January 31, 2019
It was recently reported that an employee of a travel agency had accidentally left behind the organisation’s hard drive in a taxi. This hard drive contained sensitive information such as full names, mailing address and NRIC details of over 200 customers. With the hard drive still unrecovered, these personal details could be anywhere by now.
Many still do not see the ramifications of a lost hard drive which could inevitably result in detriment for any organisation, such as a data breach or a business fraud. This would lead to the downfall of the organisation’s reputation. Should employees’ or customers’ sensitive information fall into the hands of criminals, their information could be manipulated for various illegal activities such as money laundering or even identity theft.
Unfortunately, there is still a common misconception that once data is deleted from hard drives, it is permanently destroyed. However, information can still be retrieved and used by data thieves for nefarious activities. Hence, it is crucial for individuals and organisations to have appropriate steps in securely disposing of unused or unwanted hard drives to avoid non-compliance with data regulation watchdogs like the Personal Data Protection Commission (PDPC) and the General Data Protection Regulation (GDPR).
Disposal of hard drives securely
It is recommended by the PDPC, that the best way to dispose of physical data (paper and storage media) is through shredding. These shredded materials are nearly impossible to be reconstructed by data mongers or criminals.
With Shred-it’s disposal methods, organisations are assured that their physical data is securely destroyed before being disposed of through recycling. The degaussing of hard drives and through Shred-it also ensures that all magnetic fields are removed, hence destroying any data before being securely shredded and recycled. In addition, Shred-it Singapore is licensed under the General Waste Disposal Facility (GWDF) licensing scheme, awarded by the National Environment Agency (NEA).
Prevention is always better than cure
It is everyone’s duty to be mindful and proactive about their actions when it comes to data protection and security. Organisations can practice good data protection habits by implementing a Clean Desk Policy and instill the importance of adopting a Shred-it all Policy, ensuring that all sensitive documents and hard drives are being disposed of meticulously. The organisation’s appointed Data Protection Officer (DPO) can also hold internal awareness workshops to ensure that employees within the organisation understand what it means to practice good data security habits.
By education on proper data security and secure data disposal, everyone can start to understand the importance of their actions in practicing good data security habits, helping their organisation stay safe and avoid data breaches.
Start Protecting Your Business
An organisation that integrates personal data protection into its business processes can help reduce the risk of a data breach. Learn more about how Shred-it can protect your documents and hard-drives by contacting us for a free quote and a security risk assessment.
The New Paper. 2018. Potential data breach after travel agency employee loses hard disk. [ONLINE] Available at: https://www.tnp.sg/news/potential-data-breach-after-travel-agency-employee-loses-hard-disk. [Accessed 4 January 2019].