May 27, 2013

The enemy within: why recycling bins are a major source of white collar crime

In this issue, we will explore how the everyday recycling bin has become a significant threat to the security of American businesses, and what can be done about it.

White-collar crime is on the rise in the United States. In 2012, 53 per cent of American organizations said they did not believe a security breach would seriously impact their business. In reality the average organizations loses 5 per cent of its revenue to fraud every year.1 It’s bad enough to consider that more than one in three organizations is falling victim to this form of criminal behavior. Even worse, in 61 per cent of reported crimes, the perpetrator is an employee of the organization.

1. Why is this happening?

One of the keys to solving this mystery is just a few feet away from you, in that little blue recycling bin tucked in a corner of your office or workspace.

By far the greatest use of office recycling bins is to dispose of documents, many of which contain information that is confidential to your organization, your customers and your stakeholders. You might have a paper shredder located somewhere in the production room, but in all likelihood it sits idle most of the time. Frankly, who’s going to go through the trouble of getting up from their desk and walking down the hall to the shredder when that little blue bin beckons just within arm’s reach?

Criminals know this. They know that if the company has no formal policy for storing and destroying confidential information, employees will be left to decide on the recycling bin versus the shredder – and most of the time, it’s no contest. The convenient recycling bin wins hands down.

2. Who is committing the crime?

Ask yourself who knows best the value of the information being tossed into recycling bins. The obvious answer is your employees, which is a major part of the reason why 6 in 10 white-collar crimes are “inside jobs”. And the crime itself is safe, easy and virtually impossible to detect. Just think of how exposed your information is while it sits in the bin or, once gathered, is left unattended in large plastic bags by the elevator.

3. How can you protect your business from this white-collar crime and keep your confidential information out of the wrong hands?

The security and confidentiality of information inside your organization is simply too important to be left to the discretion of each individual employee.  You need to remove choice from the equation and make the desired behavior easy and automatic – like buckling up in the car or on a plane.

Shred-it offers the following tips on how your organization can manage and dispose of confidential documents:

  • Demonstrate a top-down commitment from management to the total security of your business and customer information.
  • Establish a formal information security policy; train employees to know the policies well and follow them rigorously.
  • Identify security loopholes at every stage of the information cycle, from data generation and storage to the transfer of data from location to location, and eventually to document destruction.
  • Introduce a "shred-all" policy, where documents are carefully destroyed on a regular basis.
  • Introduce special locked consoles instead of recycling bins.
  • Conduct periodic security audits. If you don't have the resources to implement a secure document destruction program, work with a reliable third-party vendor.
4. Contact Shred-it for a free security consultation.

For more information or to get started on the road to more secure document handling, visit the Shred-it Resource Centre. You can also stay informed with Shred-it on Facebook and LinkedIn or follow us on Twitter at @Shredit.

Shred-it Wins Gold

We are very proud to announce that the Shred-it 2012 State of the Industry (SOI) Report is the Gold Winner of Info Security’s Global Excellence Industry Awards in the Corporate Collateral category. Info Security Products Guide is the leading online publication for the information security industry and its awards “recognize and honor excellence in all areas of information security”.

At Shred-it, we believe it is important not only to provide information destruction services, but also to act as a trusted information security advisor. Our annual SOI Report, launched in 2012, offers our perspective on information security industry trends, key business drivers for adopting security protocols, best practices, case studies, and information security trends for the future. The 2012 Report included best practices to prevent information security breaches, a case study of an actual security breach and its impact on the company, a summary of recent changes in privacy legislation, and innovation in document destruction technology and services.

We are delighted that Info Security has recognized our efforts to provide educational tools and insights to help organizations of all sizes protect themselves and their customers from theft and data breaches that can cause financial and reputational damage.

View the Shred-it 2013 SOI Report by visting
shredit.com/state-of-the-industry-us

Get the Newsletter