A recently published state of the industry report by Shred-it found that 47% of US business leaders (out of 1,000 surveyed) said human error such as accidental loss of a device or document by an employee had caused a data breach at their organisation.
While this was a US study, our experience paints a similar picture here in the UK. When it comes to data protection, your staff can be your first line of defence or your weakest link.
With the mandatory reporting of data breaches brought about by the introduction of the GDPR coupled with an increase in cyber crime, it’s more important than ever to protect your business against a data breach.
So, how can you prevent your staff from causing a data breach?
1. Train your staff on cyber security
Hold regular cyber security sessions to educate staff on the risks and make them alert to potential attacks. Ensure all staff are aware of your security awareness policies and procedures and that they know what to do in the event of a data breach.
2. Simulate phishing email attacks
There is software available that enable you to simulate realistic phishing email attacks. Use these regularly to test your employees and unearth your vulnerabilities.
3. Perform random work area checks
Occasionally walk the floors and check workstation areas for confidential and sensitive paper documents such as personal data and passwords.
4. Restrict access to data
Apply different levels of permissions to ensure that data is only available to those that need it to do their job.
5. Remove users
As soon as a member of staff leaves your business make sure you remove that person from your IT systems as a user.
While there’s no failsafe method to protect your business from a data breach, educating your employees about security threats and enforcing best practices can at least reduce the likelihood of a data breach caused by human error.