The Dos and Don’ts of Information Security
While there’s no “silver bullet” solution for keeping your business information safe, there are right and wrong ways to protect your documents and data. This list we created of information security dos and don’ts will help ensure your business, customer, and employee information stays secure.
DON’T Ignore Insider Threats
All threats to your information—including those inside your business—should be taken seriously. Insider theft of documents and data account for a significant portion of privacy breaches every year. The Identity Theft Resource Center estimates that over ten percent of all corporate data breaches are caused by insider theft.
DO Have a Secure Offsite File Storage Solution
Having a secure file storage solution helps keep your information safe from a wide range of internal and external threats, including theft, fires, floods and natural disasters. The most secure offsite storage option is a full-service records management center that features the following systems:
- Access control and monitoring
- Video surveillance
- Integrated alarm technology
Only highly trained and extensively background-checked records management professionals are allowed access to the facility. In addition, each employee is required to sign a confidentiality agreement prior to employment.
Besides keeping your files safe from unauthorized access, your records are barcoded, indexed, and tracked for seamless, efficient information access. There is no “section” of the records center dedicated to your business files; for better security, your boxes are distributed anonymously throughout the records center—identified only by barcode, not by name.
DON’T Keep Documents and Data Longer Than Necessary
Everyone knows that destroying documents too soon can have immense legal repercussions for your business. But holding onto confidential documents too long also has consequences; it exposes your customers and employees to identity theft. Both paper records and digital data should be disposed of promptly at the end of their retention lifecycle.
DO Securely Destroy Confidential Information
When document and data retention schedules have been met, you can destroy your information with confidence. Still, you want the process to be as secure as possible. Otherwise your confidential information can end up in the dumpster, available to anyone who finds it. But cost is a factor, too. It’s important to weigh both of these requirements carefully.
Use a professional shred service to make sure your documents and data are destroyed the right way. It’s also the most affordable way to destroy your paper records, hard drives and digital media. The items you want to destroy are collected on a scheduled or as-needed basis and, depending on your requirements and budget, they are professionally destroyed on-site at your business or off-site at a secure shredding plant. With either option, you receive a Certificate of Destruction after your information is destroyed.
DON’T Use a “One-Size-Fits-All” Record-Keeping Approach
Every organization is subject to statutory and regulatory obligation specific to their business. Applying a “one-size-fits-all” record keeping philosophy may expose your company to legal liability and non-compliance issues.
DO Follow Records Retention Guidelines
Use records retention schedules to determine how long documents and data need to be retained and when information should be destroyed. If your company doesn’t have a records retention policy, seek guidance from an attorney.
DON’T Forget About Data Backup
Every business, large and small should have a data backup plan. The frequency of backup depends on how much data you have and how long your business can survive without it. For a customized backup strategy, consult with a data protection professional.
DO Vault Your Media Offsite
Your backup media is your businesses’ lifeline to data recovery. As a result, make sure it’s protected and preserved. Once you have a data backup plan in place, archiving your media offsite in a media vault keeps your backup information safe from unauthorized access and ensures it’s stored under optimal conditions for long-term preservation.
Use our handy list of information security dos and don’ts as a roadmap for keeping your information secure.
American Document Securities offers offsite records storage and management services for businesses in Atlanta and Northeast Georgia. For more information, please contact us by phone or complete the form on this page.
Quote - Contact Us
We would love to hear from you! Please call us at 877-5-ASK-ADS or complete this form and we will get in touch with you shortly.
My staff and I had the pleasure of participating in an ADS Consulting Shredding & Storage Workshop in April 2011.As a new business, it was critical for us to get off to a good start. The workshop provided us with useful information and practical applications that helped us do that. The ‘hands on’ training experience we received in a successful, working document destruction and storage business environment was invaluable.Renee and her staff were very personable and helpful and continue to be valuable business partners to this day.I highly recommend the ADS Workshop to both new and existing businesses
Rob Giannini, C.O.O.Commonwealth ...