July 21, 2016

6 Ways to Improve Information Security for Business

Staying secure in the digital world was a key theme of the 2016 Shred-it State of the Industry Report.  

The report draws on the annual Shred-it Information Security Tracker, which uncovers risks and trends in business data security around the world.

What’s clear everywhere is that digitization has transformed both the workplace and information security protocols.

To fight cyber crime and protect confidential information, organizations must have all the right business information security in place.

Here are 6 ways an organization can improve its information security.

  1. Prioritize Security Awareness: Information security for business should be visible throughout the organization. Implement a culture of security and responsibility from the top down with security policies and procedures as well as leadership such as a CISO (Chief Information Security Officer). Provide on-going employee training, and engage employees at all levels with an ambassador program (employee ambassadors champion security awareness and best practices).
  2. Take Compliance Seriously: Privacy laws and legislation regulate the storage and destruction of confidential data. Implementing best practices for data destruction is critical. The State of the Industry report showed that the C-Suite is increasingly aware of the legal requirements of storing and disposing of confidential data. Also, 47% use a professional destruction service to dispose of electronic materials.
  3. Know What Information is on File: A comprehensive document management program is designed to protect confidential information from creation to disposal. Regularly review the information the organization collects, and use a data retention process to securely store and dispose of it. Partner with a reliable information destruction provider for secure destruction of information.    
  4. Protect Remote Office: The number of remote workers in the U.S. is forecast to reach 105 million by 2020. While 92% of C-Suites in the study said some of their employees work remotely, only 31% have information security policies in place for both off-site work environments and flexible working areas. Specific safeguarding policies and procedures are necessary. Limit the type of information employees can remove from the office. Implement ‘best practices’ for handling confidential information. Use privacy screens on laptops and other equipment. Direct employees to bring all information (paper and digital) to the workplace for proper disposal and destruction.
  5. Protect all Devices  The mobile workforce accesses company information remotely, and it’s important to protect devices. There are two ways. Security awareness training should focus on best practices for employees. For example, never leave devices unattended, and only use trusted networks (not public Wi-Fi). Safeguards on devices are also important. For example, be sure all mobile devices are encrypted and password protected.
  6. Destroy Unused Hard Drives The State of the Industry Report recommended strong protocols and policies that govern how legacy electronic hardware is stored. Over three-quarters (76%) of C-Suites destroy hardware every two or three months – or more often. Almost half of corporations in the research used a professional destruction service to dispose of their obsolete electronic devices.  

Learn how to use a Clean Desk Policy in and out of the office to protect your organization and reduce the risk of a data breach .