Lawyers urged to prioritise better workplace practices
Australian legal professionals have been called upon to review their workplace information security practices or risk huge financial and reputational damage.
Speaking ahead of International Fraud Awareness Week, which runs from 13 to 19 November, Tom Bell, country manager for Shred-it Australia, said lawyers across the country need to be aware that unsecure practices in the workplace are putting the confidential information of their customers and employees at risk.
Mr Bell said unsecure workplace practices are greatly contributing to identity theft and causing huge damage.
“Customers and employees want to know that their information is protected by Australian organisations,” he said.
“There is a strong correlation between poor data security practices and data breaches. Therefore businesses must address the vulnerabilities in their workplaces if they are to mitigate the risk of both breaches and fraud.”
According to the Australian Bureau of Statistics, identity theft costs the Australian economy approximately $1.6 billion every year.
Mr Bell said this furthers the case for legal professionals to make sure they have adequate protection measures in place.
“Companies cannot afford to rely on destruction suppliers who are secure only in name but not in action,” he said.
“This International Fraud Awareness Week, we’re calling on Australian businesses to challenge not only their information destruction partners but all of their suppliers to demonstrate what processes they have in place to make sure that information is adequately protected throughout the supply chain.”
According to Mr Bell, Shred-it has identified some of the most common risk areas for security breaches in the workplace and how best to avoid them.
The first, he said, is the use of printer stations.
“Clear abandoned documents from the printer area regularly and encourage staff to collect any documents sent to print immediately. Or even better, implement a pin code system so employees have to input a code before their print job can be completed,” Mr Bell said.
“Confidential documents left exposed in unsecure print areas can prove a huge risk for a company’s security.”
Mr Bell said the second common risk area for security breaches is work areas.
“Messy desks where confidential information is left out for everyone to see and is not securely stored away can cause a security breach,” he said.
“Ensure that a clean desk policy, where information is locked away when the desk is not being actively used, is in place and that it is enforced.”
Unsecure recycling bins are another area of concern, according to Mr Bell.
“Disposing of confidential information in unsecure recycling bins puts your data at risk of falling into the wrong hands,” he said.
“By working with a document destruction partner that also recycles all destroyed paper, businesses can be secure and sustainable by shredding all documents prior to recycling.”
Lastly, Mr Bell said the use of portable devices can also add to the risk of security breaches.
“Devices such as laptops, smart phones and tablets are great for the modern working office but they can pose a huge risk if they were to fall into the wrong hands,” he said.
“Ensure devices are password-protected and encrypted and encourage staff to only take them out of the office when absolutely necessary. Don’t forget to securely destroy electronic devices at the end of their useful life cycle.
“[Bringing your own device to work] can greatly increase the risk of a data security breach as the security on personal devices is not always adequate. Ensure that, where possible, work devices are provided to staff, and should this not be possible, guidance is provided to staff on how to protect business information on their personal devices.”