19/09/2014

By Robert Guice, Executive Vice President, EMEA Shred-it


In a world where robust IT systems are replacing padlocks and gates as the hallmarks of security, it’s no wonder that some of the most recent big security breaches to hit headlines have been electronic in nature. From eBay users’ passwords to Hollywood stars’ phones, hackers are accessing confidential information they intend to use maliciously. Despite this, I am surprised by the number of businesses and individuals who still fail to implement rigorous security systems to protect their confidential data.

Whilst the cyber security breaches experienced by large companies and high profile individuals make headlines, small and medium sized organisations are by no means immune from this threat. The correct disposal of confidential information can really make a difference in transforming a vulnerable organisation into a secure environment. Shockingly, when it comes to old IT equipment, a third (32%) of SMEs admitted to never disposing of redundant electronic devices containing confidential information, while a further 35% do it less than once a year, according to research in ‘The Security Tracker’ published by Shred-it. Carried out by Ipsos-Mori, our annual Security Tracker surveyed 1,005 small UK business owners and 102 C-suite executives working for UK businesses to shed light on what businesses of all sizes are doing to secure their data.

The risks posed by a lack of understanding of cyber security could be potentially devastating for SMEs. Our 2014 Security Tracker survey revealed that British businesses are underestimating the sheer volume of confidential information available in the average workplace with one fifth of SMEs surveyed believing that they possess no documents that would cause their business harm if stolen.

Couple this with an ever increasing mobile workforce and the threat of confidential information ending up in the wrong hands is worryingly bigger than ever. Many SMEs are still struggling to recognise the impact a data breach could have on their business and a quarter of SME business owners (24%) have never conducted a security audit.

So, how can SMEs protect themselves from cyber security breaches? At Shred-it, we’ve compiled some simple steps to help your business get on the road to information security:

1. Conduct a security audit to identify current risks and areas of improvement
2. Implement a “shred-all policy” to contain the threat of simple human error, the cause behind 40% of data security breaches
3. Ensure the “shred-all” policy is adhered to throughout your company by training employees in document destruction procedures and updating policies
4. Comply with legal requirements by securely and safely destroy all unneeded documents, a reliable third-party vendor is a quick and easy way to do this.
5. Keep your electronic records protected by physically crushing devices to ensure that data cannot be retrieved
It goes without saying that you should also ensure that your partners or members of your supply chain are also prioritising information security within their own business.

In such a competitive economy, it’s crucial for businesses’ survival that they take every step possible to protect their assets and in order to retain clients and remain a profitable business. It’s clear that by not safeguarding confidential data on hard drives and electronic media, companies risk considerable financial loss and reputational damage that can sometimes be irreparable.

For more, follow Shred-it on Twitter: @Shredit_UK