Page not available in your preferred language
The branch that you searched for does not have a page in your preferred language. Would you like to visit the branch page on the #CODE# site?
Boxes and filing cabinets stuffed with old documents? Get our One Time Shredding Service.
Protect your business from an information breach with regularly scheduled paper shredding service.
Our convenient, easy to use, drop off document shredding is just around the corner.
Ensure sensitive data on old hard drives is 100% inaccessible by physically destroying the drive.
Private information can be found on more than paper: we destroy CD-ROMs, USB drives, and data tapes.
From pill bottles to identity cards, specialty shredding destroys information wherever it’s found.
Get a Quote
Back To Information Security Resources
A company experienced an information security breach in 2011 when one employee accidentally lost key financial information supporting a large deal. As a result, the company lost business, reduced its staff and took a reputational hit. The following year, the company began to rebuild by winning a distribution deal for a key product. The company then faced a tough decision: what should it do about its information security to help ensure long-term stability and growth?
Download PDF Version
The company appointed a Chief Information Security Officer (CISO), who implemented mandatory all-staff training in proper information security policies and procedures, placing a priority on the protection of client and customer information. By ensuring growth and security went hand-in-hand and by having staff properly trained, the company successfully grew and remained well-secured.
The company felt ‘lightning would not strike twice’ and opted to focus its resources on new business opportunities rather than training staff in proper information security procedures or appointing an individual responsible for information security. Eight months later, proprietary information was recovered from an unencrypted USB key left in an unlocked car, leading to the loss of multiple clients and half of the company’s revenue.
If an organization experiences a data breach, there are a few important steps that should be taken immediately:
Seek expert legal assistance and advice
Take inventory of the data that has been impacted
Develop a targeted plan of action that includes clearly-defined steps
Carefully manage the flow of information related to the breach
Be prepared to communicate effectively to all stakeholders, including customers, partners, vendors, employees, the media and if needed, the Federal Trade Commission’s Bureau of Consumer Protection
Quick corrective measures are essential, but it is also critical for companies to take proactive steps to prevent further breaches from occurring.
Companies should consider appointing an individual to be responsible for information security. This individual could ensure all staff are regularly trained in proper information security procedures and policies and would be the dedicated point of contact in the organization for all issues related to information security. Having a person accountable for information security allows for peace-of-mind both internally and from clients and customers.
Organizations may question the need to invest in the salary cost for an individual responsible for information security. While the salary cost might seem prohibitive, having a culture that prioritizes information security produces long-term cost savings for an organization, including the protection of their reputation, clients and revenue.
Currently, not all businesses in the United States are taking the proper steps to prevent information security breaches. The 2013 Shred-it Information Security Tracker results show that 48 per cent of small businesses in United States have no one directly responsible for managing data security issuesi . It also demonstrates that 33 per cent of small businesses never regularly train their staff in regards to their company’s information-security procedures or protocols and 48 per cent of large businesses train their staff only once a yearii .
When it concerns the protection of proprietary information, it is in a company’s best interest to do whatever it can to prevent data loss – but an organization is only as strong as each individual employee. Businesses should ensure that all employees receive thorough and regular training in proper information security policies and procedures.
Having an individual at the helm of a company’s information security reminds all staff to do their part in securing their company’s data. Ultimately, this helps to create a culture of accountability – and one that recognizes how proper information security helps to breed long-term success.
For more security tips, educational tools and best practices, visit the Shred-it Resource Centre. You can also stay informed with Shred-it on Facebook and Linkedin or follow us on Twitter @Shredit.
i2013 Security Tracker, “Does your business have an employee directly responsible for managing data security issues?”
ii2013 Security Tracker, “How regularly are all staff trained in regards to your company's information-security procedures or protocols?”
Fill out the form below and we’ll contact you with a free quote within the hour! (Between 8:00am and 5:00pm, Mon - Fri)