New research from risk consultancy firm highlights risk from data theft committed by employees. A poll of over 800 senior executives around the world showed that companies for the first time are losing more from the theft of their electronic assets than from physical assets. This was recently revealed by Kroll, a risk consulting firm.
The incidents were especially alarming in emerging markets such as China, Colombia, and Brazil-where more than 9 out of 10 businesses report victimization. Most susceptible are firms that deal in information, such as businesses in professional services, media, technology, and finance. Often, according to the respondents, the perpetrators are the company's own employees.
Anybody using the internet is at risk when it comes to online fraud. Popular methods of scammers for making money illegally are: credit card fraud, identity theft and confidence trickery. As the number of internet users increase, so do reported cases of electronic fraud, and the figures are quite staggering.
For instance, in 2009, 66.1% of electronic fraud perpetrators were found to be operating within USA while 10.5% was in the UK and 7.5% was in Nigeria. Thirty-two percent of online fraud cases were non-delivery of goods which cost an average of $585. Fraud in online auctions is common and resulted to an average of $602. In fact, 16.3% of reported electronic fraud cases in 2008 were due to fraudulent sales on the most popular auction sites on the web.
When a company does not have sufficient control over its computer system, it may be prone to suffer losses due to electronic fraud. With the number of PCs steadily increasing in homes and businesses, companies need to protect themselves from electronic attack. If a company is to prevent electronic fraud from happening it should take the following steps:
First, companies should have adequate firewall protection, multifactor authentication and credentialing; access to USB ports or other drives should be blocked; forced password formatting (e.g. use combination of upper case and lower case letters as well as numbers and symbols) for all employees should be undertaken; all data transmission should be encrypted; access to specific websites should be blocked; employees should be advised not to open unsolicited emails/attachments and they should also be discouraged from loading software programs brought in from sources other than the business itself.
Companies today should closely examine how information is managed within the organization. Appropriate levels of control should be provided, and policies, procedures, and tools need to be implemented to make sure access is carefully controlled and monitored and information is secured.
Are you confident that your firm is safe from attack not only from outside the organization but also from within? If not, contact us today to find out how we can help.
Leave a comment!
You must be logged in to post a comment.