A new data breach is in the headlines nearly every day,and businesses are investing trillions in IT security annually to protect themselves against cyber threats. Unfortunately, as long as these investments focus only on digital data, they will never be enough. Because, according to the Office of Management and Budget’s latest cyber assessment, the biggest information security risk for federal agencies isn’t cyber -- it’s paper.
In fact, fully 25 percent of incidents reported in fiscal year 2014 involved the possible mishandling of hard copies or printed materials, as opposed to digital records.
Clearly, all businesses need to better protect their sensitive information, including anything important enough to make it off the screen and onto paper. Yet despite the common assumption that we now live in a paperless world, studies show that 89 percent of businesses still use paper copies for record-keeping.
Those physical documents represent the one risk that cannot be protected by expensive IT-security technologies. And that scenario is surprising, because protecting that information requires merely a minimal hardware investment and the commitment to properly train your most trusted and trusting employees. Let’s take a look at who is most likely to put your company at risk and the simple steps you can take to protect your company.
Who is putting your company at risk?
When it comes to trust in the workplace, your employee demographics make a difference. According to a survey by Swingline, younger adults and high earners are most trusting of their employers. While on the surface, trust sounds like a good thing, there may be reason for employers to be cautious. Research shows a positive correlation between those employees who are the most trusting and those who improperly dispose of sensitive information.
Trust in the employer declines steadily with an employee’s increasing age. Roughly 72 percent of employees in the survey, ages 25 to 34, said they trusted their employer, compared to only 56 percent of those ages 55 to 64, and 48 percent of those over age 64. As paychecks get richer, employees are more trusting, as well. For example, 88 percent of employees making more than $150,000 said they trusted their employers, compared to only 55 percent of those making less than $49,999.
It’s an odd correlation but, taking a closer look at security compliance, one finds that the most trusting age groups also are those most likely to throw away sensitive business information without first shredding it. Employees aged 25 to 34 admitted to skipping the shredder at least 38 percent of the time. Meanwhile, their more compliant and less trusting colleagues in the 45 to 54 category were compliant more than 75 percent of the time.
The same trend holds true for high earners. Those making $100,000 to $149,999 admitted skipping the shredder 47 percent of the time while those in the $25,000 to $49,999 income bracket skipped it only 27 percent of the time.
Those making more than $150,000, meanwhile, seemed to be an anomaly of this correlation, with fewer of them trusting their employers (33 percent), yet significantly more of them (67 percent) tossing information without shredding.
Securing your company's information
It’s important to create a culture that promotes data security alongside trust in the company’s leadership. There are three simple steps that business owners and leadership can take to promote trust in the company while also ensuring compliance:
- Implement the policies and processes needed to secure your company’s physical documents, and educate your staff on their importance.
- Make the small investment required in a high-tech shredder with a secure auto-feed chamber, to reduce the time and hassle typically associated with shredding sensitive documents.
- Most importantly, set an example and create a culture of shared responsibility in security.
In an era when online data breaches are top of mind, it’s easy to overlook the amount of valuable information that businesses and their employees willingly place on the street each week without a second thought. As you continue to invest in IT security, don’t overlook these simple steps to protect your valuable physical documents.