4. Dispose of trash securely
Too often, sensitive information, including clients’ PII, company financial data, and system access information, is available for anyone to find in the trash. Business-grade shredders are convenient for employees and can properly dispose of sensitive documents.
Alternatively, subscribing to a trusted shredding company providing locked containers for storage until documents are destroyed can also be a safe method of disposal. Standard procedures and employee training programs should be employed to ensure everyone in the company is aware of what types of information need to be shredded.
5. Dispose of electronic equipment securely
Emptying the recycle bin or deleting documents from folders on a computer may not destroy information forever. Those with advanced computer skills can still access information even after it has been conventionally deleted.
When it comes time to update computer hardware, disposing of the outdated equipment requires skilled specialists to ensure the security of sensitive information contained in the equipment.
If outside help, such as an experienced electronic equipment recycler and data security vendors, is unavailable or too expensive, the computer hard drives should, at a minimum, be removed and shredded. Risks with other types of equipment associated with computer equipment, including CDs and flash drives, should also be considered.
6. Training employees in facility security procedures
A security breach of client information or a breach of internal company information can result in a public loss of confidence and can be devastating to a business. If one client experiences such a disaster, it is likely to spread to other customers, causing a loss in morale.
In order to address such risks, devotion of time, attention, and resources (including employee training time) to the potential vulnerabilities in the business environment and the procedures and practices must be a standard part of each employee’s workday.
While formal training is important for maintaining security the daily procedures established for normally conducted business and normal security measures are equally important. In short, security training should be stressed and reinforced through daily procedures and leadership modeling.
Anthea Mumby is the CEO of Mumby Insurance Brokers and has more than 25 years experience in the industry. She is the author of the popular Insurance Exposed book series has been honoured with the People’s Choice Award as ‘Best Insurance Agent’ for two consecutive years. She can be reached at anthea@mumby.com.
