March 13, 2023
Over the last decade, and prominently throughout the pandemic, the workplace landscape has shifted and evolved. In years prior, hybrid or remote work was not as common among businesses as it is today, with remote work having increased significantly since before the pandemic. A 2022 study by the Future Skills Center at Toronto Metropolitan University found that 78% of respondents preferred working from home, an increase from 64% in December 2020.
Though remote work can be convenient for employees, it can come with a heightened risk of data breaches for businesses as employees may not have the knowledge and resources to keep information safe. In an IBM survey of 550 U.S. businesses that faced a data breach between March 2021 and March 2022, those that cited remote work as a factor lost an average of $4.99 million USD, and those who did not cite it as a factor lost $4.02 million USD; this marks a difference of 21.5% or $0.97 million USD.
Many companies want to keep employees happy and give them more flexibility in where they work, but not at the expense of data security. If your employees work remotely, you can use the following strategies to help protect your business’ confidential data.
Employees should undergo data protection training at the start of employment, at regular intervals, and as incidents arise. According to the Shred-it® 2022 Data Protection Report, 48% of small business leaders (SBLs) surveyed believe that employee error was the source of a data breach, making ongoing employee training an important strategy for protecting business data.
Two policies that can help employees keep data safe from bad actors are the clean desk policy and the shred-it-all policy. A clean desk policy helps ensure physical documents are shredded or contained and that all technological devices are password protected each time an employee leaves a workspace. A shred-it-all policy encourages the regular destruction of all documents to help ensure no confidential information is left out in the open that could potentially fall into the wrong hands.
An incident response plan is a documented, written plan for IT (Information Technology) professionals and staff, which details specific actions that will help mitigate the negative effects of a data security issue. These plans are designed to save time and reduce staff stress should a data breach occur, as it keeps all personnel aware of their assigned duties. Without intentional plans and designated tasks, a business can risk worsening the incident, damaging its reputation and budget.
For employees working 100% remotely, there are several convenient options to dispose of documents at home, including professional document destruction services, such as Shred-it®, which offers residential shredding, drop-off shredding at a local facility, or community shredding events. Using the clean desk policy above, employees can safely store their documents until they are shredded.
The following checklist can help you find a trusted partner in information destruction:
Implementing a remote work policy can help to reduce data security risks. The policy provides employees with data security guidelines that are unique to a remote work environment.
Employees travelling between home and an office should be vigilant about safely transporting documents and equipment, including never leaving documents, computers, and cell phones in a car or unattended and only bringing the documents required to do their work.
The frequency at which employees should shred documents depends on the volume of confidential documents. If the paper volume is low, employees can use a one-time shredding service or a drop-off shredding service. If employees produce a high volume of paper documents for their job, they should ask for a regularly scheduled shredding service.
Learn more about how Shred-it® can help keep your information secure when employees are working remotely.