HOME
NEWS

The 2019 Guide to Prevent Identity Theft in a Corporate Environment


By VARINDIA - 2018-11-16
The 2019 Guide to Prevent Identity Theft in a Corporate Environment

Farrhad Acidwalla, technology and media entrepreneur, founder of CYBERNETIV - Forward Thinking Cyber Security and Research, illustrates the strategies to prevent identity theft in a corporate environment.

 

Theft is probably as ancient as humanity itself and many of its forms have unfolded and evolved over the centuries. With the advent of modern-day technology, criminals across the globe have taken several deceptive twists which call for the redefining of our approach to security, which very often can turn out to be an illusion.

 

In the digital world, a thief can simply copy out data rather than stealing the entire storage device. The same goes for identity in a workplace; all an impersonator needs to get access to vital personal details of another user is to start operating with the same privilege as the victim. This privileged access allows the impersonator to potentially commit confidential corporate data theft which could lead to compromising identities, databases and trade secrets.

 

Bear in mind that identity theft can have serious consequences; if your information is used to commit a crime, the investigative authorities and security agencies will naturally label you as a possible suspect. The situation can lead to severe personal grief and damage. Although every individual has the obligation of protecting their identity, it is the responsibility of an organization to create an environment that restrains identity theft and fosters accountability in a workplace. Here are some strategies that organizations and individuals can use to prevent identity theft.

 

Identity and Access Management (IAM)

 

In an enterprise, employees, as well as customers, have access rights to data. The establishment of a clear-cut Identity and Access Management (IAM) policy for an organization is required for privileged access management, data management, and data security. Using various Identity and Access Management tools and security policies, administrators are able to manage, monitor and track individual users as well as grant or deny access to privileged information. Access is usually granted to users depending on their responsibility and authority. IAM is a significant instrument for enterprise security.


Password protect all Computers

 

Many organizations have the lackadaisical attitude of leaving computer units open without a password. As a result, any user can easily occupy a vacant system and impersonate the authorized user. All organizations should maintain system passwords and which must not be shared with unauthorized personnel and password policies should be in place. Computers must be locked every time the individual steps away.


Use an office surveillance system

 

Research has shown that the presence of surveillance cameras in a workplace instills a level of discipline. Because the staff knows that their actions may be under active watch or at least being recorded, which will potentially refrain malicious agents from attempting to gain access to unauthorized locations or using a vacant work PC without the right authorization.

 

Use biometric access systems

 

An organization can leverage biometric technology to automate identity theft prevention. These smart devices only need to have every staff registered once and access to various locations within the organization configured centrally. With this type of a system, it is (almost) impossible to use the access token of another staff for impersonation. Moreover, all access given is logged centrally and can be useful for accounting purposes.
 

Use Encrypted Email

 

The communication in a network environment can be intercepted and deciphered by malicious users, even sometimes when safeguards are in place. To avoid getting hacked from the network later, ensure that all email communications are sufficiency encrypted with the latest standards. These security tools use configurable policies to encrypt an email such that the message is only readable by the intended recipient of the email. If the message is intercepted along the way, the content becomes unreadable to the hacker.

 

Set Boundaries

 

There may be a number of employees in an organization, but each individual has unique responsibilities which give them access to different privileges. An organization should set physical boundaries regarding office areas for various departments and should group staff that share similar responsibilities. Moreover, locations, where critical data is stored, should be secure and completely out of bounds.

 

Prohibit the use of Personal Electronics at Work

 

With advancements in mobile and computing technology, it could be very easy for a person to steal data belonging to another user by simply scanning a QR code, or using a mobile app to scan a document. Besides putting an individual at risk, it can also place an entire organization in jeopardy. Organizations can prohibit the use of personal electronic devices within its premise to prevent this type of risk.

 

Shred Unwanted Documents

 

There are times when the printed document in an office comes out with mistakes, and there is a need for a reprint. At times, the superior officer makes corrections, and the document will have to be done all over again. It is important to shred all unwanted hardcopy documents before they are finally trashed. Leaving readable documents in the trash is risky, you can be divulging vital information from an organization unknowingly.

 

Destroy Data before Disposing of Digital Assets

 

We know that all organizations upgrade their IT assets from time to time. Naïve organizations may decide just to migrate content to the new computers and then dispose of or sell off the outdated hardware. However, simply formatting the storage devices is not enough to secure the content because these data can be recovered. The best route to take is to use either remove these storage devices and destroy them before disposing of the IT gadgets or use a software application such as DBAN to ensure the data are completely wiped off.
 

Provide locker space for every staff

 

Every staff carries personal items such as credit cards, bank cheques and driver’s license which contains critical personal information. The data on these items can be easily acquired by a malicious entity if it lies around inside bags or drawers. Providing a locker space for each staff in an organization can assist in keeping personal items safe.

 

Leave your Personal Life at Home

 

Employees should put a clear-cut demarcation between their personal life and work in an office environment. In this respect, restrict your personal financial transaction to your computer at home. Do not log in to your personal Facebook, Twitter or emails from the office computer. Restrict your actions at the office to your formal responsibilities, this is ethical, and you will also be safeguarding your personal information.

 

Education and Awareness
 

It is of utmost importance to educate employees on the dangers of identity theft in a corporate environment and how to prevent them. This may include putting employees through various scenarios involving identity theft and steps to take in situations where sensitive data has been compromised. Companies must take a proactive approach towards creating awareness and implement proper policies, procedures and controls in order to secure sensitive employee information.

 

Farrhad Acidwalla
Founder, Cybernetiv

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
Zscaler announces AI innovations to its Data Protection Platform
Technology

Zscaler announces AI innovations to its Data Protection Platform

by VARINDIA 2024-05-20
SHIELD to enhance Swiggy’s fraud prevention and detection capabilities
Technology

SHIELD to enhance Swiggy’s fraud prevention and detection capabilities

by VARINDIA 2024-05-20
Axis Communications announces its first thermometric camera designed for Zone/Division 2
Technology

Axis Communications announces its first thermometric camera designed for Zone/Division 2

by VARINDIA 2024-05-20
SOFTWARE
View All
Hitachi Vantara and Veeam announce Global Strategic Alliance
Technology

Hitachi Vantara and Veeam announce Global Strategic Alliance

by VARINDIA 2024-05-16
Adobe launches Acrobat AI Assistant for the Enterprise
Technology

Adobe launches Acrobat AI Assistant for the Enterprise

by VARINDIA 2024-05-11
Oracle Database 23ai offers the power of AI to Enterprise Data and Applications
Technology

Oracle Database 23ai offers the power of AI to Enterprise Data and Applications

by VARINDIA 2024-05-10
START - UP
View All
Data Subject Access Request is an integrated module within ID-REDACT®
Technology

Data Subject Access Request is an integrated module within ID-REDACT®

by VARINDIA 2024-04-30
SiMa.ai Secures $70M Funds from Maverick Capital
Technology

SiMa.ai Secures $70M Funds from Maverick Capital

by VARINDIA 2024-04-05
Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure
Technology

Sarvam AI collaborates with Microsoft to bring its Indic voice LLM to Azure

by VARINDIA 2024-02-08

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
GoDaddy harnesses AI power for new domain name recommendations

GoDaddy harnesses AI power for new domain name recommendations

by VARINDIA
UAE’s du Telecom selects STL as a strategic fibre partner

UAE’s du Telecom selects STL as a strategic fibre partner

by VARINDIA
JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

JLR and Dassault Systèmes extend partnership for All Vehicle Programs worldwide

by VARINDIA
Rapyder partners with AWS to accelerate Generative AI led innovation

Rapyder partners with AWS to accelerate Generative AI led innovation

by VARINDIA
ManageEngine integrates its SIEM solution with Constella Intelligence

ManageEngine integrates its SIEM solution with Constella Intelligence

by VARINDIA
Elastic replaces traditional SIEM game with AI-driven security analytics

Elastic replaces traditional SIEM game with AI-driven security analytics

by VARINDIA
Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

Infosys and ServiceNow to transform customer experiences with generative AI-powered solutions

by VARINDIA
Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

Crayon Software Experts India inaugurates its ISV Incubation Center in Kolkata

by VARINDIA
Dassault Systèmes to accelerate EV charging infrastructure development in India

Dassault Systèmes to accelerate EV charging infrastructure development in India

by VARINDIA
Tech Mahindra and Atento to deliver GenAI powered business transformation services

Tech Mahindra and Atento to deliver GenAI powered business transformation services

by VARINDIA