Equifax Data Breach
In 2017, an employee at Equifax, the credit reporting agency, failed to convey a message to the company’s cybersecurity team. The Equifax website had security vulnerabilities and needed to be updated with a patch. But one person failed to act, and hackers quickly found their way into the Equifax servers. In all, at least 147 million Americans had their sensitive data exposed. Social Security numbers, drivers’ license numbers and credit card information was stolen. The CEO lost his job and Equifax lost credibility and the trust of its customers – all because the company’s security policies were lax enough that one person’s error could have such a devastating effect. (It’s also worth noting that the human error explanation was provided by the outgoing CEO, so we have no way of knowing exactly what led to the breach.)
Few businesses have access to that much data from that many people, but all businesses are at some risk. Data breaches are on the rise around the world. Gemalto, a digital security company, found that 1.9 billion data records were compromised during the first half of 2017 alone. That represented a 164% increase in data loss over the last six months of 2016.
How Is Data Stolen?
The Equifax breach is a cautionary tale for sure, but it only represents one type of data breach. Employers have to be vigilant against all sorts of data loss. It can’t all be attributed to theft by hackers. If any employee takes a thumb drive home and his roommate makes a copy of the documents on the drive, that’s a data breach. Throwing old files into a recycling bin and putting them out at the curb opens you to theft too, especially if thieves or your competition know that you regularly dispose of files this way.
It’s also possible that your employees could take home data-storing devices and throw paper files into recycling bins and no harm would ever come from it. But is that a change you’re willing to take?
Savvy employers know that any risk is unacceptable. If it happens on your watch, it’s your reputation that will be damaged. That’s why confidential data destruction should be part of your company’s security best practices.
Confidential data destruction takes a few forms. Devices that store data, like hard drives and cell phones, can be disassembled and the memories shredded or otherwise rendered permanently unusable. Paper files can be shredded into pieces so small that they can’t be reconstructed. Components left after the destruction process is complete, like shredded paper and the metal parts from electronics, can then be recycled.
Utilizing Data Destruction Services
Depending on the business type and state regulations, using confidential data destruction services might be a legal necessity. Here in Massachusetts, our regulations require any business that keeps records with residents’ personal information to safeguard that information. Destroying those records completely is an important part of the compliance process.
Could your business survive a data breach? The consequences are far-reaching and affect your reputation, your legal status and your bottom line. Tightening up security policies is one way to prevent such a breach. Investing in confidential data destruction services is another.
Northeast Data Destruction can accommodate a job of any size and type. We can arrange pickup and secure transport to our facility, and we’ll provide a Certificate of Destruction when the job is done. A representative of your business can even witness the destruction by appointment. Contact us today to get a quote.