business identity theft: a real threat to u.s. companies€¦ · business identity theft: a real...
TRANSCRIPT
Business Identity Theft: A Real
Threat to U.S. Companies
In this Issue
•Whatlawsprotectyou?
•Howisyourinformationstolen?
•Howcanyouprotectyourbusinessidentity?
•Requestyourfreesecurityconsultation
800.697.4733 | shredit.com
For organizations of all sizes, preventing fraud is better than dealing with the tough consequences. In this issue we will discuss the growing threat of identity crimes directed against businesses and the legal response from the U.S. government.
According to the 2011 Annual Report on Consumer Fraud, identity theft was the leading fraudcomplaint for the 11th consecutive year. Recent researchby Javelin Strategy shows that nearly 12millionAmericanswerevictimsofidentitytheftin2011,anincreaseof13percentover20101.
As identity theft continues to be the fastest growing formof consumer fraud, government bodieshavemade theprotectionofpersonal information apriority.However, agrowing trend isprovingthatit’snotjustcustomerdatathatthievesareafter.Fraudstersarenowobtaininginformationaboutcompaniesandassumingtheirbusinessidentitiesinordertostealcompanyassets,clientlistsandcreditinformationorsecurenewbusinessrelationshipsandpayments.U.S.companies,largeandsmall,arevulnerabletobreachesindatasecurityandriskfinancialdamagesandreputationallossesresultingfrombusinessidentitytheft.
1 http://www.reuters.com/article/2012/02/22/idtheft-javelin-idUSL2E8DM1WJ20120222?utm_source=twitterfeed&utm_medium=twitter
800.697.4733 | shredit.com
Identitythievescanbethird-parties,employees,competitorsandeven suppliers – and they are using increasingly sophisticatedmeasurestostealconfidentialbusinessdataandcommitbusinessidentityfraud.
Withalltherisksassociatedwithdatabreaches,whydon’tmorebusiness owners report the theft of company information? Insomecases,largecompaniesdon’tnoticesmallbreachesintheirdata security structures until after fraud has been committed.Medium-sized and small businesses owners often don’t reportinformationbreachesbecausetheybelievethattheiroperationswouldbeadverselyaffectedifthebreachwerepublicized.
What laws protect you?
TheIdentityTheftandAssumptionDeterrenceActof1998(IdentityTheftAct)wasinstitutedbytheU.S. government to address the growingproblemof identity theft. Specifically, the Actmade it afederalcrimetotransferorusesomeoneelse’sidentificationtocommitoraidacriminalactinviolationofFederal,state,orlocallaws.
Furthermore,theRedFlagsRuleisasetofUnitedStatesfederalregulationsthatrequirecertainbusinessesandorganizationstodevelopandimplementdocumentedplanstoprotectconsumersfromidentitytheft.
AnycreditororfinancialinstitutionthatallowscoveredaccountsmustimplementaprogramforRedFlagsRule.Withthat,theRedFlagsRulewaswrittenintoFACTAtoensurethatfinancialinstitutionsandcreditorshaveawrittenidentitytheftpolicyandprocedure2.Anamendmenttotherule,in2010,expanded the definition of institutions thatmust comply to include any business that has accessto consumer credit reports,provides informationabout consumers to credit reportingagencies,oradvancesfundstoorfromsomeone.TheU.S.governmenthelpsprotectbusinessesbyhelpingthemtoguardagainstdatabreaches.Bycomplyingwithconsumerlaws,businessesareprotectingthemselves.
2 http://www.idtheft.gov/reports/VolumeII.pdf
800.697.4733 | shredit.com
How is your information stolen?
Theftofpaperdocumentsandelectronicdataoccursinmanyforms,fromdumpster-divingtohackingintocompanynetworks.Often,fraudiscommittedwhenfilesareleftoutintheopenandvisitorsareabletosteal,copyorsnapaphotoofinformationthatshouldbekeptconfidential.Furthermore,someorganizationsdonottakeproperstepstosecurelydestroytheirprivatedata.
Thegrowingmobileworkforceandshift tocloudcomputingare leavingorganizations increasinglyvulnerabletoelectronicsecuritybreachesandthetheftofsensitivebusinessdataonline.Thenumberofpeoplewhoseinformationwasaccessedinadatabreachincreasedby67percentin20113.
How can you protect your business identity?
Considerhowidentitythievesarestealingtheinformationrequiredtoassumeacompany’sidentityandtakestepstopreventit.Herearesometipstohelpyouwardofffraudsters:
•Preventionisthebestprotection.Insteadofjustdealingwithidentitytheftasitoccurs,developpreventativeapproachesthatarestrategic,integratedandlong-term,suchaseliminatingsecurityrisksatthesourceandcarefullymonitoringandrestrictingaccesstoinformation.
•Develop internal policies and protocols that mandate secure document storage and disposalpractices.
•Shredeverythingonaregularbasis.Byimplementing“shredall”policies,youavoidtherisksofhumanerrororpoorjudgmentaboutwhatneedstobeshredded.
•Createacultureofsecuritybyeducatingemployeesoninformationsecuritybestpractices.
•Shredusingaprofessional service. It’s theonlyway toensure thereareno security loopholesanywhereintheprocess.
•Ensureyourelectronicdataisprotectedbysecurelyandsafelydestroyingyourharddrivesandphotocopier.
3 http://www.reuters.com/article/2012/02/22/idtheft-javelin-idUSL2E8DM1WJ20120222?utm_source=twitterfeed&utm_medium=twitter
About Shred-it
Shred-itisaworld-leadinginformationsecuritycompanyprovidingdocumentdestructionservicesthatensurethe securityand integrityofourcustomers’private information.Thecompanyoperates140branches in16countriesworldwide, servicingover150,000global,nationaland localbusinesses, including theworld’s topintelligenceandsecurityagencies,morethan500policeforces,1,500hospitals,8,500bankbranchesand1,200universitiesandcolleges.
Your FREE Security Consultation
Toconductyourownsecurityself-assessment,Shred-ithasdevelopedanonlinesurveytohelpbusinessesbetterunderstandsecuritygapsontheirwebsiteatthefollowinglink:http://www.shredit.com/Shredding-Service/Risk-Assessment-Survey.aspx
TolearnmoreaboutShred-itservicesortobookyourFREEsecurityassessment,visitwww.shredit.com
YoucanalsovisitShred-itonFacebookorfollowusonTwitterat@Shredit.
800.697.4733 | shredit.com