At a municipal auction in Memphis, Tennessee, two city employees saw an opportunity they couldn't resist. As two patrons struggled to find keys for a vehicle, the employees approached with a solution. For just $250, they offered a programmed key — a steal compared to the $450 a locksmith had quoted. What the customers didn't know was that the key was stolen.
This incident is one of many example of how employees abuse their key access to steal from their employers. In fact, around 95% of U.S. businesses have experienced employee theft. Although not every theft is preventable, you can follow a few best practices to reduce the likelihood of internal key theft.
This incident is one of many that happen across the nation every year. In fact, around 95% of U.S. businesses have experienced employee theft. Although not every theft is preventable, you can follow a few best practices to reduce the likelihood of internal key theft.
It's unclear how the San Bernardino man gained access to customer keys without turning heads. However, if you’re concerned about a similar security breach, updating manual key control processes to electronic key control could help deter theft.
By requiring users to log in via password, key fob and/or fingerprint scan, the system creates an audit trail so you can review exactly who’s accessing which keys and when. Additionally, with an electronic key control system in place, dishonest associates won’t be able to argue against the validity of key control logs. This reality will resonate with your employees, discouraging potential theft.
In some businesses, it’s not uncommon for the employee handling alarm codes to also be the keeper of the keys. In the event an alarm goes off, however, this arrangement can easily become a conflict of interest. If you designate a single employee to handle both responsibilities, that employee could 1) commit theft nearly unnoticed, or 2) leave keys unmanned long enough for another employee to commit theft.
To limit this liability, consider designating multiple system administrators, so that no employee has unchecked access to security measures. Designating several system administrators distributes accountability, which is beneficial for several reasons:
When an employee leaves, it's important to ensure they don't still have access to company systems and assets. The same electronic key control system that allows you to set up multiple users also allows you to remove terminated employees from the system. In doing so, you can protect your company against potential credential abuse. Whether it’s an employee trying to clock in for a coworker, or an ex-employee looking to steal from their former boss, password security is not to be taken lightly.
By implementing these steps, you'll foster trust, and enhance security, and ensure a safer working environment.