How to Stop Your Electronic Data from being Compromised
Statistics show that by 2018, most office workers will be using up to 4 personal computing devices on the job. While a highly digitized workplace creates great opportunities for improved connectivity, information sharing and business growth, it increases electronic data security risks too.
The Ponemon Institute’s 2017 Cost of Data Breach Study: Global Overview showed that the odds of experiencing a data breach today are as high as 1 in 4.
In the 2017 Breach Level Index by Gemalto, there was a 164% increase in stolen, lost or compromised records in the last half of 2016.
Here are 7 ways electronic data typically gets compromised and how to reduce the risk.
- Email: Cyber criminals use email to infect their targets with malware and to steal information. In BakerHostetler’s 2016 Data Security Incident Response Report, phishing, hacking and malware accounted for the most data breaches (31% of incidents). Reduce the risk: IT safeguards are critical including regular patching, good software hygiene, and data loss prevention (DLP) technology.
- Employee error: BakerHostetler’s report showed employee actions and mistakes caused 24% of security incidents. Reduce the risk: Keep employees up-to-date about how to deal with current threats. Teach good work habits such as strong passwords and how to spot phishing emails. Create a Data Security Policy and embed secure processes in the workplace.
- Public Wi-Fi: Using public Wi-Fi poses security issues including man in the middle attacks and hijacks. Reduce the risk: While using a Virtual Private Network (VPN) will keep electronic data encrypted, the safest strategy is to avoid public Wi-Fi when transmitting anything confidential.
- Third-parties: Sharing confidential information with a third party can be risky. Reduce the risk: Limit third party access to the company network. Make sure third parties have information security policies. Never connect to unknown USB devices or computers (such as in a hotel).
- Internet of Things (IoT): There are now hundreds of networked devices in the workplace ranging from smart phones and smart thermostats to health-related devices such as wrist bands. But IoT devices often have weak or no security, and as a result there are predictions that they will be used as gateways to data theft. Reduce the risk: Purchase devices from trustworthy suppliers. Change device passwords, keep them updated, and protect company data by segmenting workplace networks into two networks.
- Insiders: Insider fraudsters steal data by taking pictures of screens and stealing devices themselves. Reduce the risk: Teach everyone to always protect confidential information that is exposed or visible on screens. Implement a Clean Desk Policy. Also, promote a culture of security from the top down in the workplace.
- Thieves: Information thieves use special software to recover deleted data on old hard drives (often purchased online). Reduce the risk: Use a data retention policy to protect confidential data throughout its lifetime and comply with privacy laws. Don’t stockpile or recycle hard drives or sell them secondhand (this includes printers, copiers and all computers). Partner with a data destruction company for secure hard drive and e-media destruction.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.