Category Archives: Identity Theft

Shredding Documents Before Recycling Them

Posted on by
Reply

Data Protection, Paper Shredding, limeirck paper shredding

Paper data still plays a major part of industrial paper shredding. It is important that you are Shredding confidential paper before it is put into recycling. This is to ensure that your data is protected and cannot be viewed by public eye.

Paper like any other recycling is often left in the blue bin outside your home or business for it to be collected. This is a common practice and nothing wrong with it. If your recycling contains documents of a personal nature and or sensitive data nor for public knowledge, how it is disposed needs to be taken into consideration.

It is quite easy to access anything contained in these bins and within an urban area someone in a “white van” and a high vis jacket could pull up and throw these bags into the van. What they do with these documents may be unclear but can be malicious intent. Having the documents shredded before it is recycled will increase your data security.

Shredding Documents

A good practice for your business to incorporate is to shred your document before you put them into recycling bin. Also to be aware that a simple office shredder does NOT provide adequate data destruction. This data can be reconstructed. An industrial paper shredding service provides you with secure paper shredding. Incorporating a service to handle and destroy your documents should be used.

Scheduled Onsite Collection

A reputable shredding service will provide you with a collection service to handle and securely destroy documents you have. Ringing your shredding service provider and organising a collection at a time specified by you will ensure that you know when your documents are to be transferred.

A shredding service can provide you with sealed bags for collection and shred them in off site paper destruction location. A shredding service can also provide onsite shredding service with their specially designed trucks to handle and destroy these documents.

Data Protection

Under the EU directive the data protection act and the data protection commissioner are governing bodies in place to ensure that businesses handle data correctly and ensure sensitive data is used in a correct manner.

For more information on a reputable shredding service in Ireland please visit:

https://www.securityinshredding.com/

No. of Data Leaks and Data Breaches Increasing

Posted on by
Reply

irish data breaches, Data Protection, Paper Shredding, Data Destruction

Industrial paper shredding can be implemented using an off site shredding service throughout Ireland. Onsite shredding services are also available in the Dublin, Cork, Limerick, Galway and Waterford areas. These services should be common practice for businesses to comply with Data Protection laws.

It has become an increasingly talked about topic both globally and in Ireland of user’s details being leaked accidentally or retrieved through malicious means. The most recent story on a global scale is the “Panama Papers” involving political figures and leaders having offshore accounts and profiting from them. How the leak happened is still unclear but can happen.

Closer to home the Irish Aviation Authority (IAA) was the case of a data leak. The leak revealed the details of listed drone users in the country. No credit card details were released but names, addresses and emails were revealed. The leak was an internal issues and was dealt with accordingly. The Data Protection Commissioner was informed with the leak and appropriate actions were taken.

If A Breach Occurs

Your own business like any other business can be subject to a Data Breach or Leak. To think it wont happen to you is naive and bad business practice. If you feel a breach has occurred there are a number of steps you should follow if the breach occurs.

  • Take your site offline so the leak/breach is no longer available
  • Find out where the breach occurred. Contact IT or site developer for help
  • If public details are released then inform the Data Protection Commissioner
  • Issue a warning to the effected users that the breach occurred
  • Passwords for accounts need to be updated to prevent unwanted access to user accounts.

The quicker you deal with the issue the less damaging it is for business in the long run. Contacting the Data Protection Commissioner (DPC) is important as they are a governing body for issues like these. Failure to contact the DPC can result in a hefty fine and be damaging for business if the issue goes public.

Data Protection is vital for businesses to succeed and now more than ever it is important to have proper Data Security setup to prevent these kind of attacks. A confidential shredding service will provide your business with its Data Protection. Consulting with them about your Data Security would also be recommended.

Data Protection Commissioner Data Security Guidelines:

https://www.dataprotection.ie/viewdoc.asp?DocID=1091

Protecting Personal and Work Devices

Posted on by
Reply

secure data

All electronic devices can potentially suffer from Data Breaches if not protected correctly. The breach can be in violation of Data Protection laws if the Data Protection Commissioner is not informed. Secure document destruction is an important part of business and organisation incorporate.

A recent event involving a personal computer used in a federal building that contained details of child support accounts, and social security details and other hard drives that may have contained user details.

A US watchdog wrote an open letter to the federal government asking why staff member was able to use a personal device to access these details, given that it violates the security policy. The letter continues and mentions other Data Breaches in government buildings and the lack of Data Protection.

Situations like this increasingly more common and not just government buildings. Bank account details have being breached. Online accounts to various sites have being breached and this happens on a global scale. You will hear that the breach occurred because someone left a device behind them. Be it the seat of a train home from work, a USB key dropped in a cafe.

The human error of forgetting something is not the problem (we all forget things from time to time), but the issue is the data contained on these devices and the lack of protection in place especially devices with sensitive data.

Company Policy

It is worth knowing your company polices on weather or not personal devices are allowed to conduct business actions. Also if using company devices weather or not you can use personal applications on them. It is important to know this. We live in a time of technology and information being widely available and with the increased usage there is also the potential of breaches.

How these breaches occur will can vary but there are common factors and technology is written with a universal language.

  • Ask your IT specialist on what to look out for when using the device
  • Research good practices online
  • Enalble location of device if appliable in case it is misplaced.
  • Encrypt devices where possible including mobile devices and USB keys
  • Be aware of what information is stored on a device (paper or electronic) and the potential breach that could occur if misplaced.

A confidential shredding service will also improve your Data Security and provide you with methods for protecting your device. Please visit our site for more information:

https://www.securityinshredding.com/

Data Security From Top To Bottom

Posted on by
Reply

Security in Shredding Logo. 2014.

Data Security is a vital for businesses to run. Weather it is paper shredding and or media destruction a confidential shredding service is needed.

Security is a strategic part of company policy. While physical security has being around for a long time. Security cameras, security personal, alarm systems etc are common terms to hear when referring to security. When it comes to cyber security the terms used become less frequent and can appear more intimidating to the untrained ear. You will hear terms like encryption, end to end encryption, firewalls and 2 step verification are terms involving cyber security.

Digital Data has grown over the past 20 years and this has lead to the increase of Data Breaches in industries and organisations. Often the case for these breaches were due to certain aspects not having protections in place. With the increase in electronic devices it should no longer be just a matter for the IT department but a company wide matter.

In The Boardroom

Data Security and Digital Data must be a part of the boardroom’s security strategy and treated equal to the overall security of the company. Awareness to cyber issues should be known be all board members and not just the CIO.

This should include the company policies in place. What are the major threats to Digital Data. Regular update of this information from IT department to the board to increase awareness.

Human Error

All the security measures in place cannot protect against human error. People will forget items, it happens. A stray document left on a table or seat when travelling. Not just paper documents but mobile devices also need to be looked after again of the potential of sensitive data being accessed.

Less technical minded people who use these devices may also use social media and other sites while not being aware of potential breaches or what data they might expose.

Setting up security features before the device is used will help improve security. Password setup and enabling encryption on messaging systems will greatly improve the device security.

Company Policies and Terms Of Use

Is a term widely used throughout Technology sector. A person must agree to these terms before they can use a product. This should also be adopted by your own company if issuing devices for board members and staff. It does not have to be a technical document but a set of guidelines and processes to do when dealing with sensitive data.

Technology is constantly improving and changing are for some people it can be hard to learn these new technologies and this is where the potential breaches can occur. With a regularly updated information to the board members will ensure your data is secure.

For more information on the Data Protection please visit: https://www.securityinshredding.com/legislation.php

10 Steps To Prevent Data Breach regarding Cyber Security

Posted on by
Reply

Security In Shredding logo

Paper Shredding Services are an important part of business practice. A reputable onsite shredding service can be incorporated for business Data Protection.

Cyber Security comes in many forms and one method which is targeted regularly are credit cards. Criminals will try anything into tricking people to obtain credit card numbers. There are a number of preventative methods you can use to protect your details. Below is a list of steps to look out for to improve your data security:

  1. Don’t be tricked into giving away confidential information;  make sure you do not respond to emails or phone calls requesting confidential information. Report any suspicious activity to IT and/or your manager.
  2. Don’t use an unprotected computer; ensure to use a computer that has latest approved security software prior to viewing and company information (particularly if you are viewing the material from an internet café or shared computer)
  3. Don’t leave sensitive information on your desk; Keep them safe by locking them in a drawer or have them destroyed – shredded securely using a registered Data Processor.
  4. Lock your computer and mobile phone when not in use; Keeps your data and contacts safe from prying eyes.
  5. Stay Alert and report suspicious activity; In case something goes wrong and the sooner you report the issue the faster it can be dealt with.
  6. Password-protect sensitive files and devices; Protecting your devices with strong passwords means you make it incredibly difficult to break in and steal data.
  7. Always use hard-to-guess passwords; Make sure to use complex passwords not just 12345 or abcdef but “G$4s1KoOl” for example. (It is used more often than you think.)
  8. Be cautious of suspicious emails and links; don’t let curiosity get the best of you. If it sounds too good to be true it probably is.
  9. Don’t plug in personal devices without the OK from IT; Personal devices can be compromised with code waiting to launch as soon as you plug them into the computer.
  10. Don’t install unauthorised programs on your work computer; If you like an application and think it would be useful, contact IT to look into it for you before installing.

By following the Do’s and Don’ts mentioned above you will greatly reduce the risk of a cyber attack.

Security in shredding offers this type of security and more. please visit our website for more information: https://www.securityinshredding.com/ 

Cyber Security & Credit Cards, Data Security

Posted on by
Reply

credit-card-scams-data-breaches

Confidential paper shredding is not just about shredding paper. Data comes in many forms and credit cards is one form of data that needs to be protected.

A current example of a cyber security breach is a string of fraudulent activity on customer credit cards used at Trump Hotel Collection. The activity appeared on cards used in the past two to three months at a number of Trumps Hotels. The exact number of hotels this has occurred is unknown at this moment in time but it marks the second breach of the hotel chain in the last year.

Below I have listed some Do’s and Don’ts that we should all apply in our day to day activities;

Do’s :

  • Do keep your credit card safely and treat it as you would treat cash & Never leave it unattended.
  • Do keep your credit card in the same place within your wallet/purse so that you notice immediately if it is missing.
  • Always memorize your Personal Identification Number (PIN) and change it on regular basis.
  • Do Exercise caution while transacting on websites for any on-line purchase.
  • Do make regular payment of your credit card dues. This will help you in avoiding levy of finance charges, late payment charges, etc.
  • Do Change your login Passwords Periodically: We recommend that you change your passwords regularly, at least every 30 days or so. To change your Passwords, login to the ‘Online Credit Cards’ section, then click on the ‘Change Password’ option given on left side of the screen. Please change the password immediately if you think it is compromised.
  • Look for the padlock symbol on the bottom bar of the browser to ensure that the site is running in secure mode before you enter sensitive information.
  • Shred unnecessary financial documents immediately: Discard pin or password mailers immediately after memorizing them. Never write them down.

Dont’s:

  • Do not keep a copy of your PIN in your wallet/purse and never write your PIN number on your credit card.
  • Do not reveal your PIN to any one – not even to your family members.
  • Do not reveal your credit card details/ PIN number/ etc. to any email soliciting your personal information/ any telephonic survey.
  • Do not seek help from strangers at the ATM, even if offered voluntarily, while utilizing your credit card at ATMs.
  • Do not bend your credit card.
  • Never sign an incomplete charge slip.
  • Never open email attachments that have file extensions like .exe, .pif, or .vbs. Such files are usually dangerous.

For more information please visit on a secure shredding service: https://www.securityinshredding.com/

American college (TCC) affected by data breach

Posted on by
Reply

Security in Shredding Data protection & destruction

Onsite paper destruction and or offsite paper destruction are services provided with shredding companies in Ireland. “Shredding Paper Ireland” will provide you with a decent result when researching for an industrial paper shredding service.

In a recent story involving an American college in Virginia were subject to a data breach involving staff and their names and social security details. 15 of the college employees who had submitted their tax returns to the IRS (American version of Revenue Office) were later told that their tax had already being done using their social security number.

Approximately 3192 employees in the Virginia college system may have being effected by the breach. It appears the details of the leaked data containing the names and social security numbers may have being sent to a fake account from the college.

While this happened in America the method as to how it happened remains the same. A false account was created to look like an official college page. The page will have asked the user to enter in or provide specific data. These scams will prey on human error or uneducated person to transfer this data.

How to protect yourself from these attacks

If you feel your business has being subject to one of these attacks here are a number of things to look out for. If you use a regular paid service whatever the format, these services will have your name on record and will be able to display it on emails and documents.

  • “Dear Customer” can be an indication of something off. A reputable service will easily be able to display your name here instead of customer.
  • Asking you to click a link from the email itself rather than going through the official website of the service provider to pay for services.
  • Do not click on links you are uncertain of going through the service provider site itself is a good practice.
  • Asking for specific details is also a sign of malicious intent. Reputable sites do not ask for this information as information such as passwords are NOT known by the service provider as these are encrypted and only known by you.

What To Do If Breach Occurs

  • Alert the service provider that a breach has occurred
  • Alert relevant authorities such as banks, revenue office so they know to monitor irregular transactions.
  • Inform employees to change passwords to the relevant accounts
  • Inform customers that may have had their data accessed
  • Sooner the better you alert the authorities the quicker and less damaging the data breach will be

The full article involving the TTC can be read here:

https://www.13newsnow.com/news/local/mycity/virginia-beach/tcc-100-employees-affected-by-data-breach/110309810

For more information on data security please
 visit:

https://www.securityinshredding.com/shredding-benefits.php

Electric Ireland Phishing Scam Warning!

Posted on by
Reply

irish data breaches, Data Protection, Paper Shredding, Data Destruction

A Confidential document destruction service is one among many means of a businesses Data Protection. Data breaches can come in many forms and one method of a data breach is phising. When you hear reports of accounts being hacked or customer details have being released, this is one such method of doing this.

So what is phising?

A simple Google search of this question will provide you with the following answer

“the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.”

It is common for these type of scams to target high profile companies with a large customer base. Hackers can produce “official” looking emails to trick people into giving their details. There are steps to help protect you against these type of attacks.

Below is an example of the malicious email in circulation:

Screen Capture of malicious email

Read the full article here:

https://www.independent.ie/irish-news/news/electric-ireland-warns-customers-over-sophisticated-phishing-scam-34587520.html

The article writes that the scam was asking customers click a link and enter their username and password. The way the email is worded to convince you that it is official. To the uneducated person this will look and feel official. Asking for your details in this manner is suspicious.

Also “Dear Customer”  should not be there. If it was an official statement then Electric Ireland would have your name in place of customer. Electric Ireland will have your name on storage and will be able to use it in documents.

The links to click are also displayed in a way to deceive you creating a link can be displayed to say anything.

Prevention against phising

  • If you suspect something the report it immediately as the company may not be aware of the issue.
  • Do not click on the links on the email and go through the Electric Ireland site to login
  • If you clicked on the link and feel your details were obtained then change your password immediately and report it to Electric Ireland.
  • Avoid clicking links that display as “here” or “Click Here” etc these can be misleading
  • Asking for your details through email is common practice.
  • Report any suspicious activity.

Microsoft have a detailed list to help protect you against phising scams. Awareness is key to scams like these the more you know the easier it is to protect your data and company reputation from data breach.

Microsoft Tips: https://www.microsoft.com/en-us/security/online-privacy/phishing-faq.aspx

For more information on Data Protection please visit our shredding specialist site

Dangers Of Data Breaches For Small Businesses

Posted on by
Reply

Heartbleed Data Theft

Secure document shredding in Dublin and throughout the country are services needed to ensure your business is complying with Data Protection laws. These laws are in place to ensure businesses that possess sensitive data are protecting against vulnerabilities both physically and digitally.

Cyber criminals will target small businesses. In the UK the minister for the digital economy Ed Vaizey outlined (2015) that a major security breach for a small business in the UK could cost as much as £310,800. This figure also applies to Irish businesses and any small business in operation.

Dataprotection.ie have detailed descriptions on how to protect your business and improve its security. The site has guidelines to improve your business security. Researching online can be difficult because you will read conflicting reports and incorrect information. The data protection site provides you with useful and up to date information from a governing body to help improve your business security and data protection.

On the site is a guideline to improve your data security. It covers the law to software and IT support to use. With a little bit of know how and awareness to possible threats will benefit you and your business greatly.

There are 19 steps in total on the guideline page which can be read in full at data security guideline page, below are a steps from said list.

1. Install an Anti Virus Software

It is a necessity for any electronic device that transfers data. Anti Virus software protects more than just your computer, it also protects your emails and personal details when online. Malware is a big threat to computers and using a reputable ant virus will benefit.

Remember to update the anti virus software regularly as anti virus software can only protect against known viruses.

2. Firewalls

Firewalls are a essential form of protection where there is external connection. Always on internet is now a common practice for businesses. This makes a properly configured firewall a good form of security.

3. Wireless networks

When using a wireless network in your own business network make sure that proper encryption is setup on the wireless network. Be aware when using public networks such hotels and airports can potentially a risk. Use it if necessary and if you are transferring personal data make sure to be in a secure session on the device.

4. Human Factor

Is often over looked and is often used to breach a business. For example cyber criminals have accessed user accounts by using passwords such as “123456” and or “password.” Sounds crazy but happens more often than you would think. Use a more cryptic password. What the password contains will help its strength but the more characters used the greater the strength.

Also be aware of printed documents that may contain sensitive data and if not disposed properly can be accessed. Having a reputable Shredding Service dispose of your documents securely and safely.

For more information on a secure shredding visit: https://www.securityinshredding.com/  for more information.

 

Data Protection And Data Encryption

Posted on by
Reply

secure data

Industrial paper shredding of private documents should be destroyed by a secure paper shredding service. Shredding paper is among one method of Data Protection.

In light of the recent event involving the F.B.I and Apple involving Apple’s security feature on the iPhone 6’s data encryption and fail-safes. With the iPhone once a passcode is entered incorrectly 10 times, the phone is then locked and the data cannot be retrieved by anyone other than the owner. Apple do not have access to the user’s phone. Any current mobile or electronic device will have encryption available.

Now more than ever companies and organisations need to be aware of the devices they use and what security and encryption they are using. Encryption protects your data on devices. It essentially scrambles data from anyone trying to access the data. A password or code is usually the only way to view the data.

It is worth knowing what encryption if any do software programmes use. Unencrypted data can be accessed by people with a little bit of know how. Data Protection is vital part of business as data breaches will have a hefty penalty if a breach occurs they occur.

Any media device your organisation uses, that is being replaced should be destroyed by a shredding service. WEEE Ireland is a recycling service for electronic devices and batteries. All digital data stored on a device should be destroyed if the device is no longer in use. A reputable shredding service will destroy these devices in the correct manner.

Information on WEEE Recycling https://www.weeeireland.ie/

Simple things to remember when using electronic devices can massively improve on your security. These methods are often overlooked and hackers and criminals will prey on these oversights as the vast majority of electronic breaches can be broken down to human error. The following methods can improve your data security:

  1. Passcode on your mobile and electronic device
  2. Ensure that software used has encryption on data
  3. Use various passcodes on your devices to ensure security
  4. Destroy your devices when no longer needed

For more information on media destruction visit https://www.securityinshredding.com/

For information on device destruction visit https://www.securityinshredding.com/it-media-destruction.php