Shred-it Encourages IT Managers to Review Electronic Disposal Protocols Inadequate processes can lead to possible security leaks
WASHINGTON, Dec. 10, 2013 /PRNewswire/ -- American IT departments' decisions could inadvertently put organizations at risk of an information security breach if they don't have sufficient protocols for the disposal of old electronic devices. Even those with established processes could unwittingly initiate a security leak if they rely on wiping or degaussing hard drives, or handing over their e-waste to an outsourced recycler. Worse yet, some organizations might be stockpiling old technology with no plan at all. As a leader in information security, Shred-it is encouraging IT departments to closely review their processes and protocols as they finalize their 2014 budgets and plans for replacing old equipment.
"For every desktop computer, printer or mobile device purchased, there should be a secure disposal plan for outgoing technology," said Michael Collins, Shred-it Regional Vice President. "More often than not, those devices are loaded with sensitive company or customer information that is recoverable if the hard drives aren't physically destroyed."
Despite the many public wake-up calls, most American organizations continue to be complacent about securing their electronic media and hard drives. Processes and protocols surrounding the destruction of electronic devices have been slow to adapt to new reality: that businesses large and small are increasingly dependent on digital information. Congress is hoping to hold businesses accountable for the protection of confidential information with the introduction of the Data Security and Breach Notification Act of 2013, which will require organizations that acquire, maintain, store or utilize personal information to protect and secure this data. However, legislation only goes so far and American organizations of all sizes must be more vigilant to protect themselves from a data breach that could damage their bottom line, with the prospect of losing revenue, reputation or clients.
Shred-it is also evolving to keep up with current trends. In addition to its comprehensive document destruction services, Shred-it now offers hard drive destruction at all of its North American locations. This unique offering helps businesses both large and small find the service solutions they need to protect their information. The procedure punches a hole through each hard drive resulting in its complete destruction, making data recovery impossible. It also offers a secure chain of custody process (documenting the serial number by the scanning of the bar code and UPC code of each hard drive for destruction) and an itemized certificate of destruction upon completion. This piece of mind will allow organizations to have confidence in the fact that their information has been properly and permanently erased. Aside from being safe, CIOs and CTOs will also feel good about the fact that the destroyed technology is being recycled properly afterward instead of ending up in a landfill.
Steps your business can take today, to secure its tomorrow
Beginning today, your business can start to make the right choices to help protect its information security. There is no need to lag behind with regards to implementing protocols and policies that involve the destruction of electronic devices.
To mitigate the risk of fraud, businesses should consider the following tips:
- Think prevention, not reaction. There is no one-size-fits-all data protection strategy. Develop preventative approaches that are strategic, integrated and long-term, such as eliminating security risks at the source and permanently securing the entire document lifecycle in every part of your organization;
- Be security savvy. Put portable policies in place for employees with a laptop, tablet or smartphone to minimize the risk of a security compromise while travelling;
- Protect electronic data. Ensure that obsolete electronic records are protected as well. Simply erasing or degaussing a hard drive or photocopier memory does not remove information completely—physically crushing the device is the only way to ensure that data cannot be retrieved;
- Create a culture of security. Train all employees on information security best practices to reduce human error. Explain why it's important, and conduct regular security audits of your office to assess security performance.
For more information on Shred-it, information security and fraud protection, please visit the Resource Centre on www.shredit.com.
Shred-it is a world-leading information security company providing document destruction services that ensure the security and integrity of our clients' private information. The company operates 140 service locations in 16 countries worldwide, servicing more than 150,000 global, national and local businesses, including the world's top intelligence and security agencies, more than 500 police forces, 1,500 hospitals, 8,500 bank branches and 1,200 universities and colleges. For more information, please visit www.shredit.com