When a company has a hard drive stolen or suffers a data breach, the media coverage is extensive. Is the attention on cyber security taking the focus off paper security? Are companies maintaining their responsibility to destroy paperwork with SDD shredding?
While you have probably heard of hard drive shredding and paper destruction, you may not know that we provide all kinds of other media shredding services too.
New mandatory reporting laws have meant that data breaches have been all over the news lately. When companies and organizations are hacked or have a hard drive stolen, the media covers the incident – and the fallout – extensively. But putting all the attention on cyber security has left some companies falling short in their responsibility to safeguard the security of paper documents with SDD shredding.
Why Paper Recycling Is Not Enough
Every company and organization is entrusted with confidential data. Whether it relates to company policies, financial or medical information, or data pertaining to employees, contractors, customers, and clients, sensitive data exists, and some of it invariably exists in the form of paperwork.
With much of the emphasis of data security falling on cyber data and other electronic breaches, many companies are not disposing of their paper documents in the right way. After all, a cyber breach could potentially take an entire computer system down and expose billions of documents. It is understandable that organizations would focus their attention on cyber data and implementing practices like hard drive shredding.
Unfortunately, this has caused some companies to do little more than dispose of their paper documents by throwing them away or recycling them. While recycling companies may have the best interests of the environment in mind, they do not necessarily have the technology or expertise to ensure the safety of your paperwork in the recycling process.
A recent information study in Singapore found that individuals could easily gain access to paperwork being held by recycling companies, and review documents including financial statements, taxation documents, and photocopies of passports and driver’s licenses.
Inadvertent, Yet Dangerous
Some paper document security breaches are inadvertent, yet that doesn’t make them any less dangerous.
When an airport employee in Singapore threw a passenger manifesto into a waste paper basket, they did not intend for passengers and airport staff to have access to a complete list of passengers’ names and booking numbers for a Tigerair flight. And when a furniture company accidentally sent one customer’s invoice to another customer, they did not deliberately intend to release that customer’s personal contact details to another customer.
But in both instances, the companies involved were warned by the Court to tighten their SDD shredding practices and take paper waste disposal issues more seriously.
Lack of Paper Document Security Can Lead to A Cyber Attack
A breach in paper security is often not an isolated event. In some instances, cyber hackers look to gain as much information on a company or organization before they execute their cyber attack.
If hackers can gain access to physical paperwork pertaining to a company, it can make their systems so much easier to exploit. With a thriving online market for stolen and otherwise confidential paperwork, giving a cyber thief access to sensitive data via improperly-disposed-of paperwork could make your company its next cyber target.
Your Unwanted Paperwork Is Valuable to Others
Paperwork that may seem like trash on the surface can fetch a high price online. The notorious “deep web” is, in some ways, little more than a thriving online marketplace for stolen or black-market goods. And paper documents can fetch a high price from people who know exactly how to profit from someone else’s data.
Not only could leaked paperwork lead to a cyber attack, but paper documents can leave companies and organizations open to fraud. With a copy of an invoice or a prescription, thieves can replicate the documents to fraudulently obtain a refund or even commit medical insurance fraud.
There have even been cases where people’s homes have been sold from underneath them by thieves with enough personal information and paperwork to purport to act on behalf of the actual owner.
Raising Awareness of The Importance of SDD Shredding
As mentioned above, one of the main reasons that some companies and organizations are taking such risks with their paper documents and not making use of SDD shredding is that the focus has been on cyber security to the exclusion securing paper documents.
As such, we are strong advocates for the need to raise awareness of the importance of paper security and SDD shredding, and how to protect your business from a data breach.
We believe it is our role to educate decision-makers, who then take on the role of educating their staff and others within their influence. Company policies can go a long way towards reducing the risk of paper data theft.
A properly enforced clean desk policy will ensure that no paperwork or hardcopy documents will be left unattended on desks, and document retention policies and procedures for document shredding must also be put in place and made clear to all employees.