Shredding Documents Before Recycling Them

Data Protection, Paper Shredding, limeirck paper shredding

Paper data still plays a major part of industrial paper shredding. It is important that you are Shredding confidential paper before it is put into recycling. This is to ensure that your data is protected and cannot be viewed by public eye.

Paper like any other recycling is often left in the blue bin outside your home or business for it to be collected. This is a common practice and nothing wrong with it. If your recycling contains documents of a personal nature and or sensitive data nor for public knowledge, how it is disposed needs to be taken into consideration.

It is quite easy to access anything contained in these bins and within an urban area someone in a “white van” and a high vis jacket could pull up and throw these bags into the van. What they do with these documents may be unclear but can be malicious intent. Having the documents shredded before it is recycled will increase your data security.

Shredding Documents

A good practice for your business to incorporate is to shred your document before you put them into recycling bin. Also to be aware that a simple office shredder does NOT provide adequate data destruction. This data can be reconstructed. An industrial paper shredding service provides you with secure paper shredding. Incorporating a service to handle and destroy your documents should be used.

Scheduled Onsite Collection

A reputable shredding service will provide you with a collection service to handle and securely destroy documents you have. Ringing your shredding service provider and organising a collection at a time specified by you will ensure that you know when your documents are to be transferred.

A shredding service can provide you with sealed bags for collection and shred them in off site paper destruction location. A shredding service can also provide onsite shredding service with their specially designed trucks to handle and destroy these documents.

Data Protection

Under the EU directive the data protection act and the data protection commissioner are governing bodies in place to ensure that businesses handle data correctly and ensure sensitive data is used in a correct manner.

For more information on a reputable shredding service in Ireland please visit:

https://www.securityinshredding.com/

Responding To Data Breaches

Secure Paper Shredding Hard Drive Shredding WEEE Destruction

Paper Data;

Without a confidential document shredding service in place for shredding documents and media devices. Your company or business may become under scrutiny for not having these defensive measures in place to begin with.

It is common practice for a business to securely deal with paper documents in its handling, who can access it and how it is destroyed. Most businesses and organisations will incorporate a reputable paper shredding service and these processes are all above board.

Digital Data;

This trend is still widely used but not with the increase in use of mobile devices globally. Digital Data has become the preferred use of displaying data. How this information is used and the potential of this information being misused. Issues regarding digital use to be an “IT issue” but this is now no longer the case. Data Breaches and leaks have become more and more common due to lack of cyber protections in place. Lack of knowledge for one about cyber security is one factor that causes these issues.

Data Protection

A Data Protection strategy for digital and paper documents must be implemented throughout a business. There are governing bodies in place and bodies localised to your business and is worth knowing what procedures are in place for data protection. In Ireland the Data Protection Commissioner is a governing body directive from the EU.

“The office of the Data Protection Commissioner is established under the 1988 Data Protection Act.  The Data Protection Amendment Act, 2003, updated the legislation, implementing the provisions of EU Directive 95/46. The Acts set out the general principle that individuals should be in a position to control how data relating to them is used.”

The DPC provides guidelines for data protection and methods. If these measures are in place before a data breach occurs, it can save face for a business reputation and wont be scrutinised for not having these measurements in place to begin with.

The DPC site offers guidelines regarding Data Security both physically and digitally and the guidelines can be viewed here.

https://www.dataprotection.ie/docs/Guidance-Material-Menu-Page/m/219.htm

An Industrial Paper Shredding Service will provide you with credible Data Protection service please visit our site for more information:

Email us at info@securityinshredding.com

No. of Data Leaks and Data Breaches Increasing

irish data breaches, Data Protection, Paper Shredding, Data Destruction

Industrial paper shredding can be implemented using an off site shredding service throughout Ireland. Onsite shredding services are also available in the Dublin, Cork, Limerick, Galway and Waterford areas. These services should be common practice for businesses to comply with Data Protection laws.

It has become an increasingly talked about topic both globally and in Ireland of user’s details being leaked accidentally or retrieved through malicious means. The most recent story on a global scale is the “Panama Papers” involving political figures and leaders having offshore accounts and profiting from them. How the leak happened is still unclear but can happen.

Closer to home the Irish Aviation Authority (IAA) was the case of a data leak. The leak revealed the details of listed drone users in the country. No credit card details were released but names, addresses and emails were revealed. The leak was an internal issues and was dealt with accordingly. The Data Protection Commissioner was informed with the leak and appropriate actions were taken.

If A Breach Occurs

Your own business like any other business can be subject to a Data Breach or Leak. To think it wont happen to you is naive and bad business practice. If you feel a breach has occurred there are a number of steps you should follow if the breach occurs.

  • Take your site offline so the leak/breach is no longer available
  • Find out where the breach occurred. Contact IT or site developer for help
  • If public details are released then inform the Data Protection Commissioner
  • Issue a warning to the effected users that the breach occurred
  • Passwords for accounts need to be updated to prevent unwanted access to user accounts.

The quicker you deal with the issue the less damaging it is for business in the long run. Contacting the Data Protection Commissioner (DPC) is important as they are a governing body for issues like these. Failure to contact the DPC can result in a hefty fine and be damaging for business if the issue goes public.

Data Protection is vital for businesses to succeed and now more than ever it is important to have proper Data Security setup to prevent these kind of attacks. A confidential shredding service will provide your business with its Data Protection. Consulting with them about your Data Security would also be recommended.

Data Protection Commissioner Data Security Guidelines:

https://www.dataprotection.ie/viewdoc.asp?DocID=1091

Electric Ireland Phishing Scam Warning!

irish data breaches, Data Protection, Paper Shredding, Data Destruction

A Confidential document destruction service is one among many means of a businesses Data Protection. Data breaches can come in many forms and one method of a data breach is phising. When you hear reports of accounts being hacked or customer details have being released, this is one such method of doing this.

So what is phising?

A simple Google search of this question will provide you with the following answer

“the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers, online.”

It is common for these type of scams to target high profile companies with a large customer base. Hackers can produce “official” looking emails to trick people into giving their details. There are steps to help protect you against these type of attacks.

Below is an example of the malicious email in circulation:

Screen Capture of malicious email

Read the full article here:

https://www.independent.ie/irish-news/news/electric-ireland-warns-customers-over-sophisticated-phishing-scam-34587520.html

The article writes that the scam was asking customers click a link and enter their username and password. The way the email is worded to convince you that it is official. To the uneducated person this will look and feel official. Asking for your details in this manner is suspicious.

Also “Dear Customer”  should not be there. If it was an official statement then Electric Ireland would have your name in place of customer. Electric Ireland will have your name on storage and will be able to use it in documents.

The links to click are also displayed in a way to deceive you creating a link can be displayed to say anything.

Prevention against phising

  • If you suspect something the report it immediately as the company may not be aware of the issue.
  • Do not click on the links on the email and go through the Electric Ireland site to login
  • If you clicked on the link and feel your details were obtained then change your password immediately and report it to Electric Ireland.
  • Avoid clicking links that display as “here” or “Click Here” etc these can be misleading
  • Asking for your details through email is common practice.
  • Report any suspicious activity.

Microsoft have a detailed list to help protect you against phising scams. Awareness is key to scams like these the more you know the easier it is to protect your data and company reputation from data breach.

Microsoft Tips: https://www.microsoft.com/en-us/security/online-privacy/phishing-faq.aspx

For more information on Data Protection please visit our shredding specialist site

Data Destruction What Is It?

harddrive destruction, Media Destruction, Confidential Shredding Service

Off site document destruction and or onsite document destruction can be implemented for a purge clear out in business. Secure document shredding services in the Dublin area and throughout the country are necessary to comply with Data Protection laws.

Data destruction is the process of destroying data stored on tapes, hard disks and other forms of electronic media so that it is completely unreadable and cannot be accessed or used for unauthorized purposes. A good data destruction process in your company or business will ensure you are complying with data protection laws. Protecting sensitive data is paramount for a business and if data breaches occur a business or company will receive a hefty penalty if a breach occurs.

On Site Media Destruction Service

Incorporating a on site media destruction service to your daily business will benefit both you and your customers. In today’s market any form of a data leak or breach is a make or break for business and in particular for e-commerce businesses. A reputable confidential shredding service should be sought when the service is needed.

There are a number of reasons for getting your media and a good shredding service will be able to provide most of the following:

 

  • Hard Drive Shredding – Large Quantities

  • Data Erasure

  • Hard Drive Degaussing

  • Hard Drive Crushing

  • Hard Drive Shredding

  • Lockable Bins for Hard Drive Storage

  • Tape Destruction

  • Remote Employee Services

Off Site Media Destruction

Services needed do not always require an on site destruction. Medium to large businesses can avail of off site destruction service where bulk destruction can take place. A good and reputable shredding service would be able to accommodate this.

Knowing weather to go for a on site or off site service will come down to the business owner or manager and enquiring with the shredding service as to which option is recommended and most shredding services will offer free consultation.

Data Destruction Shredding Process

The shredding process of hard drives will occur in a secure environment and is destroyed beyond reconstruction to ensure its security Below is a video description of the shredding process.

 

For more information on Data Destruction and Data Protection or have any enquires about a confidential shredding service please visit:

https://www.securityinshredding.com/

 

Data classification and identification

Security In Shredding on site service, Onsite shredding service

Confidential shredding in Cork and throughout the country can incorporate a off site document shredding service to promote good business practice.

Internal Data classification and identification is when an Organisation tags their data so it can be managed effectively, securely processes, found quickly and destroyed appropriately.

It is a beneficial exercise for many Organisations as it helps to de-duplicate data stored on devices, this de-duplication vastly speeds ups data searches while also saves upon revenue in the form of storage capacity and back-up requirements for a given Organisation.

This exercise is also required for Organisations who need to meet legal and regulatory requirements for destroying the information beyond reconstruction, not holding information longer than necessary in addition to enabling an Organisation to retrieve specific information within a set timeframe.

Data strategies vary significantly from one organisation to another for many reasons. For example, many may generate different types and volumes of data that are subject to differing legislative requirement and responsibilities. The balance of information type can vary from one user to the next between e-mail correspondence, images, video files, office documents, customer and product information, financial data just to name a few.

It may seem a good idea to tag and classify everything within your Company database however experts here and abroad advise against this due to high costs and success rates within Organisations. Certified database technology is available for Organisations however; this method seems to work best for Governments with an allocated budget for the activity.

Alternatively, it is advised that Organisations can choose certain types of data to classify into the main segments of your business, for example; account data, personal data and commercially valuable data.

It is advised that an Organisation’s data is to be classified in line with their confidentiality requirements. It is important to carry out an information audit at this stage which in turn will give you an accurate view of the nature of the data.

It is essential for an Organisation to ensure that the data it is classifying is of good quality, “Common pitfalls for Organisations is that too much rubbish is allowed to accumulate, from duplication to copies of office party photos to personal letters to bank managers”, storage cleansing technologies are extremely useful at this stage to eliminate obsolete, trivial or redundant content.

Once the classification system is up and running it is important that management and staff take part in periodic reviews as it is not set in stone and business developments can translate to design changes in data classification.

Once the data has been classified an Organisation is empowered with the ability to tailor procedures for specific data in order to maintain regulatory compliance.

Secure Destruction of Sensitive data.

When destroying information whether it be hard paper data or digital data on data carriers it is essential for Organisations to ensure that they comply with regulations and are not proving to be negligent in their processes. For this reason, we have constructed three different protection classes for data that requires specific attention to ensure that the material has been destroyed appropriately.

 

Protection Class

Risk

 

Protection 1:Normal security requirement for internal data Unauthorised publication or dissemination would have a limited negative impact on the company. Protection of personal data must be ensured. There would otherwise be a risk to the position and financial situation of the affected persons.
  Protection 2:High security requirement for confidential data
Unauthorised dissemination would have a considerable effect on the company and could infringe legal obligations or laws. A personal data data-breach would result in considerable risk to the social standing and financial situation of the affected persons.
  Protection 3:Very high protection requirements for particularly confidential and secret data. Unauthorised dissemination would have serous terminal consequences for the Company and infringe upon trade confidentiality, place a data subject at risk of safety or freedom, break contracts and legal law.

It is essential that the confidentiality of personal data is maintained.

 

Destruction Tips;

Protection Class 1:

Destruction activities must be carried out in line with a detailed procedure, all staff carrying out destruction activities are to be trained. Alternatively, destruction processes are to be implemented and provided through a data processing firm receiving all data processing certificates for completion of destruction. All data is to be destroyed to shred No. 3 of EN 15713.

Protection Class 2:

Destruction processes of data in protection class No. 2 are to be implemented and provided through a data processing firm receiving all data processing certificates for completion of destruction. All data is to be destroyed to a minimum of shred No. 3 of EN 15713. The data processor must be registered for their services.

Protection Class 3:

Destruction processes of data in protection class No. 3 are to be implemented and provided through a certified data processing firm receiving all data processing certificates for completion of destruction. All data is to be destroyed to a minimum of shred No. 5 of EN 15713. The vendor must be independently certified to destroy paper and digital data beyond reconstruction and they must be registered for their services with the policing authority in the relevant Country.

Visit: https://www.securityinshredding.com/ for more information on a confidential shredding service.

Minister Alan Kelly endorses Free Confidential Shredding Event to celebrate Data Protection Day 28th January 2015

Data Protection Day 2015

So, it’s 2015 and many of us will have made a New Year’s Resolution to organise our paperwork and get rid of documents, old bills and other correspondence. It’s a task most of us dread let alone the stress and worry of how to securely dispose of this material– However help is at hand at two locations in Waterford and Limerick to mark Data Protection Day on January 28th 2015.

Minister for Environment – Alan Kelly supports Security in Shredding in celebrating Data Protection Day whom are offering A Free…. Yes FREE on-site shredding service for householders and SME’s on January 28th, in conjunction with the Southern Region Waste Management Office, Limerick City and County Council and Waterford City and County Council Authorities. The event will encourage data protection and the best practices in addition to waste segregation and the appropriate, safe and secure methods of disposing paper waste.

Householders & small businesses across the region are encouraged to bring along documents to the designated locations and avoid the financial, mental and emotional loss associated with identity theft on Data Protection Day. By participating in this event you would be beginning 2015 with organized and clutter free filing cabinets, office space, creating a clean and positive working environment as well as the piece of mind that your documents are being handled securely minimising the risk of identity theft and data breaches that are caused by documents being exposed.

} In 2013 the Data Protection Commissioner for Ireland received 1,507 data breach notifications – 25 times the number reported in 2009.

 

These events are taking place at the Mungret Recycling Centre Limerick and the Kilbarry Civic Amenity Site, Waterford between 11am and 3.30pm on January 28th. All materials will be shredded on-site, eliminating risks, 100% of shredded material is recycled.

Those who avail of the event and wish to put their names into a free draw on the day will be in with a chance of winning a one night stay B&B in the Commons Inn Hotel at the Mungret Recycling Centre draw and a one night stay B&B in the South Court Hotel at the Kilbarry CAS draw. So drop in on the 28th of January and make use of this FREE CONFIDENTIAL SHREDDING EVENT. Two refuse sacks per person.

“The Security of the Cloud …”

iCloud security wake-up call

 

As a result from the security issues surrounding iCloud, “The general move to cloud services is going to suffer..” “In the wake of a leak at the start of the month, Apple added new security measures to its iCloud service. Apple was late to the game with two-factor authentication, but most of these (celebrity) images were likely hacked before it brought in that update”, Conor Flynn stated to the Sunday Business Post. “These leaks should act as a wake-up call to Irish smart-phone users to keep account of where their data is being stored, according to Michael Conway – director of Renaissance”.

If the public was better educated about the methods and locations for storage of their data, it would minimise the risk to the user. “People share information so-freely in social media circles, the logical step is just saving that information in the cloud”.

According to the Sunday Business Post, the simple solution is to encrypt your files before saving to a cloud service because even if that cloud provider is compromised, your files are useless to anyone who gets them without the encryption key.

New Data Protection Commissioner

new data protection commissioner
We welcome Ms. Helen Dixon in to the Data Protection Sector and wish her success in her important new role. Ms. Dixon is taking over from Mr. Billy Hawkes whom has retired from his position as privacy chief since 2005.
Ms. Dixon has served an 11 year career in two US IT multinationals – Worth Data Inc and Citrix Systems – that had their EMEA bases in Ireland.
“The role of the office of the Data Protection Commissioner as an independent body which has responsibility for safeguarding data in Ireland is of critical importance.”
In a statement, a Government spokesman said Ms Dixon brings “a wealth of experience and expertise to her new role, both in the public and private sectors”.
We would like to wish Ms. Helen Dixon all the best in her new role and hope she has a successful career.
We would also like to wish Mr. Billy Hawkes well with his future endeavours.