internet security

Protecting your business secrets from old-school information theft

by Sarah Schmid


Learn how to help prevent enterprise information theft

Time: 3 minute read
We all know about malware and data-stealing “bots.” But what about information theft that happens the old-fashioned way?

With high-profile data breaches playing out in the headlines seemingly every week, internet security is a top priority in the new world of work. The ease with which hackers can plunder critical data is disheartening, and the problem is only getting worse.

All companies have taken measures to safeguard their networks from information theft. But often, instead of keeping your eyes on the nebulous threats from hackers half a world away, the biggest information threats can be right in your own backyard. Old-fashioned solicitation and subterfuge are tactics often deployed by thieves to gain access to sensitive information. So what can managers do to protect their company and employees against these forms of information theft?


Subscribe to our newsletter


Take routine precautions

Identity thieves have no shame. They comb through your trash; they steal your mail; they even tear apart your cubicle and desk in search of revealing paperwork. This is why shredding unneeded documents is a common practice for many businesses — and definitely should be for yours. Also, try not to keep sensitive paperwork in your work desk; if you must, make sure it’s in a locked drawer. (And don’t just leave the key in an unlocked drawer nearby. Isn’t that the first place you’d look, if you were a thief?)

Be wary of social engineering schemes

Ever been tricked by someone claiming to be someone they’re not? That’s social engineering, which is basically a fancy term for fooling people into giving up confidential information.

It happens a lot over email — a popular one lately is a message telling employees that their health care is about to be canceled and they should open an attached file or visit a certain website in order to make sure it isn’t. But often this kind of information theft begins offline, where a thief will pose as a colleague, IT administrator or maybe someone like a bank or credit card company rep, telling you that your account has been compromised and they need your account number/password/Social Security number to reopen it. It could even be as simple as blanketing your company’s employee parking lot with flyers that entice people to log in to what seems like a legitimate website but is actually a phishing attack.

To avoid becoming a victim of social engineering, your employees need to remain vigilant at all times. Never reveal passwords, log-in credentials, PIN numbers or Social Security numbers in their entirety. Don’t open strange files or click on unverified links in emails, even if they’re coming from people you know. And make sure, for instance, that the URL for the site in which you’re about to type your sensitive information is legit and not a phishing site masquerading as the real thing.

IT administrators can and should conduct regular tests to see if employees are susceptible to these types of attacks. Repeated training and reminders can help lessen the impact of this type of attack on your company.

Instead of keeping your eyes on the nebulous threats from hackers half a world away, the biggest information threats can be right in your own backyard.

Don’t just throw away old tech

Do you store bank records, old electronic tax returns, 401(k) account details, password lists or other sensitive information on computer hard drives? Do you throw those computers out without taking steps to encrypt or wipe those drives?

Just because you’re done with something doesn’t mean that the bad guys are done with it. Sensitive data isn’t safe in a landfill — so take your old computers and storage drives to a place that safely recycles electronics instead. Or learn how to use old tech in the office.

Information theft is here to stay, but with a few extra precautions, you give yourself a much better chance of avoiding it, or at least minimizing the damage.

Recommended for you


Recommended for you

dictionary definition of hacking Article: 11 essential hacking terms The types of threats and hacking terms that are impacting business security
First level review case study thumbnail image. Case Study: First Level Review Expediting document review for a data breach
Pragmatism Priorities Article: Information governance solutions Information governance services help ensure data is managed and secured
Cookie Policy

Ricoh uses data collection tools such as cookies to provide you with a better experience when using this site.
You can learn how to change these settings and get more information about cookies here.

Close Chat
HelpChoose A Topic