SINGAPORE: Shred-it, a provider of secure document destruction services, in its new whitepaper reveals the risks and dangers faced by organizations while overlooking physical data security and focusing only on digital security.
The new whitepaper brings into consideration loopholes in business’s data protection strategies and solutions to prevent them. While Singapore officials announce plans to make the country a leader in data and cyber security with new Personal Data Protection Act (PDPA) laws, the whitepaper released from Shred-it is most suitable during this time where businesses survival depend on their data protection strategies.
Shred-it's whitepaper reveals that a typical organization loses 5% of its revenue yearly due to fraud. Over 20% of fraud cases involve an estimate of $1.37 million loss to organizations, impacting their profitability by putting them into unnecessary risks.
The whitepaper states that confidential information can be leaked by trivial mistakes such as dropping documents into a recycle bin or leaving papers in accessible locations like in office printers or on messy office desks.
The whitepaper also states that 58% of fraud instances are perpetrated by the employees itself, accidentally or malicious. Incidents include a cleaning lady selling office paper unknowingly containing confidential information to third parties for recycling, leading to data leak.
Phishing scams are also resorting to “social hacking” wherein hackers take advantage of an employee’s gullibility and pave a way to gain knowledge of and access to secure company environments through the employee, instead of directly hacking a company's data system. While digital security strategies play a significant role in securing an organization’s confidential information, physical data security also does.
Shred-it states that the solutions to these security risks require an all rounded approach to safeguard information from data breach. The "Shred-it All Policy", from Shred-it is a means of safe guarding a company’s information from physical data security risks by having employees shred all confidential documents instead of dumping them into the recycling bin or leaving them out on their desks. This ensures that while a company's digital data remains protected, confidential data in physical form is also destroyed before finding its way into the hands of third party waste or recycling companies.
"We believe every business would do well to take a holistic approach to data security, which involves taking into account physical security, digital security and human behaviour," says Duncan Brown, General Manager of Shred-it Singapore. "Companies need to focus on methods to protect both physical and digital security, while at the same time putting processes in place to ensure employees are not susceptible to accidental breaches or phishing scams while still being able to carry out their duties without too much red tape."