WHAT’S YOUR RISK FACTOR?  

The G20 Summit – truly the largest security event in Canada’s history – creates unprecedented challenges to the security of business information in the “zone.” Customer and employee records, legal and medical files, financial statements, internal memos and commercial secrets may be exposed to heightened security risks that are likely to be targeted by information criminals.

Michael Collins

Unfortunately, most companies have little or no experience adopting their complex information practices to the unpredictable environment within the “zone” or operating remotely from temporary locations outside of the “zone.”

Such times of uncertainty provide opportunities for fraudsters looking to exploit information security loopholes, yet companies’ obligations to protect their clients’ data cannot be compromised under any circumstances.

 The potential data security gaps include:

  • Lack of emergency preparedness plans and formal information security guidelines
  • Paper files or electronic equipment left unattended and unsecured in the offices within the “zone”
  • Paper files or electronic equipment misdirected, stolen or lost en route to locations outside the “zone”
  • Laptops and removable storage devices, such as CDs and USB keys, as well as sensitive paper documents misplaced, stolen or lost by employees working from off-site locations – including public transport, coffee shops and staff homes

While the security environment and many emergency scenarios cannot be predicted, the good news is that any company can adequately prepare as long as it gets the information security basics right.

Shred-it encourages them to be prepared by following simple guidelines that are important at all times and are imperative during high-risk and emergency situations: 

 Start with Data Security Audit to identify your unique security gaps

  • List all risks specific to your organization and your current internal and external environment
  • Target both paper-based and electronic information sources
  • Consider every stage of the information cycle, from data generation and storage to the transfer of data between your central office and off-site locations, as well as document destruction

       Address them in an actionable emergency preparedness plan

  • Include all possible contingency scenarios. Remember: 
  • All sensitive data that is no longer required – in paper or electronic form – should be destroyed
  • All sensitive data that is not destroyed – in paper or electronic form – should be stored securely

 Whether you stay in the “zone” or temporarily re-locate, make sure all data you need – in paper and electronic form – is secured.

  • Secure all electronic sources through restricted access and effective password protection
  • Audit all paper documents: separate still needed data from the data no longer required
  • Lock the documents you need in office drawers or, better, secure filing cabinets
  • Introduce a “shred-all” policy: shred all documents you no longer need; deposit any unshredded waste in locked security consoles, ideally with secure bevelled slots ensuring that, once paper goes in, it cannot be removed or compromised
    • Ensure there are no unattended files on staff desks, in file rooms, office hallways or printing areas

 

Michael Collins is the vice president for sales at Shred-it Canada. If you are interested in a full Data Security Audit from Shred-it, call 905-465-4288.

Share on LinkedIn Share with Google+
  • Listening to the radio today, I heard a lot about companies voicing out their frustration about how the G20 meeting has caught them by surprise. Many employees or businessmen needed to hastily set up telework and mobile security policies.

  • This is an incredibly informative piece.

    The tips you outlined are not only applicable to those impacted by the G20 “zone”, but are valuable when executed by any organization. These are great methods to ensure that companies are protecting themselves appropriately against unwanted cyber risk.

    I work at Absolute Software, and therefore, particularly liked that you mention securing laptops and removable storage devices. It seems like almost everyone has a laptop in today’s business world and that securing them needs to be a top priority. Whether it’s at the G20 or a local conference, laptop owners need to take the appropriate protective precautions to make sure they are safe from theft. If you need information on how you can protect your laptop or mobile device, please visit http://www.absolute.com .

    Thank you again for your insight!

  • Natalia

    Yes, right before the summit, many of us are working off-site, outside of our offices located in the zone. It’s an unusual situation, but it’s still important to maintain security, not leaving any sensitive documents unattended, especially in public places, and shredding any paper waste so sensitive information can’t be potentially reconstructed for fraudulent purposes.