A lot of businesses hire contractors to shred their sensitive documents. It can be a smart way to save on equipment costs and staff time — but if those companies aren’t careful, they could be opening themselves up to serious security threats.

Increasing legal liability and the need to protect company secrets has made shredding more important than ever. But is this a function that you want to keep in house or is it something that you should contract out?

A growing number of companies offer shredding services that will manage the shredding and disposal of your sensitive documents just as you might hire a company to clean your offices or haul your trash. This can relieve you of the need to buy your own equipment or have your company’s employees handle the responsibility of shredding and disposal.

But there are some pitfalls to watch out for. The biggest mistake companies make: using services that have the paper hauled off site before it is shredded.

That would leave you open to the same possible breaches of security, as confidential material could get lost, mishandled, or deliberately purloined between your site and a centralized shredding company. This is not meant to accuse those services of being dishonest or incompetent. But once paper’s taken off your premises, any number of things can happen that could expose your info to a higher level of risk — and risk minimization is the whole point of shredding.

Increasingly common are companies that will come to your site with a shredding machine in tow (mounted, for example, in a truck) and perform the shredding on site. This certainly cuts down on your exposure. Such batch shredding may make sense if you have only low-sensitivity documents that you can afford to pile up during the day. But there’s still a problem of protecting more confidential papers that are waiting around for the shredders to do their job.

Another strategy for larger organizations is to set up a dedicated, centralized shredding facility on site (whether with internal employees or with the help of an external vendor). The center’s staff might come around to pick up papers to be shredded several times a day, lessening the problem of accumulating sensitive documents. However, it doesn’t solve the problem of highly sensitive documents being possibly seen by prying eyes inside the location.

The most secure method is to have a mix of shredding machines, both workgroup and personal, available in your office with employees responsible for shredding their own documents. Those with highly sensitive documents might have a shredder by their desks. Others might walk over to a departmental shredder located, for example, next to the copier or fax machine. This individual responsibility approach is becoming more common and the culture of using shredders just like any office machine is growing. Of all approaches, it offers the highest level of security.

What’s the best shredding strategy? That depends on the sensitivity of the documents in question. Some firms will take a mix of approaches. For example, employees that work with documents that require top-level security might have personal shredders at their desks, while less risky docs might be shredded by a third party.

How does your company handle the shredding of sensitive documents? Let us know in the comments section below.

Tags: documents, outsourcing, shredding