Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

3/22/2012
06:31 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

National Survey Uncovers Data Breach Vulnerabilities In The Workplace

Fellowes found that 81 percent of office employees have access to paper documents containing sensitive workplace information

ITASCA, Ill., March 22, 2012 /PRNewswire/ -- Many business professionals don't realize that when their company's confidential information is at risk, so too is the information of its clients, vendors, customers and employees.

Released today, Fellowes' Workplace Data Security Report[1] found that 81 percent of office employees have access to paper documents containing sensitive workplace information, yet only 62 percent cite their company as having a data security policy on which employees are trained. Some of those untrained employees may be leaving their companies vulnerable to a security breach, as the survey also reports that nearly a quarter of employees leave sensitive paper documents on top of their desks.

According to the study, office employees may unwittingly contribute to a digital or paper-based security breach by practicing other risky behaviors:

-- Approximately one in four (26 percent) leave their computers unlocked when away from their desk -- Fifteen percent throw paper documents containing sensitive information in the trash -- Only 60 percent maintain a secure firewall -- Less than half of respondents (44 percent) ensure their mail is safe by sending it through a secure mailbox "Whether electronic or in paper form, confidential information in the workplace is a hot item for theft and the methods employed by criminals to obtain this information are constantly evolving," said John Sileo, national identity theft expert. "With smart prevention measures, you can help your company avoid a costly breach that can lead to personal consequences - like identity theft."

Smart Practices for the Workplace

Having learned a great deal from suffering a security breach within his own business, Sileo travels the country educating businesses about ways to prevent the crime.

"Data protection can be simple as long as the proper procedures are in place and widely practiced," continued Sileo. He offers five key pieces of advice when speaking with business employees:

1. Lock your office when you leave for the day to prevent anyone accessing it after hours 2. Ensure your computer is locked with a secure password containing a unique combination of letters and numbers 3. Ask your IT department to check that your firewall is secure and up-to-date 4. Don't leave paper documents on your desk or in common printing areas and store important documents in a locked filing cabinet 5. Shred no-longer-needed documents with a Cross-Cut shredder, like Fellowes' 79Ci Sileo has been a longtime user of Fellowes shredders, both at home and in the office. "I always look to Fellowes' Cross-Cut machines to ensure my documents are properly destroyed. Fellowes is also the only brand on the market that offers 100% Jam Proof technology, making my shredding jobs productive and hassle-free. No one has time to sit around and fix a paper jam."

For more information about data breach prevention and Fellowes' 79Ci, visit www.fellowes.com.

About Fellowes, Inc.

Fellowes, Inc. offers an extensive range of products to equip the workspace, including paper shredders, binders, laminators, desktop accessories and record storage solutions. Founded in 1917 by Harry Fellowes and headquartered in Itasca, Illinois, Fellowes, Inc. employs more than 1,200 people throughout the world and has operations in 15 countries. Fellowes products are now readily available in over 100 countries across the globe. For more information, visit www.fellowes.com.

About John Sileo

John Sileo is an award-winning author and international speaker on the dark art of deception (identity theft, data privacy, social media manipulation) and its polar opposite, the powerful use of trust, to achieve success. He is CEO of The Sileo Group, which advises teams on how to multiply performance by building a culture of deep trust. For more information, visit www.thinklikeaspy.com.

[1] Results are based on 1,000 surveys completed by full-time office workers on behalf of the Fellowes, Inc. between March 5 and 9, 2012 by Toluna Research. Respondents were drawn from a national online panel maintained by Toluna, and completed the survey online. The margin of error is 3.1%

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.
CVE-2021-3144
PUBLISHED: 2021-02-27
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)
CVE-2021-3148
PUBLISHED: 2021-02-27
An issue was discovered in SaltStack Salt before 3002.5. Sending crafted web requests to the Salt API can result in salt.utils.thin.gen_thin() command injection because of different handling of single versus double quotes. This is related to salt/utils/thin.py.
CVE-2021-3151
PUBLISHED: 2021-02-27
i-doit before 1.16.0 is affected by Stored Cross-Site Scripting (XSS) issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via C__MONITORING__CONFIG__TITLE, SM2__C__MONITORING__CONFIG__TITLE, C__MONITORING__CONFIG__PATH, SM2__C__MONITORING__CONFIG__PATH, C__M...