News

Companies don't look after personal data, say 90% of people

Ninety per cent of Britons do not believe the personal details that companies hold on them are safe, and nearly half do not think banks and retailers do enough to protect it.

This emerged from a survey for international insurance firm RSA as background for National Identity Fraud Prevention Week, which kicks off today.

The survey found that 56% of people are more concerned now about identity fraud and the security of their personal information than they were six months ago.

More worrying is the finding that more than 850,000 people in the UK have lost work documents or devices such as laptops or Blackberries in a public place. In the past year some 30 million names have been lost, the worst being the loss of CDs containing the details of 25 million child benefit account holders by HM Revenue & Customs.

Nine of 10 people disapprove of staff taking customers' personal information outside the office. They believe insiders are the greatest threat to the security of their personal data, the survey found. They believed staff either stole the information to commit fraud or did not dispose of it securely.

Desmond Cross, director of retail at RSA, said even small breaches could hurt a company's reputation. "With an increase in flexible, remote and mobile working and extended working hours, the line traditionally drawn between the office, home and public spaces is becoming increasingly blurred," he said. This meant the amount of personal information people can carry around has increased.

Cross said companies needed to educate staff to assess risks and stress the importance of keeping customer information confidential. "Don't allow compliance to take the place of judgement," he said. "The challenge is not for companies to issue protocols, but to get staff to think and act intelligently to reduce the risks."

He said companies should:

• Check staff references before they hire them

• Give staff secure shredding facilities to destroy confidential documents

• Educate staff about the risks of viewing sensitive data in a public space

• Enforce a clear-desk policy

• Have clear procedures for when sensitive customer data is lost

• Take secure back-ups


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy