Control Risks launches new information security report

Walls have ears

‘Government Department loses confidential information’ has become such a commonplace it hardly merits a headline. Despite concerns about how our personal data is kept safe, Control Risks has produced a survey, which reveals that people have a surprisingly lax attitude to protecting personal information.

In a survey of over 1000 people, 60 per cent said that they have overheard someone giving away private information such as their bank account details on the phone in a public place or at work.
With people having such lax attitudes to their own sensitive information what can companies do to ensure that information is safe in the hands of their employees?

Despite having rock-solid firewalls and IT systems in place, the weakest link for a company is its employees - even if their intentions aren’t necessarily malicious. The survey reveals that almost a quarter of employees (24 per cent) have written down or told someone else their password, allowing others not only to access and download company information but also to potentially carry out fraud in another employee’s name. Other dangers include using someone else’s email to act maliciously and harass staff or downloading banned information from a website in the guise of another employee. (Control Risks has often been called in to employee tribunals to show how employees facing the sack may have been the victim of ‘identity theft’ at work and had their identity used for nefarious purposes).

In the last 20 years, changes in the way we can access information means 55 per cent of people interviewed say they could easily walk out of their office with data on a memory stick or CD. Recruitment agents, for example, could take away details of their clients and candidates, finance department staff could steal an entire database of financial information. Even if staff are taking work home perfectly innocently, information could disappear from their PCs through loss or theft of a memory stick. Moreover, working on company information at home exposes this information to software that is probably much more open to attack than a work computer. With protection systems much less rigorous on personal computers, staff could be unwittingly supplying competitors with
confidential information.

Click here for a full copy of the report