I don’t know about you, but sometimes I wonder how safe all the information is that I share with companies whom I trust with my business. Plus, as a small business owner, your customers put their trust in you to keep their information safe. Are you taking that trust seriously?
Today is Data Privacy Day where the focus is placed on making sure all of the data we share is safe guarded and handled with dignity. I was thrilled to hear about this celebration from Shred-It, a document destruction company. And they offered up these tips for you to use to ensure you are taking the right steps.
The following is a checklist for small businesses who are often more vulnerable than larger organizations, illustrating how you can protect your company and your customers from security breaches, which potentially lead to identity theft and fraud:
Security policies and training — People are one of the weakest links in information security: employee negligence or wrongdoing is among the most common causes of security breaches.
- Implement and train employees to follow formal information security policies that protect the private information of employees and customers.
- Limit the number of people who have access to and/or handle confidential documents. Be careful when hiring new employees and perform full reference checks and, where warranted, ask new hires to sign confidentiality agreements.
Information security strategy — A focused evaluation of an organization’s operational risks will allow the company to identify common breach points in the major functions of the organization.
- Conduct a periodic security audit to confirm that policies are being upheld.
- Identify and seal security loopholes at every stage of the information cycle, from data generation and storage, to the transfer of data from location to location, and document destruction.
- Develop a comprehensive strategy to manage unique security risks; target both paper-based and electronic information sources.
Paper-based information sources — A number of security breaches can be traced back to mishandled, lost or stolen paper documents.
- Introduce a shred-all policy to ensure that all waste paper is securely destroyed on a regular basis.
- Hire a reliable third-party vendor to implement a secure document destruction program.
- Make sure the vendor has a reliable shredding methodology and special equipment — do not allow unshredded paper to be stored and/or hauled cross country to be shred at a later date and location.
- Request certification that your paper waste has been securely destroyed.
So there you go. Take a look at what you are doing in your company to uphold data privacy. Do it today before you forget. Your customers will thank you for it.