Almost five and a half billion privacy breaches since 2005 that have contained sensitive data as customer credit card or social security numbers. That’s quite a lot of potential identity theft. So what do you do?
The tips below are geared to protect small businesses, but the practices can easily be implemented by individuals who deal with documents containing their own personal and family information.
1. Implement a document management program.
-This may mean identifying what sensitive information you have, what its used for and where is resides.
-training staff on responsible information handling practices, including a retention time and shredding schedule.
-restricting co-worker access and unnecessary duplication
-encrypting sensitive data
2. Use Secure Sockets Layer (SSL) or a similarly secure connection for receiving or transmitting credit card information and other sensitive financial data. If you accept payments online, it may cost more to use the big guys like Yahoo and Paypal for e commerce, but the added security your customers feel during check out may be well worth it
3. Do double background checks on all new employees.
4. Institute a good privacy policy that is easy to understand by both employees and customers
5. Make sure you use a stable firewall and secure wireless connection
6. Make sure all downloads are scanned for viruses and Do not allow employees to download non company related downloads
7. Protect sensitive data with strong rotating passwords.
8. Make sure filing cabinets have locks
9. Make shredding easy by placing shredders around the office in strategic locations
10. Be careful where you use laptops and particularity where you leave them. If you are carrying extra sensitive information on your lap top, consider installing tracking software for it.
11. Consider keeping sensitive documents off site
12. Clear data from computers before disposing of them. Just because you wipe a hard drive does not mean the data cannot be retrieved. If when you erase a file from a hard drive, your computer simply reads the data as “writable” until the data is over written, it is technically still there.
13. Consider installing surveillance cameras, to help identify when people enter into sensitive document restricted areas