By Rob Shauger
Most businesses these days are very aware of security threats and have policies in place to keep themselves protected. However, even with these policies in place, there are many seemingly-innocent documents that are often forgotten about that can leave your business open to security breaches.
Here are five documents you should be shredding, but probably aren’t:
1. Junk mail. While junk mail seems harmless, enough personal data is usually included for identity thieves to use against you. For example, names and addresses are inserted into pre-approved credit card applications. It would be all too easy for a person to send in these applications and use them for their own personal gain.
2. Photos. Photos of employees, customers, and suppliers may seem harmless, but thieves can use these photos to make up an identity. Combine this with any other personal information they may have collected from your business, and you could be in trouble. Keep your employees and customers safe by shredding these photos instead of tossing them into the garbage.
3. Hiring information. When people apply for jobs a hard copy of their resume and other documents containing personal information is often left behind. This information would be all too easy for identity thieves to take advantage of. Keep these applications in a locked location and shred when no longer needed.
4. Shipping Labels. Shipping labels include confidential information such as your business’s address and account numbers. Mail room employees should always remove and securely shred these labels before boxes or packages are broken down and recycled.
5. Post-it notes. Post-it notes are a staple in any office. They are easy to grab and jot down information when on a call or collaborating with a coworker. Many times what is written on these notes are passwords, account numbers, and other confidential information. Yet when they are no longer needed they are often just thrown into the trash. Keep yourself protected by shredding these notes instead.
Implementing a sound security policy and training employees on those policies is a great first step to keeping your business safe. Enlisting the help of a reputable document destruction company can help ensure your shredding protocols are up to snuff and that no potentially harmful documents are falling through the cracks.
If your business handles personally identifiable information, it is important to keep the information secure in order to protect your clients. This includes patient records, employment records, loan applications, tax forms, medical forms, credit card applications, and more. Security breaches are a real and large threat to businesses of all sizes and across all industries.
The average total cost for companies who suffered a data breach of more than 50,000 records cost an average of $10.3 million. Think your company is too small to have a data breach really affect you? Think again. According to an IBM study, data breaches involving small businesses can cost a staggering $4.5 million. Data breaches small or large also tarnish your company’s hard-earned trustworthy reputation, making it harder to gain new clients even years down the road.
While many people associate data breaches to cyber terrorists and online hackers, the truth is often times data breaches occur from improper handling or disposing of personal documents. Thieves target paper documents and use the information to open fraudulent accounts.
Information can also be recovered from computer hard drives that have been improperly disposed of. Simply throwing away hard drives without proper destruction could leave your business (and clients) at considerable risk. If the thief has access and the knowledge, they can wreak havoc on a business.
Do you rip up credit card offers when they come in the mail? If your answer is no because you shred credit card offers, good for you.
Right now your office probably has a policy that sends confidential documents to the shredder and non-confidential paper to the recycling bin. But who is deciding what’s confidential and non-confidential, and are you sure that the confidential papers are really getting shredded?
When it comes to security, employees are often our greatest assets and our biggest liabilities. A well-trained staff can have an exponentially positive impact on data security, just as poorly trained staff can negatively affect your patients’ and clients’ privacy.
This is the main reason that the federal guidelines for designing a financial safeguards program and the NIST Cybersecurity Framework both stress the importance of ongoing employee training as crucial to data security. Even the most sophisticated software programs cannot keep your sensitive data safe if your employees are not following your privacy and data security guidelines.
The best way to minimize your company’s risk of data breaches is to have strict document handling and disposing protocols. Utilizing a commercial shredding service can help to ensure that the right documents are disposed properly and in accordance with any regulations in order to keep your business safe.
By Rob Shauger