Employing an external shredding service may seem to be a quick fix, however this is rarely the best option for the cost or the security of your data and confidential documents.
Under new GDPR, organisations should consider auditing any external shredding service to ensure it provides an appropriate level of security as part of their data protection.
1. Are my documents being securely shredded? Go and check. Most people are taken aback at the size of shredded particles from a shedding truck. Often shredding trucks and off-site shredders will barely meet the lowest level P-1 DIN security standard.
2. How secure are my documents? Most of the time confidential documents sit in shredding consoles for long periods of time, awaiting Collection, leaving them vulnerable to visitors, cleaners and staff. “Certificates of Destruction” offer no protection against GDPR in the event of a data breach.
3. How much is it costing you? Typically offsite shredding will cost 80% more over 5 years than using an in-house office shredder. A well know retail chain were recently quoted £97,500 for 35 shredding consoles over 5 years – instead they installed 35 large HSM office shredders which cost under £20,000.
4. How flexible is your contract? Organisations can find they are bound in for at least 3 years of shredding service costs with no cancellation options – read the small print carefully.
Installing your own shredders around your premises is inherently much more secure and cost effective over 5 years than a third party shredding service. Organisations can have peace of mind knowing they are shredding at the right level of security to keep data secure - typically,
P-4 level cross cut security for general office shredding or P-5 security for departments such as HR and Finance who require a higher level of security.
Final tip: Consider a “Shred all”, “Shred where you work” and “Shred little and often” policy to ensure confidential information is immediately destroyed and rendered secure at point of use.