As International Fraud Awareness Week approaches (November 7 – 13), financial services organizations are being warned of the need to protect themselves from the growing threat of employee fraud.

Approximately 36% of security breaches reported originated within companies, according to a 2009 TELUS and Rotman study. The joint study on Canadian IT security by TELUS Security Labs and the Rotman School of Management study showed that unauthorized access to information by employees is up by an alarming 112% and is the fastest-growing breach category.

Despite these statistics, Toronto-based information security company Shred-it Canada Corporation Inc. says its own research shows that just 1% of business operators rate employee fraud as their top security concern.

“It’s clear from our research that there is a disconnect between the perceived risk of employee fraud and the reality,” says Michael Collins, vice president sales, Shred-it Canada.

“While the mechanics of identity theft and fraud are often associated with external sources, insider access to sensitive data, including employee records, is a key organizational security concern, potentially leading to identity theft and fraud. International Fraud Awareness Week is an ideal time to highlight these risks to organizations and encourage financial services organizations to be increasingly vigilant when it comes to securing loopholes in organizational security strategies.”

In support of the weeklong campaign, Shred-it offers the following quick tips for organizations wanting to protect the security of employee information and eliminate the potential for identify theft and fraud:

> Make sure you have formal information security policies in place; train your employees to know the policies well and follow them rigorously.

> Limit the number of people who handle confidential documents. Be careful when hiring new employees. Perform full reference checks and, where warranted, ask your new hires to sign confidentiality agreements.

> Demonstrate a top-management commitment to the total security of your business and customer information.

> Conduct a security audit of your organization.

> Adopt a shred-all policy making sure all paper documents are securely destroyed on a regular basis

> Outsource document destruction to reliable vendors, whose methodology ensures total security of the document disposal process.

IE