DOCUMENT Magazine - December 2008 - (Page 9)

pResearch Desk. Data Breach: Paper Is Still the Culprit Alan Recent headlines lead businesses and consumers to believe that the majority of data breaches occur online. According to “Security of Paper Documents in the Workplace,” a new study from the Ponemon Institute, commissioned by the Alliance for Secure Business Information (ASBI), this isn’t always the case. The recent study assesses the awareness, perceptions and behaviors surrounding the security of confidential information in the workplace. In fact, 49% of respondents whose companies have been affected by a data breach stated one or more of the breaches involved the loss or theft of paper documents, and the problem isn’t going away, with 80% of respondents indicating their company had experienced one or more data breaches in the past 12 months alone. Data breaches affect businesses of all sizes; 46% of respondents who represent larger companies estimate the annual financial impact of data breaches within their organization to be between $10 to $30 million. Key findings from the study reveal companies need to take tighter controls on how they manage their paper trail through stronger enforcement of security policies. According to 56% of respondents, more than half of their organizations’ sensitive or confidential information is contained within paper documents. However, 61% surveyed stated there are not enough resources and controls available to secure paper documents, and 57% of respondents reported that it is more difficult to control access to paper than electronic documents. So what is the solution to this growing security and financial problem? In an effort to protect organizations from falling victim to a data breach, the ASBI recommends the following prevention tips to companies and employees: Pelz-Sharpe Alan Pelz-Sharpe is a principal at CMS Watch, an independent research firm, covering ECM technologies and practices. An 18-year veteran of the document technology industry, Mr. PelzSharpe has written extensively on document, web and records management topics. Bernard Chester Bernard Chester is an authority on designing and implementing document managementbased solutions, including integrating EDMS with other technologies and designing and implementing Internet interfaces and custom tools for systems. 3 Shred all proprietary information with a cross-cut shredder. Deskside shredders are ideal for business professionals that handle sensitive information, including legal, accounting, human resource or finance departments. Commercial shredders are best for shared use spaces, including printing or copying areas where large volumes of sensitive information are created. Develop office guidelines for all employees that outline the procedures for protecting sensitive information. Keep all sensitive information and files locked away. Restrict access to those who need it, and closely watch your files. Don’t use social security numbers on items such as employee identification badges, time cards or paychecks. Avoid leaving documents in communal copiers, shared printing spaces, conference rooms or other open areas for extended periods of time. At the end of each work day, all employees should log off their computers and lock their workstations or doors. 3 3 3 3 3 Nishan DeSilva Nishan DeSilva is the global director of records management program at a leading global human capital consulting firm, which is in the process of implementing a global records management program. When implementing an enterprise-wide discovery management process, consider a holistic approach, and create a solution fit for the organization. This requires following through to monitor its effectiveness and ensure there isn’t a false sense of confidence in the system. Companies should identify a solution that will take into consideration the business culture, process and technology currently available to create a valuable program. Taking action far before litigation knocks will not only ease e-discovery woes but also strengthen and protect the organization’s valuable information. The AlliAnce for Secure BuSineSS informATion (ASBI) [www.fellowes.com/asbi] was formed in 2008 to educate businesses and employees about the theft of confidential information in the workplace. The study is the first initiative from the ASBI. contributors 9 http://www.fellowes.com/asbi

Table of Contents for the Digital Edition of DOCUMENT Magazine - December 2008

DOCUMENT Magazine - December 2008
Contents
Ad Index
Editor’s View
BPM: Improving the Way You Process
Research Desk
Contributors
The Compliance Shadow
Catching Web Fever
Charting a New Course
Reading the New Signal of Data
The Customer Finish
The Converging Money Trail
Fight Disaster
Putting on a Global Face
New Products

DOCUMENT Magazine - December 2008

http://www.nxtbook.com/nxtbooks/rbpublishing/document_2013summer
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2013spring
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2012winter
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2012fall
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2012summer
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2012spring
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2011fall
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2009winter
http://www.nxtbook.com/nxtbooks/rbpublishing/document_2009summer
http://www.nxtbook.com/nxtbooks/rbpublishing/document_20090506
http://www.nxtbook.com/nxtbooks/rbpublishing/document_20090203
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200812
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200810
http://www.nxtbook.com/nxtbooks/rbpublishing/document_strategyforum
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200808
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200806
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200804
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200803
http://www.nxtbook.com/nxtbooks/rbpublishing/document_200802
http://www.nxtbookMEDIA.com