December 15, 2016

Happier Holidays: 8 Reasons to Outsource Information Security



The hectic holiday season shines a spotlight on the importance of simplifying document security in the workplace.

When employees are dealing with already busy schedules, holiday lunches, personal shopping and extra work due to upcoming vacation days, it’s easy to see how workplace security can slip.

The 2016 Data Breach Investigations Report by Verizon showed that miscellaneous errors by end users of an organization took the top spot for security incidents. The errors included the improper disposal of company information, IT misconfigurations, and lost and stolen laptops and mobile phones.

Contracting document security to a professional third party is one way to reduce the opportunity for insiders and other criminals to access and steal information.

Here’s how outsourcing document destruction helps to simplify security and decreases the risk of a security breach all year around:

  1. In-house shredding is not secure. When handling document destruction internally, companies tend to purchase lower-end and less reliable technology. Also, employees are not usually trained in secure destruction processes, and there’s a risk of mistakes in determining what is or isn’t confidential and needs to be destroyed. In a recent Ponemon study, 55% of respondents also said their organization had a security incident or data breach due to a negligent or malicious employee.
  2. Smoother operations. When document destruction services are scheduled, services will continue through the holidays. More importantly, document security becomes embedded, and complying is part of day-to-day document handling. Experts also recommend a Shred-it all Policy so all documents are shredded when no longer needed. Also, a Clean Desk Policy will help keep the workplace tidy and remind employees to protect confidential data on paper, hard drives, and small storage devices.
  3. Security specialists. Partnering with a trustworthy document destruction specialist ensures security-trained and -screened document handlers who follow stringent security practices and standards. They should be NAID-Certified. NAID is the standards setting body for the information destruction industry.
  4. Improved compliance. A document destruction services provider understands industry and sector privacy laws and legislation. There are specific regulations that govern the handling of protected information in every industry and sector.  
  5. Chain of custody. The document destruction specialist should have a chain of custody so information is securely handled and protected from the time it is identified for destruction to the destruction process itself. There should be locked consoles installed in the workplace, and a Certificate of Destruction issued after every shred.
  6. Best practices. Document security solutions should include industrial-level cross-cutting technology in a range of shred sizes to safely destroy information. Material should never be sorted before it is shredded, and it should be destroyed in a secure, locked area. All paper should be recycled after secure destruction.
  7. Customized services. A professional document destruction service should tailor its services to an organization’s unique document management requirements.
  8. Digital documents too. Ensuring that legacy electronic devices are destroyed with some frequency is critical, according to the 2016 Shred-it State of the Industry Report. Compliance solutions should include complete and irrecoverable hard drive and e-media destruction.  

Learn more about how to improve document security by outsourcing information destruction needs.