The Physical Security of Information Your Business Stores

Do not forget the old fashion way of stealing personally identifying information of your customers and employees – the paper records.

Keep paper documents containing non-public identifying information in a locked cabinet and/or locked room. Limit access to employees with a business need. Control the number of keys and who has a key. I-9s, Job Applications, Payroll records and your copy of credit card receipts need to be lockup.

If the document is not being used, employees need to re-lock up the document. Documents with Non-Public Information should not be left on desks while the employee are away from their work area.

Have a ‘clean desk’ policy regarding documents with sensitive information. Require employees to put the documents away, lock the filing cabinets and office doors at the end of the day (and during lunch).

Control access to the building. Employees need to report unfamiliar persons in the building.

Limit access to offsite storage facilities. Know who has access to your documents. Get a copy of the storage companies security policy.

Catalog documents shipped by third party shippers and always use tracking numbers.

Destroy documents containing sensitive information using a method that makes them unreadable.

Do not become the victim of a dumpster diver – lock it and destroy it.

About Bruce Demarest

Bruce Demarest is a Identity Theft Protection Specialist. He has designed and taught classes to educate individuals and businesses in identity theft risk management. The individuals have learned how to continuously monitor their financial identities from credit fraud, plus how to monitor their personal identifying information for unauthorized use. His business clients have become compliant with the federal & state privacy laws. He has conducted information security audits to identify their potential problems and has designed security policies, programs, and practices to address those problem areas.
This entry was posted in Business Identity Theft, Identity Theft Protection and tagged , , , , , , , , . Bookmark the permalink.

1 Response to The Physical Security of Information Your Business Stores

  1. Pingback: Business Culture of Security: Do you audit your vendors? | Bruce Demarest Creating Cultures of Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s