Protecting Personal Information: Five Steps for Business

January 19, 2010
By admin

by Lesley Fair

What’s in your file cabinet right now? Tax records? Payroll information? And what’s on your computer system? Financial data from your suppliers? Credit card numbers from your customers? To a busy marketer, those documents are an everyday part of doing business. But in the hands of an identity thief, they’re tools for draining bank accounts, opening bogus lines of credit, and going on the shopping spree of a lifetime — at the expense of your company, your employees, and the customers who trust you.

Sophisticated hack attacks make the headlines, but many security breaches could be prevented by commonsense measures that cost companies next to nothing. That’s why the Federal Trade Commission (FTC) has published Protecting Personal Information: A Guide for Business, a plain-language handbook with practical tips on securing sensitive data. The specifics depend on the size of your company and the kind of information you have, but the basic principles remain the same. Whether you work for a multinational powerhouse with branches around the world or a start-up based in a home office, a sound information security plan is built on these five key practice

s:

  • Take stock. Know what personal information you have in your files and on your computer. Understand how personal information moves into, through, and out of your business and who has access — or could have access to it.
  • Scale down. Keep only what you need for your business. That old business practice of holding on to every scrap of paper is “so 20th century.” These days, if you don’t have a legitimate business reason to have sensitive information in your files or on your computer, don’t keepit.

  • Lock it. Protect the information you keep. Be cognizant of physical security, electronic security, employee training, and the practices of your contractors and affiliates.
  • Pitch it. Properly dispose of what you no longer need. Make sure papers containing personal information are shredded, burned, or pulverized so they can’t be reconstructed by an identity thief.
  • Plan ahead. Draft a plan to respond to security incidents. Designate a senior member of your team to create an action plan before a breach happens.

Get your copy of Protecting Personal Information: A Guide for Business at www.ftc.gov/infosecurity. While you’re there, download copies for your IT manager, your human resources department, your sales staff, and anyone else who comes in contact with customer or employee information.

Lesley Fair is an attorney in the FTC’s Bureau of Consumer Protection who specializes in business compliance.

http://www.ftc.gov/bcp/edu/pubs/articles/art01.shtm

Tags: , ,

Leave a Reply

Your email address will not be published. Required fields are marked *

*

*


Search

Mailing List

Please join our growing mailing list. We will never sell your information!

Recent Comments

    Message from us

    We hope this site provides you with tools to start or maintain your internet business. We would welcome your ideas and opinions of our postings.

    Whether you are thinking of starting an internet business, want to work at home, want to fend off scammers or are just curious, you should find something helpful on InternetBusinessUSA.

    You will find information on SEO, HomeBased Business, Make money online, Work from home, startups, home office and much more.

    Categories

    Pages

    Meta

    Tweeter button Facebook button Myspace button Linkedin button Webonews button Digg button Flickr button Stumbleupon button Newsvine button Youtube button