Data Breaches in Business : who’s really at fault?
When somebody says, ‘Data Breach’, we instantly think of a hooded-figure sitting in their Mothers’ basement with a list of peoples’ passwords.
However, according to a recent study in the US, 52% of company data breaches are actually caused by human error – your employees.
To be more specific, this happens when employees do not follow set policies and procedures put in place to keep the businesses confidential information secure or are generally ‘careless’.
Apparently 95% of these breaches have the potential to uncover private company data.
Just look at the recent data breach involving Facebook – one of the worlds’ most successful organisations.
For the most part, many data breaches can be easily prevented through employee education to recognise phishing attacks, using more complex passwords and keeping hard drives, USB’s and laptops in a secure place within the workplace in which all employees know their location so that they’re not easily misplaced.
One example of a recent internal-data breach was in 2016, when a hacker posted as Evan Spiegel and sent an email to an employee who was working in the payroll department for the social network Snapchat. This resulted in the personal protected information (PPI) of seven-hundred employees being released. Snapchat did later apologise to its’ staff and had to involve the FBI to investigate the matter further.
SOMETHING TO REMEMBER
The majority of companies where the employees make these mistakes are those businesses which class viruses or malware more of a concern than human error.
Sometimes they’re so caught up with the threats of the internet, they don’t concentrate on those that are sitting in their offices.
The most efficient way to reduce this issue is through educating employees about the dangers of security on a regular basis and making it a constant part of the business’s culture.
It’s also very easy for these threats and breaches to go unnoticed until the business is notified by authorities or security software.
Therefore, the data can be breached long before anyone realises.
“The number one greatest cyber threat to a business is their very own employees,” stated Darren Guccione, CEO and cofounder of Keeper Security, Inc.(US). “Critical data is more accessible via mobile devices in our 24/7-connected, device-filled world.”
Most importantly, don’t forget about former employees who may also still have access to the company’s passwords, confidential data or the external hard drive.
If you’re concerned about the security of your business and its private data, please do not hesitate to contact us as we are more than happy to talk through your companies’ own unique needs.
Phone ShredEasy on (07) 3823 4440, or click here to email.