August 26, 2019

Using In-house Shredders May Put Businesses at Risk

It is common for many organisations to have an office shredder in their offices to shred private documents and other confidential articles. However, did you know that using an in-house shredder may pose risks, potentially leading to security breaches?
Whilst organisations may think an in-house shredder saves costs, in the long run it may open the door to various risks such as data breaches and business fraud. Recovery from such issues are sometimes more costly and time-consuming than engaging in a trusted and secure third-party shredding provider from the very beginning.
In-House vs Secure Third-Party Shredder
One of the pitfalls of using an in-house shredder is the absence of a trained data security professional who is well versed in handling confidential and sensitive data. Additionally, frequently confidential documents are collected are left in an unsecure location before they are fed into the in-house shredder. This leaves documents vulnerable to being easily misplaced or taken away by individuals who can exploit this sensitive data for their own nefarious means.
With a third-party provider such as Shred-it, organisations can have peace of mind as trained professionals are tasked to handle confidential data. Shred-it’s cross-cut shredding methods ensure that all shredded documents cannot be re-assembled in any way. Furthermore, the shredded documents are also responsibly recycled. After all documents are securely destroyed each organisation will also receive a Certificate of Destruction as proof.
Working towards improved data security
It is paramount for organisations to mitigate the risk of data breaches and business fraud by adopting healthy data protection practices. Under the guidelines of the Personal Data Protection Act (PDPA), an organisation is responsible for personal data in its possession or under its control. Organisations must also follow the stipulated guidelines by the PDPC when it comes to collecting and using personal information.
Organisations should also learn to adopt a holistic approach when it comes to data protection where both physical data security and cybersecurity aspects have to be adhered to. Here are a few simple steps to get started with:

  • Implementing regular spring-cleaning as well as internal risk assessments to identify any risk areas within the organisation.
  • Appointing a Data Protection Officer (DPO) to implement data protection policies and work closely with the HR team to review data protection practices.
  • Displaying Security Reminder Posters in the office to remind employees regularly on data security. Such posters can be placed in hotspots, such as above printers, to highlight vital data security steps for all employs to abide by.

The consequences of a physical data breach can be just as severe as a cyber data breach and are often more difficult to trace. One of the safest ways to reduce risks of a physical data breach is to adopt and educate employees on information security policies such as a Shred-it All Policy and a Clean Desk Policy. This not only ensures the secure disposal of sensitive hardcopy documents, but also assists with compliance with the PDPC.

Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard-drives, please contact us for a free quote and security risk assessment.