How Companies Can Protect Against Identity Theft

Corporate Data Security Challenges

Man stealing employees' identities from a stolen laptop
photovideostock/E+/Getty Images

Identity theft resulting from stolen corporate data is big news. The extensive media coverage and damage to the organizations and brands involved in recent data security breaches has brought identity theft detection and prevention to the forefront of corporate America's concerns.

Given the amount of sensitive information their personnel files house, Human Resource departments in the corporate landscape have unique challenges.

And, awareness of data breach methods and the ways to thwart an identity theft attack are key to reducing the department's exposure.

Thwart Identity Theft

These strategies are recommended for HR professionals to thwart identity theft:

  • Educate employees about the appropriate handling and protection of sensitive employee data.
  • Consistently enforce policies and procedures, physical safeguards, and IT security. All three are required or data security is questionable and identity theft may occur.
  • Review and revise physical security practices as needed, in both bricks and mortar and virtual operations. Policies should address all of the critical areas such as:

    --Who is able to leave the office with file folders,
    --Where is sensitive data stored and destroyed,
    --Who has access to sensitive data, and
    --Are employees required to surrender keys and badges upon leaving the company's employ?

Identity Theft Victims

Human Resource departments also need to be concerned about those who will become victims of identity theft.

 According to the Insurance Information Institute, The 2015 Identity Fraud Study, released by Javelin Strategy & Research, found that $16 billion was stolen from 12.7 million U.S. consumers in 2014, compared with $18 billion and 13.1 million victims a year earlier. There was a new identity fraud victim every two seconds in 2014.

These identity thefts will result in employees taking an average of 175 hours of work time to restore their identity following identity theft. This lack of productivity has been called presenteeism (being at work but not working on work issues).

And, with increasing technology and sophistication, there are extensive networks of identity thieves whose sole purpose is to gain access to poorly secured organizational data and extract sensitive information - using means as simple as an unguarded laptop.

Safeguard Employees Against Identity Theft

To safeguard against these evolving identity theft threats, HR professionals need to:

  • Conduct background checks on employees.
  • Perform proper vendor screening.
  • Include breach of data protection clauses in your vendor contracts.
  • Have a pre-breach protection of sensitive data plan and a post breach protection of sensitive data plan incorporated into their business continuity planning and their enterprise risk management planning.

Identity Theft Insurance

Organizations are discovering that adding a voluntary employee identity theft benefit to an existing benefit package adds value. This allows employees, as consumers, to have identity theft services available to assist them if or when their personal information is breached -- whether at work or at home.

Security conscious companies enact proper identity theft policies to protect employee data and keep the company safe. They also offer similar options for their employees to demonstrate smart data security and to promote employee appreciation and satisfaction.

Identity Theft Protection

According to the FBI, identity theft is the fastest growing crime in America. The problem will get worse before it gets better. So the onus is on those organizations and departments housing sensitive employee information to improve their data protection through:

  • employee education and services,
  • explicitly followed identity theft protection policies and procedures,
  • a sound IT security infrastructure, and
  • a plan of action, for when - not if - a data breach occurs.

Author Information

**Troy Allen is the Chief Operating Officer of Kroll Fraud Solutions.

He has front line experience helping a wide variety of corporations and organizations protect against and respond to data breaches.

He sets direction for the company's continued success in identity theft discovery, investigation, and restoration. He oversees a team of licensed investigators who specialize in solving tough issues for ID theft victims.

Published as a subject matter expert on identity fraud, Allen is a frequent speaker on data protection, loss and recovery.