November 30, 2016

Document Shredding: You Won't Believe Where Some Companies Go Wrong

Despite the dizzying number of data breaches that occur today, many businesses still don’t have the right document destruction process in place to safeguard sensitive information.

“Neglecting to secure your paper and digital records can compromise your organisation by putting valuable customer data and business intelligence at risk,” said Dr. Larry Ponemon of the Ponemon Institute, in an online post.

Data breaches cost companies millions of euros in non-compliance fines, lost business and reputation, and legal costs.

Learn from their mistakes

Here is where some companies go wrong when it comes to protecting confidential information: 

  • Negligent disposal: Open recycling and rubbish bins are targets for criminals looking for confidential information they can steal. According to an earlier study, a rubbish bin is one of the places where paper documents are most at risk. Partner with a professional document destruction partner that provides a secure document destruction process with locked consoles, security trained personnel, on- or off-site paper shredding, and a Certificate of Paper or Digital Destruction after every shred.

  • Too trusting:  Insider misuse of digital information is a huge concern in the workplace, according to the 2016 Data Breach Investigations Report. The Ponemon study showed that the negligent employee (or third party) is the main security threat in the protection of paper documents. Monitor user behavior, control access to information, and have a secure shredding process. 

  • Taking chances: Over half of employees in the Ponemon study put documents at risk by leaving them at communal printers, in meeting rooms, or at meetings outside the office. Document images on copying machines, printers and fax machines are also threat. A professional document destruction company will do a security risk assessment to identity these kinds of vulnerabilities. Implement a 'Shred-it All' Policy too so that all documents are destroyed when no longer needed.  

  • Not enough training: “It’s often a simple mistake by one of your employees that triggers an incident,” concluded the Data Breach Investigations Report. Make people the first line of defence in an organisation by providing on-going training as well as easy access to secure paper shredding.

  • Lack of physical security: Physical theft and loss of devices and information increase the risk of a data breach. Establish a Clean Desk Policy, create a company policy covering the printing and transportation of sensitive data, and provide endpoint safeguards such as encryption on all devices.

  • Hard drives:  Digital information must be treated like paper information – and protected from creation through to disposal. While thorough disposal procedures seem obvious, they’re not always in place.  Secure hard drive destruction is critical.

  • Not using a professional destruction service: Help employees become more accountable by partnering with a secure service provider that makes it convenient to safeguard and dispose of paper documents into locked consoles.

Secure document destruction is just one aspect of a protected workplace.  Protect your whole business