Spring Clean Your Workplace: 5 Ways for Businesses to Protect Against a Data Breach
Spring has sprung – and it’s not just your home that could use a seasonal makeover, your business operations could probably also benefit from some serious decluttering.
For businesses large and small, misplacing documents, files and electronic devices remains one of the key causes of security breaches. According to an information security breaches survey commissioned by the UK government, 90% of large organisations and 74% of SMEs reported a security breach, leading to an estimated total of £1.4bn in regulatory fines.
And with the EU General Data Protection Regulation (GDPR) legislation coming into force in May 2018, it’s more important than ever for businesses to take stock of their information security processes and act now to ensure they're fit for purpose.
Here are Shred-it’s five top tips for a secure workplace spring clean:
1. Declutter your work space – Although decluttering desk space may seem like an obvious solution, many companies still fall short when it comes to getting the fundamentals in order. Ensure employees remove all papers and non-essential items from their desks that may contain confidential information. Implementing a Clean Desk Policy, which requires employees to clear their desks at the end of each working day, eliminates the risk of documents, files and even sticky notes containing sensitive information from going astray.
2. Implement a comprehensive document storage system – given that many businesses are required by law to retain confidential employee and client information as well as company data for a stipulated period of time, it’s vital businesses have a secure document-retention policy in place. Implement a company wide policy that not only determines which documents need to be kept and for how long, but which also places a limit on the number and type of personnel that have access to storage facilities and files.
3. Ensure confidential information is securely disposed of – take the time to review how securely your business disposes of confidential information. Disposing of material in open recycling or waste bins could pose a serious threat to the information of your company and clients. Instead, consider partnering with an information destruction services expert, to professionally manage your whole document disposal and recycling process, including hard drive and electronic media destruction.
4. Secure your data, both in and out of the office – carrying out a spring clean should by no means be restricted just to the office, or to physical documents or files. All electronic devices used in the office and by employees on the move should be encrypted and password protected. Additionally, businesses should remind their employees to be fully aware of their surroundings when working from home or in a public setting, ensuring confidential information is not left lying around or visible to passers-by.
5. Equip your workplace for the incoming GDPR – if you haven’t done so already, begin preparing for the forthcoming enforcement of the General Data Protection Regulation (GDPR), which comes into effect in May 2018. Businesses can get ahead of the curve by ensuring they adhere to the new standards, for example by appointing a designated data protection officer and adopting a tailored breach notification process in the event of a data breach.
To learn more about the new General Data Protection Regulation, click here to download Shred-it’s GDPR whitepaper.