How Outsourcing Document Security Eliminates Risk
Have you noticed how many document security breaches are in the headlines these days?
As a response, a growing number of companies are investigating the ways they can improve their document security policies, including which shredding service to use to shred documents once they’re no longer needed.
From sensitive interview records being left in a filing cabinet in a former police station, to confidential documents being left in recycling bins, there are numerous examples of companies and organisations that were sloppy in the handling of confidential paperwork. This carelessness can result in victims’ identities becoming compromised or stolen, while the negligent companies also face costly fines and damage to their reputation.
And it’s not only unintentional breaches that are an issue; in today’s high-risk environment, companies are feeling more vulnerable to malicious insider attacks than ever before. One study found that 55% of companies saw the biggest threat to data security as coming from privileged insiders. In addition, another study found that 56% of all fraud was reported to have been committed by insiders.
At first glance, document shredding sounds straightforward and no more difficult than buying a shredder from the local office supply shop. There are many variables, however, that must be considered to ensure documents are destroyed thoroughly and securely, such as whether to use a third party on or offsite shredding company, or take the DIY approach using an office shredding machine.
Here are a few common challenges that companies should consider before making in-house document shredding a company policy:
- Strip shredders - the smaller ones commonly found in offices, do not provide secure document destruction because the vertical strips can be reassembled.
- Office shredders sometimes fail under the demands of an office environment, leaving confidential information intact, sometimes just dumped next to the shredder, until the equipment is repaired or replaced.
- Office shredders cannot shred tougher materials such as staples, binders, paperclips, CDs, DVDs and more.
- Computers and photocopiers may expose confidential data, even with hard drive erasing software – only destroying the hard drive with professional equipment is 100% reliable.
- Shredding paperwork uses employees’ time, taking them away from other, more productive activities.
- Just shredding your documents doesn’t make your business legally compliant – in the event of a suspected breach, a Certificate of Destruction from a reputable shredding provider could be required to show proof of destruction.
- Unauthorised employees may be exposed to sensitive information as many companies use an administrative-level employee to reduce the resource costs of document shredding.
- n-house shredding cannot respond to spikes in demand, which are commonplace in many businesses during busy times such as clearing the office after Christmas.
- According to the Ponemon Institute, in 2015, the cost of a data breach was £104 per compromised record, and the overall cost of a data breach averaged £2.37 million.
- Companies may face expensive legal fees, fines of up to £500,000 for a serious breach of the Data Protection Act, or criminal investigations.
- There's also intangible costs such as the damage to a company’s reputation, negative media coverage, and loss of customers, etc. The Ponemon Institute 2015 Cost of a Data Breach study found that an average data breach resulted in £1.07 million of lost business.
Learn more about how outsourcing document security can protect your business.