When surveyed 90% of people in the UK believed that important personal information held by companies such as banks, retailers and online auction sites is not completely secure, whilst 46% of adults in the UK believed banks and retailers are not doing enough to protect personal data. Possibly following recent high profile cases of data loss 56% are more concerned now about identity fraud and the security of their personal information than they were six months ago.
The findings also revealed that people are becoming increasingly worried about the security of their personal information and the threat of ID fraud, and perhaps there is cause for worry. The research showed that over 868,000 people in the UK have accidentally left work documents or devices such as a laptop or Blackberry in a public place or on public transport.
The survey also revealed that people believe that actions by company employees pose the greatest threat to their personal information. The chief concern was carelessness by company employees when disposing of confidential information, followed by a fear of fraud being committed by members of staff. Third, in order of concern, was weak management leading to insufficient checks on the actions of staff.
Commenting on the research, Desmond Cross, Director of Retail at RSA, said: "Companies must act immediately to address the concerns of their customers by managing risk in all areas of their business. Even seemingly ‘small' breaches in customer confidentiality can lead to widespread concern - and can have a massive impact on the company's reputation, and on the reputation of their industry as a whole.
"This research shows that companies need to think smartly about engaging employees in managing customer sensitive data. Particularly concerning is employees exposing customer sensitive data in public. With an increase in flexible, remote and mobile working and extended working hours, the line traditionally drawn between the office, home and public spaces is becoming increasingly blurred. Technological advances in the last decade mean that the sheer amount of information people can carry around has increased exponentially."
Top 5 tips for consumers to avoid becoming a victim:
When asked to reveal any personal identifying information, such as bank details, make sure you know how it will be used, if it will be shared and who you are giving the information to. Be wary of anyone that could be listening in or looking over your shoulder.
Try not to carry too many personal identification information and cards around with you, and you should never note down pins or passwords.
Keep an eye on your credit report with all three credit reference agencies, i.e. Experian, Equifax and CallCredit. If you do find an error, no matter how small, make sure you follow it up and get it changed.
Shred statements, bills and direct mail, don't just throw them in the bin.
Always check bank statements and credit card statements thoroughly.
Top Tips for companies to engage employees in assessing risk and considering customer confidentiality:
Help employees become aware of the risk of taking items, such as laptops, outside the office. Employees must be encouraged to consider themselves as responsible for the safe keeping of huge amounts of customer sensitive data.
Don't allow compliance to take the place of judgement. The challenge is not for companies to focus on issuing protocols, but to think intelligently about encouraging staff to understand the risks.
Engage employees in an ongoing dialogue to discuss different issues surrounding risk management. For example - what activity do they consider suitable to undertake on the train commuting into work.
Top tips for businesses to manage risk surrounding customer data:
Ensure staff references are thoroughly checked before their employment commences
Ensure employees are provided with secure shredding facilities to dispose of confidential documents
Educate staff about the potential risks of viewing sensitive data while in a public space
Enforce a clear desk policy, so customer details are not left on display
Map out clear procedures for what to do in the event of customer sensitive data being misplaced, for example a laptop being left on a train
Make sure all data is backed up securely