Why the “Destroy-All” Policy is a Best Practice

This blog explains the merits of removing employee discretion from the data disposal
equation by implementing a destruction-by-default policy.
----------
No organization (in its right mind) would consider allowing every front-line employee to write themselves checks or give employees the choice to disable the company’s Internet firewall.

Either one would lead to ruinous consequences.

But, as ridiculous as these ideas sound, neither of them is any different from giving every employee the discretion to decide what should or should not be destroyed.
By simply instructing employees to destroy information THEY believe is confidential, the
organization is, quite literally, putting its fate in their hands. Making the wrong choice about what is or isn’t securely destroyed could be devastating. There are plenty of studies showing the dramatic consequences of data breaches (defined as any unauthorized access), including their devastating financial impact and that they drive a significant number of businesses into bankruptcy.

The heart of the “employee discretion” problem is giving them multiple disposal options (or tracks) to choose from.

Every piece of paper, including mail, memos, reports, drafts of correspondence and proposals, etc. potentially contain sensitive or proprietary information. If an employee is given the choice of whether these materials go in the trash, in the recycle bin, or in the destruction receptacle, they have the potential of making the wrong call. The organization’s data security is not only dependent upon their judgment but also on their state of mind. Did they have bad night’s sleep, are they hungover, are they too lazy or disgruntled? Or are they just too overwhelmed with their work to worry about picking the right bin?

A data breach is not the only problem to having multiple disposal tracks for paper or electronic devices. It also undermines any future challenge to the integrity of regulatory compliance and compromises intellectual property legal protections. All the lawyer, auditor or regulator has to do is ask, “How can you tell the court you’re sure it was properly destroyed when you gave every employee the option of not destroying it?”

The solution to this problem is removing employee discretion from the equation by implementing a single “destruction-by-default” disposition policy that covers the disposal of all media. A growing number of organizations already are. They have, quite wisely, decided that the risk and associated cost of allowing employee discretion regard what is and is not destroyed is unreasonable.

In this emerging model, all the organization’s discarded media is treated as confidential and worthy of secure destruction, which is more than likely true anyway.