3 Things Your Employees Should Know About Information Security
Information Security begins with your employees. It’s important not to take for granted what they know or don’t know. Here we discuss three things your employees should know about protecting your corporate data.
1. Information security benefits the employer and the employee
By understanding how information security benefits them personally, your employees are more likely to protect your company’s information. Even if your company has tight network security, hackers can still gain access to your information through employee negligence or lack of awareness.
In social networking attacks, personal information widely available on social networks such as Facebook, LinkedIn, etc. is used to craft seemingly genuine emails that actually contain viruses, malware or phishing schemes. When opened or answered, personal information belonging to employees and sensitive corporate data can be compromised. Therefore, it’s crucial to provide your employees with information security best practices such as:
- Identifying suspicious emails
- Sharing and transmitting personal information
- Using personal devices in the workplace
When your employees see their potential role in privacy breaches and have the tools avoid it, they are far more likely to practice stronger information security behaviors while at work.
2. Information security includes protecting paper records, files & documents
According to a 2013 study by the Identity Theft Resource Council (ITRC), hacking is the number one method used for data breaches. However, although data breaches involving paper records are less frequent, hard copy documents and files can still be compromised. As a result, provide your employees with a policy for handling and storing paper records.
There are some basics to remember for keeping files secure at all times:
- Never leave files unattended on desktops
- After use, immediately return files to their secure storage area
- When documents are no longer needed, promptly destroy them
A professional records service streamlines access and retrieval for your employees and offers a verifiable process for storing and destroying paper records. Documents are stored off site at a commercial records center and barcoded for tracking. When requested, files are delivered directly to the requesting employee. Similarly, after use, the file is picked up and delivered back to the records center for secure storage.
Shred collection containers can also be placed in your office to encourage prompt and secure disposal of confidential paperwork. On a scheduled or as-needed basis, the contents are collected and either destroyed onsite or transported offsite for secure shredding.
3. Information Security is the Law
For businesses, information security is a legal responsibility. So your employees should understand the basics of any state and federal privacy protection laws that apply to your industry. These may include the following:
- The Fair and Accurate Credit Transaction Act (FACTA)
- The Gramm-Leach-Bliley Act (GLB)
- The Health Insurance Portability and Accountability Act (HIPAA)
- The Sarbanes-Oxley Act
- California Senate Bill 1386
Teach your employees about the compliance standard for each applicable law and the penalties your company may face for negligence.
Your employees are the first line of defense for your confidential business information. Arm them with the right knowledge so you can protect your company’s information resources.
Pacific Records Management provides records and information management services for businesses throughout Fresno, Stockton, Sacramento, Modesto, and Napa and Solano Counties. For more information, please contact us by phone or complete the form on this page.