As you reorganize your office’s filing system, the security of its electronic documents is just as important as the security of its hard copies. While electronic documents may be safer and simpler to find than those kept in file cabinets or employee desks, their security is only as good as the weakest protocol in your company’s document management policies and procedures. Secure document scanning is good step toward protecting data. By implementing additional security controls, your electronic documents will be less vulnerable to user errors and malicious acts.
Secure Document Scanning and Protecting Digital Documents
Risk Levels and Sensitivity
As you prepare and organize documents, create an inventory and identify the documents that pose operational, financial, physical, security, and reputation-related risks if they become lost or fall into the wrong hands. For example, identify documents as being “strictly confidential” (unauthorized disclosure would significantly impede or damage operations), “confidential” (unauthorized disclosure would most likely harm operations), and “unclassified” (unauthorized disclosure would not likely harm operations). Use the classification levels as a guide to establishing security and authorization protocols for the documents or the electronic files in which they are stored.
In general, the retention policies that apply to physical documents apply to their electronic counterparts. Use company policies and applicable federal and state laws to establish a retention policy for electronic files that includes the procedures for documenting their destruction. Keep in mind that destroying electronic files is not the same as deleting them.
Avoid saving electronic documents to a computer’s hard drive. In addition to secure document scanning, instruct and train employees on how to save the files to a secure cloud-based storage solution or secure network drive. Alternatively, implement an automated document filing system that automatically saves documents in the appropriate folders.
Use secure document scanning and saving software that creates audit trails that allow you to see who viewed, accessed, shared, and altered data.
Have an emergency disaster plan that includes how to access electronic files from an offsite location. Similarly, ensure that the cloud storage provider is able to keep your saved documents accessible and secure if it experiences a disaster or security breach. If your company saves files to a network drive, create a plan for creating backups of the drive regularly. Furthermore, have protocols in place to restore files that employees accidentally delete or alter.
Just as you may keep physical documents locked in fire-resistant file cabinets, keep computers protected with passwords that regularly change, encryption, up-to-date antivirus software, regular virus scans, automatic time-out features, and other security measures.
Establish policies and procedures for accessing electronic files on mobile devices, particularly personal devices. If the company issues mobile devices to employees, ensure the devices have password protection and disable automatic logins to the repository.
Regularly test how hard or simple it is for employees and the public to access restricted electronic documents. These tests reveal vulnerabilities that the company can remedy before there’s a security threat.
When you have a secure document scanning system in place, you can feel more confident about you and your employees saving, viewing, and using electronic files. If the unexpected occurs as you transition to a paperless system, count on Polygon for secure document restoration and cleaning services. Before a disaster occurs, sign up for the Code Blue preparedness program to set up a comprehensive document preparedness protocol for your company and receive priority access to our business recovery and continuity services. Contact Polygon to learn more.
[Photo from Ervins Strauhmanis via CC License 2.0]