Protect your information in any format

The cost of cyber crime increased a whopping 19% this year compared to 2014, according to the latest Cost of Cyber Crime study from the Ponemon Institute. On average, companies in the study lost $15 million due to cyber crime.


The 12th annual National Cyber Security Awareness Month provides information and resources with a goal to help everyone be safer and more secure online. NCSAM is sponsored by the Department of Homeland Security in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center.

With cybersecurity becoming an increasing concern, how can we ensure holistic security, including physical requirements? Here’s how to secure confidential information whether it’s paper or digital.

Document Format

There’s been a lot of talk about going paperless and how it will change the workplace, and yet the average office worker still uses 10,000 sheets of copy paper every year – and there continue to be lots of security issues.

According to the 2014 Security of Paper Records & Document Shredding report by Ponemon, employees put documents at risk by leaving them around communal printers, in meeting rooms and at meetings held outside the office.

Paper documents end up in dumpsters, too. In recent research, almost 2/3 of IT security practitioners say dumpster diving for confidential information is still very common – and successful.

At the same time, the 2015 Shred-it Security Tracker showed that while larger organizations are increasingly putting protocols in place for storing and disposing of confidential information, 37% of small business owners do not have any protocols.

Digitized information needs better protection, too. Confidential information can be viewed on computer and mobile device screens. Document images on copying machines, printers and fax machines also increase the risk of a security breach.

Document Sharing

The transmission of confidential information to unauthorized individuals is red-flagged in the 2013 white paper, Document Security and Compliance, by InfoTrends.

The fact that everyone wants to connect, and they want to do it anywhere and immediately is one of the biggest security issues in the workplace today, said Larry Ponemon in a Computer World UK story.

Employees download and send confidential documents using personal email, cloud services, USBs, and other mobile devices.

An earlier Ponemon study – Confidential Documents at Risk – showed that leaked or lost information is due to human error, hardware or software failure, and lost or stolen mobile devices.

Document Management

Best practices include appointing someone to be in charge of data security and implementing a comprehensive document management policy.

According to our Developing a Document Management Policy, the essential components of a policy include effective indexing throughout a file’s lifecycle, secure storage (for example, in locked cabinets or locked rooms), processes and tools that limit access, and on-going training for employees.

Document Destruction

Secure destruction of paper and digital documents is also important. Label all documents by how long they must be kept and when they should be destroyed in a retention schedule. To reduce risk, implement a Shred-all Policy so all documents are destroyed when no longer needed for compliance or other reasons.

To securely destroy paper documents, partner with a professional destruction service that has a secure chain of custody with supplied locked containers and secure removal of documents for secure shredding.

Rather than stockpile old computers, schedule secure destruction of hard drives and e-media with your information destruction partner as well. The company should issue a Certificate of Destruction for legal proof and protection after every shred.

How vulnerable is your workplace to information thieves? Track the life cycle of a document to find out.

About the author
Shred-it is the world leader in document destruction providing services around the world to customers who value the protection of their information, their reputation, and the environment. For more information visit