The branch that you searched for does not have a page in your preferred language. Would you like to visit the branch page on the #CODE# site?
Protect your business from an information breach with a regularly scheduled paper shredding service.
Storing or just erasing obsolete hard drives could cost you millions in a data breach. Let us securely destroy your electronic data.
Boxes and filing cabinets stuffed with old documents? Get our one-off document destruction service.
Confidential information can be found on more than paper: we destroy CD-ROMs, USB drives, and data tapes.
From uniforms to identity cards, speciality shredding destroys information wherever it’s found.
Help your business prepare for The General Data Protection Regulation (GDPR) with our GDPR Awareness workshop.
Get a Quote
Back To Resource Centre
Welcome to the fourth edition of Securing the Future, a periodic e-newsletter from Shred-it. In this issue, we will talk about the importance of education and awareness when it comes to information security – and pinpoint some common concerns and best practice solutions that will help you create a high-security culture in your organisation
“There is a growing need for secure document management and destruction as a preventative measure against information security breaches,” says Michael Skidmore, Chief Security Officer at Shred-it. “Effective protection comes hand in hand with an organizational culture of total security, which requires a shift in the attitudes of employees. Employees should not only know and understand their organization’s security policies and procedures, but truly commit to them and implement them correctly. With regard to document destruction, one aspect of this cultural shift is moving away from the paradigm of ‘document disposal’ to ‘document destruction’ and, even more importantly, ‘destruction at the source’.”
With fraud on the rise amidst the ongoing recession, data security is now more important than ever for UK businesses looking to protect their financial standing and corporate reputation. The potential costs of a data security breach could run into millions of pounds, leading to dented credit ratings, angry or lost customers and irreparable damage to client trust. However as the recovery from the economic recession is just starting, many organisations are still showing a reluctance to increase or even sustain their security budgets. According to independent research commissioned by Fellowes in 2009, only 64% of UK businesses have put in place a clear policy on how to handle documents with sensitive information. The question arises: are scaled down security measures enough to deal with the growing threats of security breaches?
“The high-security culture does not necessarily mean an increase in budgets or more effort,” says Robert Guice of Shred-it. “In many cases, it simply means changing your processes and thinking differently. The first step towards a culture of high security, so critical to the integrity of any organisation’s confidential data, is to understand the big picture of the organisation’s typical security risks and then assess the best way to address them.”
While each and every organisation has unique security challenges, it is essential that employee education is at the forefront of any security policy in the workplace. In particular, educating employees on what documents need to be securely destroyed is key, since according to the aforementioned research by Fellowes in 2009 , nearly one-third (32%) of employees admit to always throwing sensitive documents directly into the rubbish bin.
• Disclosure or loss of confidential data
• Compliance with Canadian regulations and legislation
• Business continuity and disaster recovery
• Loss of strategic corporate information
• Employee understanding and compliance with security policy
It may come as a surprise to many that insider access to sensitive data, including customer and employee records, is a major security concern, potentially leading to identity theft and fraud. According to the “Executive Guidance for 2010” report from global executive network and consultancy Corporate Executive Board, organisations globally lose an estimated seven per cent of annual revenues to employee fraud.
These figures point to the conclusion that organisations need to turn inward when dealing with security threats. Consider who has access to sensitive information in your organisation. Given that employees with “access” are so closely related to potential risks for leaked or lost data, stringent access policies should be in place and be followed through rigorously. While there are no sure-fire methods for preventing security breaches from within, there are ways to reduce the threat – and creating a total security culture is one of the key components of any successful strategy.
Any solutions to the risks of security breaches should be based on a holistic, integrated perspective on document security throughout the document lifecycle across an organization. In other words, documents should be protected from the moment they are created until the time they are no longer needed. The TELUS and Rotman survey reported that the focus in Canada has predominantly been towards after-the-fact security activities, dealing with breaches as they happen or testing the effectiveness of security features that are already in place. Instead, organizations should look to the future as an opportunity to develop approaches and concepts that are strategic, integrated and long-term, such as eliminating security risks at the source and permanently securing the entire document lifecycle across all organizational units.
One of the most effective ways to prevent security breaches from either inside or outside an organization is by implementing “shred all” policies. A “shred all” policy will make sure that all documents are fully and securely destroyed on a regular basis.
The cultural shift should change from reducing to eliminating security loopholes throughout the lifecycle of the document. Rather than “disposing” or “discarding” of confidential data that is no longer needed, employees should be trained in the values of “destruction at the source”.
A culture of security is about educating employees about the importance of secure document management and destruction. The attitudes and values reflected in your organisation’s security strategies, policies, procedures and overall security thinking are the foundation of this security culture.
The tips from Shred-it below will help you build the culture of total security in your organisation:
Fill out the form or call 0800 197 1164 to start protecting your business today!