  |
 |
|
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: | ||
 |
|
INSIDERS: SECURITY RISK NO. 1Source: GovInfo SecurityPosted on January 20, 2012 When a 17-year-old McDonald's employee is able to pull off a $13,000 credit-card scam, we should all step back and take notice. News this week about a former drive-thru employee at a McDonald's in Olympia, Wash., who was busted for skimming patrons' card details, hammers the reality that insiders are always our greatest security risks. Businesses just make it too easy for employees to commit fraud. Organizations get too comfortable, and they forget about checks and balances. No one wants to think a member of the team could steal from the company, or worse, from a customer or client. But it happens, as the teenaged McDonald's employee so quickly proved. Let's also not forget that internal fraud can be unintentional. Sometimes, employees just make mistakes. The Social Security number breach at Wells Fargo comes to mind. The privacy breach has spurred attention from the Connecticut attorney general, who's asked Wells executives to explain why the bank released Social Security numbers in copies of subpoenas it mailed to state officials and customers named in the subpoenas. Wells has been very apologetic. But the damage is done. So what steps could Wells and McDonald's have taken to avoid the internal hiccups that resulted in massive customer privacy breaches? An employer can't monitor the actions of every staff member 24/7. But basic policies and procedures that clearly define what is acceptable could have made a big difference. Internal policies about security and the need for corporate and client or customer privacy are critical. Employees often don't understand or appreciate how and when a customer's identity can be compromised, or a corporation's internal systems can be breached. Employee education is paramount. Most employees want to do the right thing; they just need to be told how. Clearly written policies and procedures set expectations, and establish a culture of high standards. It takes more than technology. Organizations need employees monitoring each other. Well thought-out policies ensure staff members feel comfortable blowing the whistle when they see another employee bucking the rules. With a little forward thinking, most of the internal breaches from which businesses suffer today could be thwarted, or at least severely diverted before massive financial and reputational casualties result.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
|
ALERT  WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |