With all the press on security breaches these days, many businesses are taking a long, hard look at their own document security systems.
Good thing.
A 2010 U.S. study showed that the cost of a data breach is estimated to be $214 per compromised record and an average of $7.2 million per data breach event. The Ponemon Institute, which did the study, says you also have to factor in indirect costs such as a damaged reputation and lost customer business.
How does a business figure out its information security risk?
Identify and assess the risks to confidentiality, integrity and availability of information. And, you can do that in a few different ways.
- Do your own risk assessment as a start. Meet with heads of departments and discuss what security policies are in place, if there is effective employee training about security policies, and where security breaches might occur.
- Do a more structured Risk Assessment Survey. For example, the survey at http://www.shredit.com/Shredding-Service/Risk-Assessment-Survey.aspx looks at how you are managing information security.
- Partner with a recognized document shredding company that will do regular security risk assessments of your workplace as part of its service. The company will make best practices security recommendations. For example, introduce a shred-all policy so that all unneeded documents are destroyed on a regular basis; use locked consoles placed strategically throughout the office for secure document disposal; and have your confidential documents destroyed on-site in a locked area on a mobile shredding truck. Also, you should receive a Certificate of Destruction immediately after each shred.