Information Security During an Economic Wave

Welcome to the first issue of Securing the Future, an informational e-newsletter focused on the issues of security, privacy and compliance, and how they affect your organization and your customers. You can look forward to receiving Securing the Future periodically via email.

Everyone is reading about companies which have been affected or threatened by the current economic climate. What's in store for us for the rest of 2009 and beyond is the question on everyone's mind. While no one has a crystal ball to predict the future, one thing is clear: right now, all businesses will be wise to take a hard look at how they can increase operational efficiency and improve the bottom line, while boosting security in these times of economic uncertainty.

1. Riding the Economic Wave

Fraudsters are becoming more creative

In an economic downturn, companies are pushed to do more with less, re-examining the way they do business. However, as they cut back on their budgets, they may be making themselves more vulnerable to security risks that, unfortunately, go hand in hand with economic instability.

"If you look at the world situation today, the economy is bad everywhere, and that tends to bring out more people seeking shortcuts to finding funds," says Dr. Gene Spafford, founder of the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University."

"This is a bad time to cut back on your vigilance, or to postpone some very critical implementations. This is something you need to convey to management. This is a time when people committing fraud are getting more creative, and are larger in numbers. Your business is less able to absorb losses."

Minimize costs and maximize vitality

Bracing for the economic challenges ahead, forward-looking companies will look for the following regarding solutions:

• Cost savings
• Productivity increases
• Reputation enhancements
• Security boosts

A critical area of any business, particularly if it deals with sensitive customer information, is how it manages data, and how it disposes of the documents it no longer needs. Yet, the rising numbers of privacy and security breaches signal that many organizations would be better off improving their document management practices.

Save costs by outsourcing

One secure and compliant method they can consider is outsourcing their document destruction needs. It is recommended that these services are managed by a reliable, experienced partner who meets all their specific document destruction needs. In fact, outsourced document destruction can produce cost savings of up to 17 per cent compared, to in-house. In addition, outsourcing document destruction to a qualified company will:

• Boost the security of your business and customer information
• Maintain the trust of your customers
• Facilitate your regulatory compliance
• Protect your reputation
• Reduce your organization's environmental impact

2. How to reduce document destruction costs

One critical aspect of outsourced document destruction is freeing up your staff from the time-consuming and onerous task of shredding documents to have the time to engage in profit-generating activities. Increasing your staff's productivity is especially important in a recession, when productivity is the name of the game. The initial investment of setting up a secure document disposal process will pay off in significant productivity gains long-term.

Based on such factors as the number of employees generating and shredding paper, the time it takes them and their hourly wage, experts from Shred-it, a worldwide document destruction company, calculated that, compared to the in-house shredding process, outsourced document destruction, on average, produces productivity savings of 17 per cent. Not insignificant for the balance sheets of companies dealing with the current economic crisis.

Security breaches can cost up to $22 million

Of course, these calculations do not take into account the potential costs of litigation and reputation damage that could potentially be caused by security breaches. According to Forrester Research Inc., in 2006 companies that experienced security breaches lost between $1 and $22 million.

There's evidence indicating that the theft of information by employees is one of the key reasons causing the breaches. In the medical context, for example, 10 per cent of all medical identity theft results from the theft of information by health-care workers, according to the Better Business Bureau.

3. Securing your business in insecure time

According to the Identity Theft Resource Center's 2008 Breach report, data breaches increased dramatically in 2008, reflecting an increase of 47 per cent over the previous year's total. Experts from the Identity Theft Assistance Center expect identity theft to increase in 2009, noting that "cyber criminals exploit weaknesses in poorly configured websites, especially social networking sites, wireless networks and web applications." This data proves that our knowledge-based society is extremely vulnerable to the activities of the criminals who get rich by stealing business and personal information.

Nine million Americans have their identities stolen each year

And it's no small issue. In fact, the U.S. Federal Trade Commission estimates that as many as nine million Americans have their identities stolen each year, while the U.S. Department of Education notes that identity theft is one of the fastest growing crimes in the U.S., costing victims over $5 billion annually.

However, in a recession, when reducing costs is everyone's top concern, you may be looking at each line item in your budget and possibly thinking of document destruction as one of the items to go. But taking risks with the security of your business and customer information would not be a good choice, especially during the current economic times.

In fact, according to The Wall Street Journal, during a recession, fraudsters take advantage of economic confusion and anxiety to target both consumers and businesses.

Targeting security for cost-cutting, you expose your company to significant risks of a security breach. The potential costs of litigation and winning back your reputation may far exceed the cost of professionally-managed, secure document destruction.

Solutions to reduce the risk of a security breach

Using standard, tested and universal processes to handle the tail end of information management, Shred-it provides solutions that significantly reduce the risks of sensitive data falling into wrong hands. Among its solution components are

• Compliant document destruction services, provided consistently worldwide
• Strict chain of custody procedures to ensure private information never falls into the wrong hands
• Sturdy, locked security containers where businesses can safely dispose of paper documents
• Security containers that can only be opened by Shred-it's bondable Customer Service Representative
• Mobile shredding trucks that shred documents into fine confetti at the customer's location
• Ability for customers to visually verify their documents have been destroyed
• A "Certificate of Destruction" provided to the customer each time their location is serviced