August 02, 2017

5 Surprising Threats to Information Security


Most companies have data breach preparedness on their radar today.

While staying ahead of emerging security threats requires constant attention, the 2017 State of the Industry Report from Shred-it showed there are basic threats still residing in the workplace too.

Here are 5 of the biggest trouble spots in information security, according to the report.

  1. Paper clutter:  Despite the growing digital work environment, the average office worker still uses up to 10,000 sheets of paper each a year. Accumulating paper clutter on desktops and throughout the office can increase the risk of a data breach. Solution: All organizations today should have a data protection policy that includes comprehensive paper security strategies. For example, a Clean Desk Policy stipulates that all confidential information is protected and not visible to passers-by. When employees are away from their desks, documents should be stored in locked drawers or filing cabinets.
  2. Document disposal: When paper documents are no longer needed, secure destruction is critical. The Shred-it study showed that in the U.S., 39% of small business owners (SBOs) have no policy in place for storing and disposing confidential paper documents. Solution: Partner with a recognized document destruction company that provides locked consoles for the workplace and a secure chain of custody for document destruction.  
  3. Mobile data loss: Many companies rely on mobile devices today, and that means the secure destruction of digitized information – and all hard drives – has to be a priority too. However the report showed that 44% of SBOs in Canada, for example, have no policy for storing and disposing of hard drives, USBs and other electronic devices; 46% of C-Suites dispose of hard drives and e-media less than once a quarter. Legacy hard drives stockpile in the office but even if files have been deleted or wiped, information thieves have software that can recover them. Solution: Partner with a reliable document destruction company for regular and secure hard drive and e-media destruction services. 
  4. Compliance issues: Understanding privacy laws that pertain to specific industries and geographical location is critical. The Shred-it report showed there is a low awareness, for example, of the General Data Protection Regulation (GDPR). This new law better protects European Union citizens and goes into effect next May. All companies, anywhere in the world, handling data of EU citizens, must comply. Solution: Speak to an expert in data protection legislation to ensure all policies and procedures are up-to-date.
  5. Lack of employee training: According to research, up to one quarter of data breach incidents are caused by human error or negligent employees. Providing employees with the right tools and information will help protect sensitive data. But the Shred-it report revealed that in the U.S. about half – 48% - of C-Suites train employees once a year or less on information security policies; 41% of SBOs never do. Solution: Provide on-going employee training. According to the report, understanding phishing and other scams and knowing how to protect mobile devices are two areas that need to be addressed.

Start Protecting Your Business 

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.