What documents still need to be destroyed in a paperless office?
With the shift towards online storage and a “paperless office,” the majority of fraud prevention and data protection strategies focus on protecting digital information. Yet, purging the office of all sensitive and unnecessary paper and records is an important component of a successful fraud mitigation strategy and will protect a business’ customers, employees and reputation.
For businesses that want to embed document management best practices into employee behaviour and encourage frequent document destruction, there are five everyday documents that should be shredded to reduce the risk of fraud:
In an attempt to be environmentally conscious, it is standard practice for businesses to break down delivery boxes for recycling. One step that is often forgotten is to remove the address label from the package, which can potentially include the business address, tracking codes, work orders or account numbers. When breaking down boxes or packages, businesses should remove and securely dispose of the address label.
Business professionals often have the opportunity to expense client lunches or business necessities paid for out-of-pocket. The receipts associated with these expenses, which contain personal and/or corporate financial information, are often left on desks and easily accessible to fraudsters. Once submitted to the accounting department or recorded on client invoices, receipts should be shredded.
While the majority of presentations are developed and delivered digitally, many employees still provide hard copies to clients or colleagues. This tendency can result in an unnecessary number of printed documents floating around the office, which can put an organization at risk if the presentation includes sensitive informative.
It is common for Human Resource professionals to print candidates’ resumes during the hiring and interview process. The information found on a resume not only includes personal contact details, but a record of previous employment, academic history and participation in any committees or organizations. All printed resumes should be kept in a secure, locked location or stored digitally in a password-protected file. Once resumes are no longer needed they should be destroyed.
According to cyber security experts, fraudsters are able to read the bar codes on boarding passes and gain access to passengers’ contact information, future travel plans and frequent flyer accounts. Travelers should be careful not to leave paper versions of their boarding pass in public areas or in their seat pocket. They may want to use an electronic boarding pass on their phone or shred the paper copy following their flight.
In the hands of fraudsters, the personal and professional information found on a wide range of seemingly harmless slips of paper can open up an organization and its employees to fraud. To help mitigate this risk and educate employees on their roles and responsibilities for data protection, business leaders should train employees on how to properly handle paper documents and encourage frequent destruction of documents. Additionally, implementing information security programs like a Shred-It All Policy and a Clean Desk Policy eliminates the guesswork of what is and isn’t confidential and ensures employees don’t accidentally leave confidential information in an insecure bin. As an added environmental benefit, all shredded material is recycled.
Kevin Pollack is senior vice president at Shred-it.