While security challenges associated with G20 are immense, businesses in the “zone” must also prepare for potential information security risks
Shred-it offers practical guidelines for secure information management under heightened security risk and emergency conditions, as well as Data Security Audits to facilitate security preparedness
Oakville, ON – June 16, 2010 – As businesses in the Toronto core brace for the impact that the G20 Summit will pose, Shred-it, the world’s leading information security company that provides secure information destruction services worldwide, is offering practical guidelines, as well as Data Security Audits, to companies in the security zone or temporarily re-locating outside of the zone.
”While unprotected sensitive information is a security threat at all times, the transition to new work bases, such as homes and off-site locations, that many business operations impacted by the G20 Summit are resorting to, create unprecedented challenges to data security,” says Vincent R. De Palma, President and CEO at Shred-it. “Heightened vigilance and an acute understanding of possible risks and solutions is an imperative for every organization in the ‘zone.’ ”
With a roster of clients that include over 150,000 global, national and local businesses, the world’s top intelligence and security agencies, as well as more than 500 police forces, 1,500 hospitals and 8,500 bank branches, Shred-it is the leading expert in addressing the challenges of managing, storing and destroying business-critical information under high-risk and emergency conditions on a daily basis.
“Our job at Shred-it is to provide counsel and solutions that help organizations make sure their information is secure, and it’s mission-critical for us to call on all companies in the core to effectively address all possible security gaps in the context of the G20 Summit, which has been called the largest security event in Canada’s history,” says De Palma.
Shred-it experts are available to support organizations with practical guidelines for secure information management under heightened security risk and emergency conditions, as well as onsite Data security Audits.
According to a recent poll conducted by EKOS for the Office of the Privacy Commissioner of Canada, 42 per cent of businesses surveyed are not concerned about security breaches. “Even during normal operations, increasingly massive pools of data that include client, employee, payroll, cash flow, supplier, as well as business strategy and other critical information, are vulnerable to privacy breaches, theft, fraud and corporate espionage. These risks intensify significantly if all or some of the company operations and personnel are functioning from off-site locations,” says De Palma.
While some sectors, particularly IT, are well-versed in operating remotely and have security systems in place to support such distributed work environments, for most organizations in the “zone” adopting their complex operational and information requirements to the off-site mode is unchartered territory. “When employees transfer electronic files to USB drives or take sensitive paper documents to work from home, temporary offices or even coffee shops, it’s a huge risk to your business-critical information, unless there’s a rigorously followed company ‘blueprint,’ with clear directives, such as ‘shred-all’ policies, prescribing employees to manage data securely in any setting, including off-site,” says De Palma.
Compromised data security leads to violations of privacy and information security laws and regulations, such as the federal Personal Information Protection and Electronic Documents Act (PIPEDA). In addition, the costs of security breaches include potential identity theft and fraud, unhappy clients or employees, negative media attention, costly lawsuits and corporate espionage. These, in turn, may translate into significant and, sometimes, devastating damage to an organization’s reputation, brand and, ultimately, bottom line.
SHRED-IT G20 SECURITY CHECKLIST
- Start with a Data Security Audit to identify your unique security gaps. List all risks specific to your organization and your current operating environment. Target both paper and electronic sources; consider every stage of the information cycle, from data generation and storage to the transfer of data between your central office and off-site locations to document destruction.
- Develop an easily executable emergency preparedness plan that addresses these risks. Remember: all information essential to your business must be stored securely; all information that is no longer needed must be destroyed.
- If your office operates in the “zone,” lock all important documents in office drawers and filing cabinets. Make sure there are no unattended files on your desks, in file rooms or copying and printing areas. Also secure all electronic sources, such as computer and copier hard drives.
- If any of your employees are working off-site, strictly limit or minimize printing or copying of sensitive paper documents in off-site locations, including home. Engage a professional provider, such as Shred-it, to destroy all paper waste while working off-site, or encourage your employees to securely store all unneeded documents until they can be brought to the main office for secure destruction after G20.
- Shred all documents you no longer need. Lock all unshredded paper waste in a place where it is not accessible to unauthorized outsiders – ideally, in non-pliable security consoles. Shred-it’s consoles use secure beveled slots ensuring once paper goes in, it cannot be removed or compromised.
- Conduct an information security preparedness meeting with your employees. Walk them through your expectations and possible scenarios. Give them brief security guidelines in writing. If your employees are working off-site, make sure they minimize their off-site storage of information on USB keys, laptops and other portable devices, securely store all paper waste until they can bring it to the office for secure destruction and do not throw away any paper documents in dumpsters, garbage or recycling bins.
- Work with a reliable security partner that can help you throughout the process, from auditing your data security to helping you devise your security strategy to destroying your paper waste and hard drives.
Companies in the G20 Summit security zone can book a free Shred-it Data Security Audit by calling 1-905-465-4288.
Shred-it is a world-leading information security company providing document destruction services that ensure the security and integrity of our clients’ private information. The company operates 140 service locations in 16 countries worldwide, servicing more than 150,000 global, national and local businesses, including the world’s top intelligence and security agencies, more than 500 police forces, 1,500 hospitals, 8,500 bank branches and 1,200 universities and colleges. For more information, please visit www.shredit.com.
Strategic Communications Specialist
On behalf of Shred-it