(photo: )
19.07.2019, 13:47

Don't Forget Paper Documents

EMEA, Data Security
Mark Harper of HSM says media focus on cyber-attacks and digital data breaches is detracting from the need for organisations to enhance physical information security.



In today’s data-driven environments, data compliance and security should be at the heart of any business.


With the GDPR driving changes back in May 2018, it seemed as though emphasis rightly focused on confidential data as a whole, no matter its source. However, in the past 12 months we’ve seen larger organisations (such as Google and Facebook) placed under the microscope with the threat of large fines as a result of digital data misconduct. With this in mind, we’re now in danger of our focus slipping when it comes to paper documentation and its safe disposal. So, has the pendulum swung too far?


Neglect at your own risk

July has again been riddled with media coverage showcasing digital data breaches as the Information Commissioner’s Office (ICO) threatens to fine top brands almost £300 million. British Airways is subject to the largest yet under the new rules, after the ICO are set to fine £183 million after the personal data of 500,000 BA customers was stolen from their website and app.


In 2016, the ICO revealed that some 40 per cent of data security incidents related to loss or theft of paper– and this figure rose again the following year. It’s fair to say that, in terms of media emphasis, these figures unfortunately aren’t represented. Yet, UK businesses simply can’t afford to neglect paper-based documentation. Stringent consideration into how and where physical documents are disposed of is essential as there are a number of risks associated with their collection, transportation and destruction.


So, with this in mind, how can we mitigate physical data breaches?


Protection at the source

The Centre for the Protection of National Infrastructure (CPNI) highlights the potential threats to the physical data destruction process, including:

  • Accidental loss
  • Emergency abandonment
  • Espionage
  • Hijack or vehicle theft
  • Insider attack
  • Theft.


While these threats have the potential to occur at any point, there is evidently less control when paper leaves a building.


There have been numerous incidents when highly confidential documents have been left behind. This year in particular has been subject to some potentially serious blunders. In early July, top secret documents containing detailed security arrangements relating to the Porton Down military research facility were discovered in a London bin. Earlier this year, boxes of intimate patient records and financial data were discovered by the BBC in an abandoned nursing home. Negligence towards physical document destruction could cost UK businesses thousands, if not millions.


Organisations are right to invest in encryption, antivirus programmes and other security measures so that digital data remains as secure as possible, but it should not be done at the expense of implementing sensible and proportionate security measures for paper documentation.


External data destruction solutions, such as off-site shredding, are often employed for convenience, but rarely is the true security of these services understood or investigated. Yet, control is lost as soon as documents leave a building to be destroyed. Off-site shredding may seem convenient, but it opens up a higher possibility of potential risks to documents as soon as they leave the premises, including theft, loss and espionage. Not to mention that these solutions are typically more expensive over time.


Document security is best left in-house. Best practice, when disposing of paper, is to destroy documents at the source, rendering them secure at the time of shredding. It’s about maintaining control of what can be a sensitive process. Not only does in-house shredding neutralise the risks associated with off-site transportation, there is also more control to ensure that destruction is carried out to an appropriately secure size. And, yes, particle size is important: a P-1 high volume shredder (typically found in off-site shredding trucks) will produce strips at least 10 times larger than a standard P-4 cross-cut office shredder for example. So, why leave paper document security to chance? 








Article rating:

vote data

Leave a reply

Rushmore Primary School. (photo: )
Delta Security  - 12.02.2019, 08:07

Delta Secures a Local Primary School

UK high-security specialist Delta Security has installed a sophisticated 1080p HD CCTV system at the Rushmore Primary School in Hackney.

The Bridges Shopping Centre in Sunderland. (photo: Bowman Riley Architects)
FM Editor  - 15.04.2019, 10:47

OCS Achieves Success at Revo ACE Awards

OCS UK has been named "Top Scoring Service Supplier 2019" at this year's Revo ACE Awards which celebrate retail destinations and people that deliver a consistently positive experience for customers.

 (photo: )
FM Editor  - 01.05.2019, 09:05

Future-Orienting Building Systems

A new BACnet/IP automation station from Sauter interfaces with common field bus protocols, the IoT and Cloud storage solutions to facilitate the control of critical building systems.

 (photo: )
FM Editor  - 15.03.2019, 08:10

International Property Award for APAC House

Sodexo's APAC House regional headquarters building in Singapore has won an award in the Office Category of the 2019 International Property Awards.

 (photo: )
FM Editor  - 06.12.2019, 12:43

Washing Away the Chocolate

Slattery Pâtissier and Chocolatier in Whitefield, Greater Manchester, has acquired a third machine manufactured from Miele's Professional range.

 (photo: )
FM Editor  - 04.12.2019, 09:53

T Gunning Rebrands as Gunning London

Refurbishment specialist and Chartered Building Company T Gunning Ltd has rebranded as Gunning London to reinforce its geographical focus on London and South East England.