The branch that you searched for does not have a page in your preferred language. Would you like to visit the branch page on the #CODE# site?
As the world leader in paper shredding, we ensure your documents are securely destroyed.
Hard drives could cost you millions in a data breach. Physically destroy your electronic data.
Stay ahead of legal or regulatory risks with our easy, online compliance training.
Get a Quote
Back To Information Security Resources
Demonstrating a positive shift in behavior compared to previous years, the 5th annual Shred-it Security Tracker revealed that c-suite executives have not only recognized the real threat posed by data breaches, they’ve also taken concrete steps to improve their security policies and procedures.
In contrast, small business owners have made very little headway in combating information security risks, demonstrating a growing divide between large organizations and small businesses when it comes to information security. For instance, 63 percent of executives say they have protocols in place for storing and disposing of confidential data that is strictly adhered to by all employees, up from 51 percent in 2014. Comparatively, less than half (46 percent) of small businesses say they have protocols in place for storing and disposing of confidential data that is strictly adhered to by all employees and a shocking 37 percent have no protocol in place at all.
Download PDF Version
For instance, 63 percent of executives say they have protocols in place for storing and disposing of confidential data that is strictly adhered to by all employees, up from 51 percent in 2014. Comparatively, less than half (46 percent) of small businesses say they have protocols in place for storing and disposing of confidential data that is strictly adhered to by all employees and a shocking 37 percent have no protocol in place at all.
The security tracker also shows that even when they have protocols in place, small businesses are falling behind in auditing, which is vital for ensuring that policies and procedures are able to combat threats as they emerge. For example, only 27 percent of small business owners say they audit on a frequent bases, compared to 69 percent of c-suite execs who say the same. In fact, one quarter of small business owners never audit their information security procedures and protocols.
When you consider that the average data breach costs US organizations an average of $217 per record lost and legislation violation fines can cost as much as $50,000 – $100,000, an information security breach can result in significant financial damage for any organization.1,2 While a larger company may be better able to absorb a large penalty, one breach for a small business could result in bankruptcy. Small business owners must understand that online predators, inside sources and fraudsters will continue to target businesses and if they continue to lag behind their larger counterparts, they’ll increasingly expose themselves to theft, fraud, and severe financial repercussions that may result in bankruptcy.
For more results from the Shred-it 2015 Security Tracker visit our Resource Center.
As organizations refresh computer hardware and digital storage, they are faced with the issue of what to do with their obsolete IT assets. Proper disposal and destruction of hard drive storage devices is important not only to keep confidential information safe, but also to keep organizations compliant with laws and legislations regarding the storage and disposal of Personal Health Information and Personal Identifying Information.
US Federal Privacy legislations, such as the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) and the Gramm-Leach-Bliley Act (GLB), all set out ground rules for the collection, storage, use, disclosure and destruction of personal information — whether it be health information or consumer data held by financial institutions. All three acts require personal information be disposed of in a way that prevents a privacy breach and that before disposing of electronic devices — such as computers, photocopiers and cellphones — organizations must ensure that all personal information is physically destroyed.3
The most effective way to verify that confidential data found on these devices is completely gone and not susceptible to a privacy breach is to securely destroy the hard drive before disposing of it.
However, the 2015 Shred-it Security Tracker revealed that 37 percent of American businesses surveyed have never disposed of hard drives, USBs or other hardware that contains confidential information.4 That translates into a lot of organizations that are not only risking the personal and confidential information of their customers and employees, but also risking their compliance with privacy legislation.
A data breach has many consequences – financial loss, reputational damage and also legal repercussions. It is critical that organizations protect confidential information by removing and destroying unused hard drives.
For simple workplace guidelines designed to safeguard hard drives visit the Shred-it Resource Center.
The first step in fixing a problem is knowing that it exists. In each edition we feature a high profile data breach to show businesses how they can mitigate similar risks.
This quarter we’re featuring Montefiore Medical Center.
Montefiore Medical Center: Recently Monterfiore Medical Center was forced to notify patients that a security incident had occurred when a former employee stole the private information of 12,517 individuals, including names, addresses, dates of birth, social security numbers, next of kin information and health insurance details. The employee has since been arrested and is being prosecuted for the crime.
What do you do: Internal breaches continue to be a significant threat to businesses across North America, with 50 percent of US organizations reporting that the most serious economic incidents of fraud were more likely perpetrated by internal sources.5 Unfortunately, businesses all too often overlook areas of vulnerability within their workplace, placing their confidential information at risk of a data breach. However, there are concreate actions business leaders can take to lower the risk of fraud and become more secure including:
Shred-it’s most important relationship is with its customers, which is why Shred-it Partners are trained to provide top level customer service and expertise. In each edition we highlight a Shred-it Partner that went above and beyond to provide exceptional customer service.
“Treat others like you want to be treated” is an old adage that continues to drive Elisha Glick’s commitment towards customer service. Often going above and beyond to address the concerns of her customers, Elisha approaches each call she receives with an unsurpassed level of professionalism and respect, relying on her experience to find the right solution for any customer concern.
Elisha credits her Shred-it colleagues and management team for inspiring her commitment to customer service.
"My heartfelt thanks again for your due diligence…Let me finish by saying that professionals like you, who really care, make a whole lot of difference in the business and that is why they appointed you district office supervisor, because you simply care!”
— Fernando Silva, Kine Med
Shred-it commends Elisha on her professionalism and willingness to go above and beyond to help a customer. Way to go Elisha!
You can also stay informed with Shred-it on Facebook and LinkedIn or follow us on Twitter @Shredit.
Stay informed with the latest in information security news and promotions.
Fill out the form or call 888.750.6450 to start protecting your business today!