World Paper Free Day INFOGRAPHIC | Paper the top infosec concern for many businesses

By: In: Infographics On: Nov 05, 2014
World Paper Free Day INFOGRAPHIC | Paper the top infosec concern for many businesses

One of the survey questions in the recent information risk study we undertook with PwC asked businesses to rank the information #WPFD Infographicrisks that they are currently concerned with. Overwhelmingly, they ranked the handling of paper documents as the single greatest threat to the protection of their information. Around two thirds of mid-sized companies regard the management of information on paper as a serious security risk, more than double the number that fear the external threats such as hacking and malware to their digital information. This and other findings are set out in this infographic. Click on the image to open a scalable version in a new browser window.

The result was surprising. Unfortunately, the survey didn’t provide much detail on why businesses ranked this risk so highly. We can only guess at some of the reasons.

Is it a resource issue?

Managing and protecting information in all formats is not easy. However, with the significant investments that many have made to track and secure their digital information, many may feel that their electronic information poses less of a threat.

The study revealed that just 15 per cent of businesses have a team focused specifically on the protection of information on paper.

A good number of businesses (39%) have monitored policies in place to guide employee behaviour in the storage and disposition of digital records. Notably fewer, (31%) have the same in place for their paper documents. Paper, may just be harder to control. As we’ve stated elsewhere on this blog, you can invest a fortune in building a fortress around your digital information, just for highly sensitive information to be walk out the door on paper.

Is it about assigning responsibility to the right people?

Most organisations think IT security should have a responsibility for information risk (73%) and many (46%) believe IT managers should be ultimately accountable. However, just 3 per cent believe that the records manager should hold some responsibility. Arguably, those best placed to mitigate the risks to paper are not assigned the responsibility to do so. Preferably, the business unit that originated the content should be more involved in its management

What else could it be?

Many businesses are managing large legacy paper archives that have grown over time and, with successive change in personnel, may have lost track of what they have and where it is. This would leading to uncertainty over retention. Perhaps, with businesses focussing on the digital transformation of their paper, the concern of paper security has been highlighted. Whatever the answer, one thing’s clear, managing paper securely is hard to do and has become a significant concern for businesses of all sizes and sectors.

For advice on how to make your office paper light visit:

Please post a comment below and let me know what you think could be contributing to this concern with the perils of paper.

← Take it to the top: How you can promote information responsibility in your business The unsung hero on the #infosec front line →

Leave A Comment

About the author

Sue Trombley

Sue Trombley, Managing Director of Thought Leadership at Iron Mountain, has more than 25 years of information governance consulting experience. Prior to her current role, Trombley led Iron Mountain’s Consulting group responsible for business development, managing a team of subject matter experts, and running large engagements. Trombley holds a Master’s degree in Library and Information Science and is an ARMA certified Information Government Professional. She sits on the AIIM International Board, the University of Texas at Austin of School of Information Advisory Council, and is VP of the Boston ARMA chapter. Sue is a frequent speaker at association events, a published author, and frequent blogger on industry trends and issues at and at