August 15, 2019

Low-Tech ID Theft (Dumpster Diving) – WST

Yes, dumpster diving is still alive and well and used to gain institution and customer information. This truly is an old school way of getting customer information, but it can be highly effective. The reality is that all of the high-tech controls we put into place cannot stop someone from tossing information into the waste basket instead of the shred basket.

Let’s face it, most of us don’t want to dig through a dumpster to verify that sensitive information is not being thrown away by bank employees.  In fact, I think only 10-D Security Engineers love this part of their job description.

There is a better way to do this with a lot less grime and slime.  After your branch closes, conduct a trash inspection inside your institution by just looking at what is in each trash container at each desk.  You might be surprised at what you may find, and it will be a lot less messy.

This type of internal audit should be done on a regular basis.  Make sure you document this audit because it never happened if you did not log it for the Examiners to see.  This is a good time to check and see if employees are complying with your clean desk policy.


Past Weekly Security Tips – WST