August 25, 2016
The importance of document security never takes a vacation but with summer coming to an end, it seems like an appropriate time to review security vulnerabilities in the workplace – and do some housekeeping.
While the 2016 Shred-it State of the Industry Report showed that the C-Suite is increasingly aware of the legal requirements of storing and disposing of confidential data, there are still security breach hotspots.
Here’s a look at vulnerable areas and information security risks in the workplace today:
Printer trays: Documents left in printer trays may be picked up by an insider fraudster or other information thief.
Solution: Secure the printing process. Experts recommend a ‘pull print’ solution to help decrease the risk of a data breach while also reducing printer waste.
Storage rooms: Some companies still stockpile old hard drives. But research has shown that used hard drives contain confidential information.
Solution: Clean out storage rooms regularly, and have old hardware and electronic media securely destroyed.Partner with a document destruction expert for these services.
Messy work areas: Confidential data may be visible on computer screens or paper documents left out on a desk – for passers-by to see and steal.
Solution: Implement a Clean Desk Policy so that employees are more aware of protecting information from prying eyes at all times.
Garbage cans: Throwing confidential information into a garbage can is a huge security risk. Documents can easily be picked up (61% of perpetrators in white-collar crimes is someone inside the organization). When transferred to a larger garbage bin outside, dumpster divers may steal the information.
Solution: The information security policy should include guidelines for the secure disposal and destruction of all loose leaf paper. Partner with a leading shredding company for secure disposal.
Open recycling bins: Some organizations still have a traditional recycling process that includes open recycling bins throughout the workplace. But information thieves may steal information at any step in this process.
Solution: Partner with a reliable shredding company that replaces recycling bins with secure, locked consoles and regularly removes documents for secure shredding using cross-cut technology. Shredded paper should then be transported to a paper mill for recycling. The company should provide a certificate that shows the number of trees saved annually. For every two consoles of paper shredded and recycled, one tree is saved, according to Shred-it.
Mobile workplace: Over two-thirds of IT security professionals surveyed in a 2015 study by Ponemon were certain or said it was likely that their organization had a data breach as a result of employees using their mobile devices to access company information. Carelessness can also lead to the loss or theft of devices – and information.
Solution:In addition to standard device safeguards (passwords, encryption, anti-virus, etc.), there should be an information security policy for mobile workers. Best practices include using a sign out system, and securely destroying devices when they reach end of life. Never leave devices unattended. Return confidential information on paper and in digital form to the office for secure disposal.
Another important way to reduce the risk of a data breach is to have a document management process in place that protects confidential data from creation to disposal.