees should have photo ID badges that they must ware above their waist
  • Employees should not wear their employee badges out in public
  • Combine physical security and network security to the employee badge
  • While the military and government use color coding to denote security clearance levels, it may be useful within your company too 
 14. Know the privacy laws
  •  Employees need to understand the basic and intent of the different federal and state privacy protection laws (e.g. FACTA, GLB, HIPAA, SOX, CA SB-1386, PCI, etc.)
15. Purses and briefcase storage
  • Employees should never leave their purses or brief cases unattended and unsecured. Find a cabinet or drawer to lock them in

 

Categories : Employee Security

Comments are closed.

FLEXCAP
SiteLock