Employee Negligence: Risky Habits Can Damage a Company’s Reputation
Organisations are constantly trying to secure and protect their confidential data from external threats, such as hackers. Frequently overlooked is the fact that a significant portion of data breaches originate from internal sources – their employees. As the backbone of an organisation, employees handle most of the organisation’s data and if they are negligent, data breaches may follow. In addition to the negative effects resulting from a breach, organisations may also be subjected to a fine from the Personal Data Protection Commission (PDPC) for non-compliance, resulting in damage to their reputation in the long term. This would cause existing and potential customers to lose trust in the organisation which in turn could affect the overall success of the company.
Training your employees on how to avoid risky habits will reduce negligence and assist in mitigating breaches:
- Leaving confidential information unsecured
It is common practice for employees to print out physical copies of documents that contain sensitive data. Leaving such documents unattended on a desk or on the printer may provide an opportunity for unauthorised individuals such as maintenance staff, contractors, guests and even other staff to gain access to them. Such sensitive information can be manipulated by individuals for various nefarious activities such as fraud and identity theft.
- Improper disposal of physical data
Improper and careless disposal of physical data can cause many detrimental problems for an organisation such as data breaches, or fraud. A reporter from Yahoo News Singapore revealed that there is a wealth of confidential documents available on the streets if you know where to look. Bank statements, photocopies of NRICs, driving licenses and work permits were among the sensitive documents that were found. If fallen into the wrong hands, sensitive information like this can be easily mined with dire consequences.
- Throwing out old or unused hard disk drives without securely destroying the information
Criminals can mine through e-waste bins and easily retrieve sensitive information from devices, such as hard drives, for various illegal activities.
Effective data security measures should be implemented within an organisation in order to instill good data protection habits among all employees. Some examples include:
It is crucial for all employees to take responsibility for handling and securing confidential data and not just depend on the organisation’s Data Protection Officer (DPO). It is only when every employee adopts a holistic approach towards data security, organisations will better be able to protect their employees and customers from falling out of compliance with data security legislations such as the PDPA and the General Data Protection Regulation (GDPR).
Start Protecting Your Business
Learn more about how Shred-it can safeguard your unwanted documents and hard drives by contacting us for a free quote and security risk assessment.
 Yahoo News Singapore. 2017. Careless disposal of paper documents can have serious consequences: experts. [ONLINE] Available at: https://sg.news.yahoo.com/careless-disposal-paper-documents-can-serious-consequences-experts-084457678.html.