There’s a lot of research that shows human error is a leading cause of security incidents in the workplace.
Unfortunately, anyone that has poor information security habits on the job is probably putting their personal information at risk too.
In a recent report by U.K.-based software company Egress Software Technologies, ‘sending data to the wrong person’ and ‘losing paperwork or having it stolen’ both accounted for 17% of data breaches.
But there are simple ways to make information security an everyday habit – and reduce the risk of a data breach while protecting personal and confidential information in and out of the workplace.
Here are 5 best practices that will make a difference.
- Don’t share confidential data unless absolutely necessary. Before sharing any confidential information with anyone, find out why it’s needed and how it will be safeguarded. Be more guarded online, and don’t over share personal details on social networking sites. Always set the privacy and security settings on web services and devices. When sending sensitive information by text or email, double check recipients and necessity.
- Be alert for scams – online and in person. A 2017 analysis of the data breach landscape in the U.S. showed that hacking (including phishing, ransomware, and skimming) was the primary method of attack in 63% of overall breaches. Learn to recognize different scams by checking trusted websites and attending on-going education provided by employers. Always be suspicious of unsolicited e-mail especially those that require immediate action and contain spelling or other mistakes. Scrutinize emails with links and attachments. When in doubt, delete.
- Keep confidential information under ‘lock’. Physically lock devices, and use available IT locks like biometrics and security keys. Choose strong passwords (not the default or an easy-to-guess password), and don’t use the same one on different accounts. The 2017 Verizon Data Breach Investigations Report (DBIR) showed that 81% of hacking-related breaches leveraged either stolen and/or weak passwords. Never leave laptops or other devices or confidential papers visible in vehicles, or unattended in public places, where they can be stolen.
- Be careful when using public Wi-Fi. Public Wi-Fi is easily compromised by cyber criminals. Avoid sending confidential data this way, or use a Virtual Private Network (VPN), which is a private, controlled network. Also, encrypt sensitive information sent over public networks, and encrypt sensitive information that is stored on your computer network, laptops, or portable storage devices (encryption software scrambles information sent over the internet).
- Dispose of confidential information securely. Egress research showed that the insecure disposal of hardware and paperwork continues to be a significant cause of security incidents. At home, find out what documents must be kept (certain tax related documents, for example) and for how long. When confidential information is no longer needed, be sure it is securely destroyed. Don’t toss paper documents into the recycling bin or garbage can – it should be securely shredded. Hard drives must be ‘unreadable’ before disposal too because information thieves can recover information from old computing devices and e-media.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.