August 31, 2017

Information Security: Here’s What Confidential Documents Look Like

Human error accounted for almost two-thirds (62%) of the data breach incidents reported to the Information Commissioner’s Office (ICO) in the U.K. over a three-month period in 2016.

Exposing confidential information is an easy mistake to make especially when you’re not sure of what makes a document ‘confidential’.

At home and in the workplace, a first step in reducing the risk of a data breach is learning what information is being targeted by information thieves.

Here is what confidential documents look like.

• They contain personally identifiable information (PII). PII identifies an individual in some way (for example, signature, name, address, phone number, e-mail address, account number, social security number, driver’s licence, school information and medical information). In the workplace, PII would include employee work records, and customer and supplier information.
• The information is protected by privacy laws. Privacy laws and other regulations direct much information management in the workplace. Organizations have a legal obligation to protect the privacy of clients, customers, and employees by securely handling confidential information. There’s often a minimum and maximum amount of time that information must be kept on file. Use a retention schedule, and label documents with their destruction date. Consumers can cheque laws to know what documentation they must keep and for how long.
• They detail corporate trade secrets. Businesses must protect information that they do not want other companies and individuals to see. This would be data pertaining to research and development, sales and marketing strategies, profit and loss statements, trade secrets and intellectual property, and tax information.
• They list financial details. Financial documents that link back to a business or individual must be protected. This includes ATM receipts, credit and debit statements and receipts, returned checks, pre-approved credit applications, investments, stocks, and property transactions.
• They’re often overlooked documents. There are 'confidential' documents that many people are simply not aware of. For example, boarding passes (the bar codes hold contact information), shipping labels (address labels on packages potentially include confidential information), junk mail (personal data is often included in correspondence), photos (even if thieves can’t completely steal an identity with a photo, they can make one up), post-it notes (people often record passwords on these notes), and pay stubs (they can contain details such as health insurers and banking account numbers).
• Documents are digital. Most people know that confidential information is often on paper but sometimes forget that when stored on a hard drive, cyber criminals and others can access it. Stockpiling hard drives is dangerous because information can be recovered with special software no matter how old or broken down the hard drive is.

To guarantee protection, confidential information that is no longer needed must be securely destroyed. Partner with a professional shredding company that uses cross-cut technology for paper documents and industrial shearing and crushing equipment for hard drives and e-media. A Shred-it All Policy, which stipulates that all documents are destroyed when no longer needed, will help reduce the risk of employee error and fraud.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.