Passwords and Company Security
Posted in News Articles on 03/05/2010
Employee data breaches are becoming more and more common for companies. News stories about data breaches appear with alarming regularity. Sometimes it is the missing laptop that was stolen from someone’s car/home/apartment, sometimes it is the data tape that was being transported for storage and was “misplaced,” and sometimes it was a disgruntled former employer who still had access to company information. How does this happen? Actually, it can be very simple if companies do not have policies in place and enforce them regularly regarding sensitive information.
How secure is your company? How are passwords assigned? How often do they need to be changed? What is your password protocol? Clients ask these questions and we do ask them of our clients in regard to background checks.
We send and receive data daily within our office containing applicants’ names, social security numbers, dates of births, drivers license numbers and other details commonly referred to as personally identifiable information (PII). We have put security in place on our computer systems designed to minimize the risk of this information ending up in the wrong hands. We require our employees to use strong passwords and to change their passwords frequently. We also do not allow PII data to be stored on laptop computers or to be removed from our office. Departing employees have their access to sensitive data removed immediately. Policies regarding security and confidentiality are in place at BackTrack, reviewed regularly and are strictly enforced. We do take security issues seriously.
Clients who access reports via our secure website are required to change their passwords frequently and we do also have strong password protocols in place; however, is your company doing all they can to protect this information?
How does your company store this data? Do you require strong passwords? Do you lock files containing this data and restrict access to it? What do you do with the background screening reports you receive from our office? What procedures do you have in place regarding the securing of passwords? Do your employees routinely place this information in their desk drawers? When employees leave your company, how do you disable their access to secure areas? Do you notify your vendors (including BackTrack) to delete access to sensitive information? How does your company monitor that adherence to these policies are taking place?
For more information on this topic, contact BackTrack at 800-991-9694.