Companies Should Safeguard Their Paper Recycling Processes
Companies that fail to take enough precautions when recycling office documents are at high risk of exposing themselves to e-crime. System Associates has pointed out that as firms concentrate on maintaining environmental standards such as ISO 14,000, they often miss out on confidential information that may get discarded.
Managing Director of System Associates, David Macken explains that hackers who rummage through office waste papers can get their hands on security sensitive information. These can help them to evade security systems thereby getting straight to the core of secret data.
Companies encourage employees for paper recycling but the latter may fail to take into consideration the confidential information of their organizations, according to Macken. A persistent hacker who visits the office recycle bins can collect enough information from there that helps him get around firewalls and other security products and reach right at the center of secret information. By the time the organization realizes it has already become a victim of fraud, it can be after months, by when the hacker will have shielded his clues.
Macken says, companies using a secure disposal system are vulnerable too because they often do not have any locking systems for the waste paper bins. This can be an open invitation to computer hijackers, who know where exactly to aim for locating the confidential information.
Even if there are strict rules for recycling documents, an organization must check suppliers' recycling methods to ensure they are safe from leakages, implement protection to identity and pull to pieces any sensitive details, Macken said.
The most valuable information for hackers is internal passwords, e-mail addresses and information about suppliers. These can help a hacker to disguise as an employee, supplier or customer only to collect more information to misuse them fraudulently.
In order to safeguard such information from slipping through, System Associates advises greater consideration to paper recycling process and involvement of IT department in framing recycling policy.
Macken comments, organizations most open to security attacks should discuss IT security across all members especially with new recruits. Companies are vulnerable because they often overlook briefing their staff particularly new employees who are fresh takers of new passwords and secret information.
Related article: Companies Should Report Cybercrime
» SPAMfighter News - 19-02-2007