Knowing When and What to Shred is Vital to Help Protect Your Company Against a Data Breach

Now more than ever, businesses cannot afford the potential negative financial and reputational impacts of a data breach. According to the 2023 IBM Cost of a Data Breach Report, the average cost of a data breach reached an all-time high of $4.45 million (in US dollars). This represents a 2.3% increase from the 2022 cost of $4.35 million. To help protect against a data breach, businesses should have a comprehensive data protection plan that prioritizes both digital and physical security risks. Below are some tips that will help determine what information businesses have as well as what documents should be shredded to help protect against a physical data breach.

Implement a Data Management Program

The “basics” of an organization’s data management program form the foundation of effective information practices. Business leaders should meet with their data protection officer and any other relevant employees to answer some key questions about their companies’ information management procedures, including:

• What data is collected and stored?
• How much data is collected and stored?
• Where is data stored?
• For how long is data stored and why?
• With whom is data shared?

Identify Areas of Risk

Conduct an information security risk assessment and a walk-through of administrative areas, including the front desk, to identify high-risk areas such as printing stations, messy desks, and exposed trash and recycling bins. Flag these vulnerabilities and develop policies that can help to remove the threat.

Adopt Data Security Policies

Effective policies include:

• Clean Desk Policy: A clean desk policy helps ensure staff shred or contain physical documents and that all technological devices are password protected each time an employee leaves a workspace. A clean desk policy helps reduce clutter, improves the security and confidentiality of information, and can contribute to an organized workspace as a best practice throughout the organization.
• Shred-it All Policy: This policy encourages the regular destruction of all documents. It is one of the most effective ways to help prevent physical data breaches from occurring.

Reinforce Policies through Reminders and Rewards

To help get buy-in from employees, put up posters reminding them of the new policies in place to protect confidential information in the workplace. Business owners can also drive employee engagement initiatives to encourage employees and incentivize good behavior through rewards such as team member recognition.

Develop Retention Schedules

All documents have a recommended retention period, depending on their importance and content. There may be laws and regulations that dictate which documents need to be kept and for how long. Follow document retention schedules to help keep offices free of clutter and to contribute to the protection of information.

Determine Which Documents to Destroy

Ask yourself the following questions. If you answer YES to any of these, then SHRED the document.

Does it have any personally identifiable information (PII)?

Does it contain information protected by privacy laws?

Does it include any confidential corporate information?

Does the document list any financial information?

This includes:

•  Contracts
• Customer lists
• Medical records
• Payroll information

Physical Data Destruction

Shred-it^® offers a wide range of reliable data destruction services that are designed to best meet your needs.

• One-time shredding: Shred-it^® will perform a one-time collection of documents.
• Regularly-scheduled shredding: Lockable containers are provided in addition to regularly scheduled pickups.
• Drop-off shredding: Drop off documents at a local Shred-it^® office.
• Mobile shredding services: Shred-it^® performs the shredding of documents on-site.
• Specialty shredding services: Shred-it^® securely destroys non-paper items such as price books, media, medical records, exams, expired IDs, old uniforms, and more. Contact Shred-it^® for availability.
• Hard drive destruction: Data can be recovered from devices, even if it has been manually deleted. Shred-it^® offers state-of-the-art technology to permanently delete hard drive data by physically destroying the device. Contact Shred-it^® for availability

Download our info sheet for a more detailed list of what documents should be shredded. Contact Shred-it^® today to learn more about how we can help keep your business’ physical data secure.