In this blog, we often point readers to the wealth of information avaialable at the Federal Trade Commission’s website. This week is another round highlighting five steps for businesses to protect personal information adapted from an article written by Lesley Fair, an attorney in the FTC’s Bureau of Consumer Protection who specializes in business compliance.
In the hands of an identity thief, the information in your filing cabinets and computer systerm a tools for draining bank accounts, opening bogus lines of credit, and going on the shopping spree of a lifetime — at the expense of your company, your employees, and the customers who trust you.
Many security breaches could be prevented by commonsense measures that cost companies next to nothing. Whether you work for a multinational powerhouse with branches around the world or a start-up based in a home office, a sound information security plan is built on these five key practices:
Take stock. Know what personal information you have in your files and on your computer. Understand how personal information moves into, through, and out of your business and who has access — or could have access to it.
Scale down. Keep only what you need for your business. That old business practice of holding on to every scrap of paper is “so 20th century.” These days, if you don’t have a legitimate business reason to have sensitive information in your files or on your computer, don’t keep it.
Lock it. Protect the information you keep. Be cognizant of physical security, electronic security, employee training, and the practices of your contractors and affiliates.
Pitch it. Properly dispose of what you no longer need. Make sure papers containing personal information are shredded, burned, or pulverized so they can’t be reconstructed by an identity thief.
Plan ahead. Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens.
All this information is captured in the FTC’s brochure: Protecting Personal Information: A Guide for Business at business.ftc.gov. It’s a great resource and it’s free.
For more information on secured on-site shredding service, visit hvshred.com