In-house or outsource?
Document destruction, like other services, can be done in-house or outsourced. Which is the best way to go? Like every decision, the correct answer is the proverbial -- it depends.
There are two predominant types of shredding services available -- plant-based (offsite) and mobile (on-site).
Mobile-based shredding: Mobile shredders have the actual shredders on the truck itself. Mobile shredding companies provide bins or consoles for their customers and on scheduled days, the truck arrives at the place of business and the Customer Service Representative (CSR) collects the bins, or console bags, takes them to the truck, and shreds the material on the customer's premises. After completion the CSR will typically leave a Certificate of Destruction. Since the shredding operation is done on the customer's property, it is assumed to be more secure since nothing leaves unshredded. Often the customer will board the truck to ensure their sensitive material is indeed being destroyed.
Plant-based shredding: This is a typical off-site service where the plant has large industrial shredders. On the scheduled day, the CSR collects the bins or console bags, places them in his secure truck and transports them back to the remote plant where the bins are unloaded into a secured area. The collected bins are later staged for shredding, which can occur days later. Some view this as an insecure method since the documents may be left unattended. One other major caveat is that plant-based shredders may sort the material to maximize its recycling value which can put your organization at risk. Some of these off-site shredding companies are simply glorified recycling companies that get top dollar for recycling paper, your paper. Since their staff will sort the documents, they have the opportunity to take them. So before you choose a plant-based service, make sure you investigate them accordingly.
When dealing with an outsourcer, ensure that they are National Association of Information Destruction (NAID) certified. NAID is an independent organization that certifies destruction companies. Its certification program checks a shredding company's compliance in 22 critical areas, including everything from shred size to employee background checks. When it comes to something as critical as information destruction: caveat emptor. Unscrupulous shredding companies will claim to be NAID certified just to get your business. Make sure to ask for a copy of their NAID Certified certificate as proof of their standing. So what it depends gives you the right solution? There are potential security issues with both solutions. Mobile shredding is done with the CSR alone there and since the CSR is alone on the truck, they may have access to your confidential material.