Privacy Tip #116 - Insider Error or Threat Continue to Cause Data Breaches

Robinson+Cole Data Privacy + Security Insider
Contact

You continue to hear that your employees are your biggest risk when it comes to causing a data breach. Recent incidents that we have been involved in that were caused by employee error include:

  • lost or stolen unencrypted laptops, phones or removable media;
  • downloading sensitive information onto thumb drives or USB drives and losing them;
  • clicking on infected links or attachments and introducing malware or ransomware into the system; or
  • misdirecting an unencrypted email containing personal information.

The sad thing about these incidents is that they were all completely preventable. Protecting your company from your employees is an odd concept, but essential in the context of data security.

Some protections include:

  • implement security measures so employees can’t download information onto unencrypted laptops or thumb drives;
  • prohibit non-company encrypted thumb drives from being connected to your system;
  • educate employees to detect and report phishing and spear phishing schemes, test them with internal phishing drives and re-train employees when they fail;
  • require the transmission of sensitive data with encryption;
  • implement procedures for employees to use the phone or face to face contact when receiving odd requests via emails for financial information, benefit information or wire transfers;
  • implement multi-factor authentication and strong password procedures; and
  • educate employees to slow down, take their time and verify the intended recipient before sending an email
  • educate, educate, educate and engage your employees on data security so they can become the company’s stewards of data .

These basic data security measures may have protected the companies who suffered the incidents above from mistakes made by their own employees.

[View source.]

Written by:

Robinson+Cole Data Privacy + Security Insider
Contact
more
less

Robinson+Cole Data Privacy + Security Insider on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide

This website uses cookies to improve user experience, track anonymous site usage, store authorization tokens and permit sharing on social media networks. By continuing to browse this website you accept the use of cookies. Click here to read more about how we use cookies.