August 26, 2018
Employee turnover and new hires are part of the process of running any kind of business. Organisations acquire new employees, from C-suites to interns, on a regular basis. Most organisations put new employees through an orientation period whereby they are briefed on the organisation’s values, policies, corporate social responsibility programmes and reporting lines.
Whilst learning about the ins and outs of an organisation is important, many organisations unfortunately tend to forget about the data security aspects of their operations.
Here are some tips on educating new employees about data security to assist with instilling strong data protection habits from the very beginning.
Adopting Paper Disposal & Clean Desk Policy
It is common for employees to handle all sorts of sensitive information such as customer data, billing details and payroll information. A Clean Desk Policy assists with ensuring that employees do not leave sensitive data lying around and accessible to prying eyes. Secure document handling and storage are one of the first steps in preventing a data breach.
Security Reminder Posters
Organisations should remind employees regularly on data security by placing Security Reminder Posters around the office. These simple posters not only detail the most basic guidelines, but also highlight vital data security steps that all employees should follow. Timely reminders and heightened awareness are your next line of defense.
Shred-it All Policy
When in doubt, employees should shred all unwanted physical documents, hard drives and other media. A Shred-it All Policy prevents accidental data breaches by employees who might otherwise dispose of documents improperly, such as in the recycle bin. It also protects against the threat of dumpster diving for sensitive data by unscrupulous parties. Such a policy also minimises the amount of data you store, thereby reducing the chances of a data breach occurring. Minimising data collection and implementing proper document disposal are a safety net, after all you can’t lose what you don’t have.
Partnering with a third-party document destruction company can help your organisation mitigate risks of a data breach. Destroying documents containing sensitive information in-house could save your organisation money in the short term, however the risks are significantly higher. With a professional party such as Shred-it, organisations can rely on well-trained and authorised staff to handle documents throughout the secure disposal process.
Data Shredding and Security Officer
In addition, organisations should also implement sound policies that will keep employees in-check whilst carrying out their day-to-day operations. Appointing a Data Protection Office (DPO) also ensures that there is somebody who oversees the enforcement of all implemented security policies. The DPO also acts as an additional line of defense who prevents your organisation from falling out of compliance with data security legislation such as the Personal Data Protection Commission (PDPC) and the General Data Protection Regulation (GDPR).
Learn more about how Shred-it can properly dispose of your e-waste in a safe and secure manner by contacting us for a free quote and a security risk assessment.