Kroll Fraud Solutions Blog – A Dialogue on Data Security

Ten tips for fax safety

As we discussed in the last two posts in this series, you can see how even mundane office equipment can pose a serious security risk. Part of the security battle here is simply understanding the issue, because the technology already exists to help you erase your fax or copier hard drive. So, are you safeguarding against what amounts to pure error?

As it turns out, there are several steps you and your staff can take to reduce the risk of misdirected faxes:

Why your fax machine may be your worst security risk

Last week, a data breach made headlines in Canada, when a woman’s private medical information was faxed by her doctor’s office to a newspaper. It was no doubt a mistake; a simple case of a wrong number. The laws of probability assure it will happen from time to time, but unfortunately, this type of breach becomes more insidious when you look at the details. In some instances, it is hundreds of records that are faxed over a multi-year time span. And in those cases, oftentimes the doctor’s offices and government entities knew of the problem, but still took years to correct it.

Going back to our April 30th blog post . . . Back when I was just starting to learn about id theft and protecting my PII, I applied for a Hollywood Video rental membership. The application asked for my Social Security number. I asked why they needed it; the clerk couldn’t tell me. I didn’t list it and I still obtained a membership. The store at which I applied is now closed and stories have appeared about the irresponsible disposable of the records by other stores. So, how happy am I now that I didn’t give that piece of PII on the application. I tell this to the students when we present the CSR program—be stingy with personal information.

Businesses shoulder something of a “double burden” when protecting sensitive information. They must protect the company’s Unique Business Identifiers (UBI), as well as the Personal Identifying Information (PII) of individuals such as employees, customers, students, and other stakeholders. Protecting UBI preserves the company’s ability to thrive and reduces the likelihood that it will be exploited for financial gain. Protecting PII from the threat of unauthorized use is also vital to the company’s livelihood.