Data: every business has it, no matter how small or low-tech. Medical offices keep patient files, retailers hold onto records that include customers’ financial information — even dog walkers have sensitive files. Employers of all kinds keep records of employee tax forms and Social Security numbers, the kind of data that can do lasting damage to employees’ lives if it’s compromised. And yet, most companies make themselves and their data vulnerable without even realizing it, by making one or more of the following common mistakes.
Weak Cyber Security
Hackers never stop improving, and are getting more sophisticated. Look no further than the recent Equifax breach, in which hackers stole the financial information of more than 140 million Americans — from a company that spent millions on its cybersecurity efforts. Unfortunately, it may not be possible to completely defend against the efforts of skilled and determined hackers, but tightening up your IT security measures certainly makes it harder for less experience criminals to access your company’s data.
Lax Employee Security Rules
Say a business has no rules in place forbidding employees from transferring files from their work computers to their personal devices. Some ambitious worker copies some files to a thumb drive in order to do some work from home over the weekend, but his roommate ends up finding and accessing the thumb drive instead.
Another staffer downloads a new song for free from an untrustworthy website. The file contains a virus that infects her computer and spreads throughout the company network.
The receptionist struggles to remember all her passwords, so she writes them on a Post-It and keeps it on her monitor. A visitor to the office notices and takes a photo of the note while she’s not looking, then goes home and logs into the company’s payroll account.
Those are just a few examples of the ways in which insufficient security guidelines might put your business at risk. It’s essential to have clear and thorough policies in place so that employees know what’s expected of them and what measures they should take to protect themselves and the company.
Human Error
Of course, even with security guidelines in place, employees will make mistakes. Nobody’s perfect, but that’s of little comfort when you’re dealing with a data breach. Human error is one of the most common ways that data is jeopardized. In fact, it accounts for 52% of data breaches, according to research done by CompTIA and released in 2016.
How might human error put your company data in danger? It depends. Using weak passwords to lock sensitive files, accidentally revealing proprietary information to friends and relatives, opening phishing emails without realizing what they’re doing — each of those mistakes could prove costly to your company.
Human error also plays a part in another of the common ways that companies jeopardize their data: improper handling of old devices.
Improper Disposal of Data-Storing Devices
Employee badges. Broken copiers. Outdated fax machines and desktop computers. They may look like trash, but they’re treasure to the dedicated thieves who take them apart to find the data stored inside.
But some office workers don’t realize that the old devices and badges they’re discarding still hold this data, and so they toss them into trash bins or drop them off at local recycling sites — neither of which is an adequate way of destroying data for good.