July 12, 2018
Working remotely at home or in a public place can exacerbate the problem with 86% of C-Suites and 60% of SBOs saying the risk of a data breach is higher when employees work off-site than when they work at the office. And with the increasingly popular open concept workplace design trend in place of the more traditional small, enclosed, and lockable private offices, the risk of exposing confidential is now that much greater.
The Shred-it research showed that 65% of U.S. workers still take notes at work and nearly two-in-five leave the notebooks out on their desks at the end of the day. Insider fraudsters or just people merely walking by a desk can steal this data. More than one-third of C-Suite executives know employees who have lost or had paper documents containing sensitive company information stolen.
One in four U.S. workers leave their computers on and unlocked when they are finished for the day – and that means digital files can be easily accessed by anyone.
Forgetting your cell phone in a cab or public place or leaving a mobile device visible in a locked vehicle, increases the risk of a data breach. About half of C-Suites in the research said their employees had lost or had their company laptop or phone stolen. One in 5 C-Suites and SBOs experienced a data breach because an employee had lost or had data stolen.
Sharing electronic devices with family or friends can increase the risk of a data breach if the device is used for work. There’s no guarantee that the person who borrows it doesn’t access the information they shouldn’t see.
Hackers compromise public Wi-Fi networks by setting up fake hotspots, launching man-in-the-middle attacks and taking over a network, and sending fake notices so they can install malicious malware.
Who hasn’t left boarding passes behind on a plane or tossed work documents into a garbage can? Unfortunately, only 35% of SMBs and 54% of larger firms have a policy in place for employees to dispose of confidential information while working off-site.
While organizations must provide all of the latest IT safeguards, the Shred-it report also recommended on-going training to inform employees of data security best practices, with an emphasis on work habits off-site. There must be comprehensive security policies and procedures as well as a highly visible culture of security. Policies should include a Mobile Device Policy to help control the use of devices, a Clean Desk Policy to keep desks clear, and embedded processes such as document shredding.