October 29, 2020

How to Keep Data Secure When Returning to the Workplace



As offices across North America reopen, millions of people are preparing to head back to work. Many businesses are also offering a hybrid work schedule that allows employees to work part of the week in the office and part of the week at home. While this provides greater work flexibility for businesses and employees, what does this mean for data security?
 
Since many employees have been working from home the past several months, in-office data security policies and procedures may not be top of mind. Additionally, Shred-it’s 2020 Data Protection Report (DPR) found that human error causes more data breaches  when employees work remotely. Taken together, splitting time between home and office only increases the risk of data breaches.
 

Four Ways to Keep Data Secure as Employees Return to Work

While decluttering workspaces is a start toward improving the work environment for returning employees, other information security measures should be put in place to ensure data security remains a top priority.
 
Here’s what you can do to ensure data security in your organization when employees return to the office:
 

1. Re-establish Formal Data Security Policies for On-site Employees

As employees return to the office, refreshing and reviewing internal information security policies is a good way to remind employees of their responsibility to protect company data. According to Shred-it’s 2020 DPR, 10% of C-suite executives say they do not have a policy in place for disposing of confidential paper documents, while more than 1 in 3 (38%) small business owners say the same.
 
A Shred-it All Policy helps clear out unnecessary but potentially sensitive documents, and reduces the uncertainty around what to shred and what not to shred. Additionally, enforcing a Clean Desk Policy can help employees keep data security top of mind every day.
 

2. Ensure You Have A Data Security Policy for Remote Workers

In Shred-its 2020 DPR survey completed prior to the COVID-19 pandemic, 77% of C-suites and 53% of SBOs indicated that they have employees who regularly or periodically work off-site. At the start of the pandemic, many businesses quickly launched employees into work-from-home mode without understanding the implications to data security. The DPR also highlights that 53% of SBOs have a policy in place for storing and disposing of confidential information when employees work-site, however only 41% of organizations indicate that their strictly adhered to by all employees. Worse yet, 45% of SBOs state no policy exists at all.
 
This highlights the need for businesses to take a more proactive approach to implementing proper training and data security protocols for all employees, regardless of their location. Best practices include having employees shred their paper, take it back to the office, or drop it off at a local paper shredding company.
 

3. Review and Update Existing Employee Training

While many organizations feel confident in their deployment of data security policies and training, the findings from Shred-it’s 2020 DPR suggest that businesses may not be doing as well as they think. 60% of C-suites and 46% of SBOs reported having a policy in place for storing and disposing of confidential paper documents. However, 24% of C-suites and half of SBOs reported having no regular employee training on their information security policies.
 
To ensure businesses stay prepared, existing information security training should be assessed and prioritized. The role that employees play in safeguarding information should also be emphasized during training and employees should have ample opportunities to ask questions.
 

4. Ensure Proper Technology Safeguards Are in Place

As the sophistication of cyber-attacks grows, so does the need for more frequent and thorough employee training. Shred-it’s 2020 DPR points out that 82% of C-suites (down from 88% in 2019) and 45% of SBOs (down from 52% in 2019) feel that their employees receive regular training on cyber threats. Business leaders can take additional steps to improve an organization’s approach to data security by requiring the use of encryption when storing or transmitting sensitive data, providing VPN access to networks and periodically reviewing user access to applications.
 
Proper safeguards like firewall and anti-virus software will also help mitigate the risk of a data breach occurring. In the event your company does suffer a breach, options like cyber insurance are additional services to consider.
 

Further Protect Your Organization from a Data Breach When Returning to the Office

By implementing information security policies, establishing safeguards, and instilling data security within company culture, organizations will be better protected from the risk of a data breach occurring as offices reopen.
 
Contact us for a free quote or learn more about how Shred-it can protect your documents.