Here are 3 Easy Ways to Start Developing an onsite data destruction program.
1. Take an inventory of all devices with business data on them (old and new).
It is important you know what type of data your organization has stored, and where information is kept. Keeping track of laptops, phones, tablets and other data bearing devices is not only the first step in your programs development, but your first steps toward mitigating your risk of a breach. You must also pay attention to older items and assets. Often times we encounter organizations that have boxes full of old data bearing devices and data at rest just sitting unprotected in a storage area in their data center, this is asking for a data breach.
2. Identify gaps in the containment of these devices.
As previously mentioned we have found several instances where retired assets or loose media has been haphazardly pushed to the side. There must be a process in place to securely contain such devices to avoid serious risk. Secure containment is just as important as proper data destruction and this can easily be implemented at multiple locations, allowing all departments to safely store data at rest until it is destroyed.
3. Pull together your resources to devote to an onsite data destruction program.
Don’t be afraid to get others involved in this task. It is vital everyone understands how important this process is, and understands how the process needs to work. Delegate people to help complete each step, having everyone on the same page will only make the process easier and safer. Also, use a certified vendor’s expertise and know-how during this stage. This will ensure everything is done correctly and within compliance and regulatory guidelines.
Don’t forget that help is available!