7 Common Data Security Mistakes – and How to Correct Them
A U.S. School of Business program recently identified some of the top data security mistakes made by employees in the workplace. What’s most interesting is that while the mistakes are a range of common work habits and IT faux pas, they’re all very simple to correct.
Here are common workplace mistakes around the world – and information security reminders and solutions.
- SHARING PASSWORDS
A survey by Pew Research Center showed that 41% of respondents have shared a password from one of their online accounts with friends or family. While the workplace should emphasize good password hygiene at all times, never share your passwords with anyone in the office or at home.
- RE-USING PASSWORDS
The Pew research also showed that 39% of respondents used the same password, or very similar passwords, for many of their online accounts. But it’s important to always use different passwords for every account and device (information thieves will try the same password on a person’s different accounts). A strong password is long, and has a combination of upper and lowercase letters, numbers and symbols.
- LEAVING CONFIDENTIAL INFORMATION UNATTENDED
When confidential information is left unattended and visible on screens, insider fraudsters (other employees, office visitors and even cleaning staff) can steal it by taking pictures with their phones. Exposed confidential information on paper is also a security risk. A Clean Desk Policy will help promote good security habits. Equip computers with privacy screens, and lock away confidential information when leaving the workspace.
- USING A GENERIC USB STICK
Not protecting confidential data in transit is a huge security risk. While cyber criminals can steal data online, physical theft of mobile devices and other media is also common. A recent report showed that when employees travel, theft of equipment occurred most in cars and transportation (25%), airports and hotels (15%), and restaurants (12%). Never leave mobile devices unattended in public places or visible in a parked vehicle. Encrypt all confidential data in transit.
- REMOVING CONFIDENTIAL DATA FROM THE OFFICE
Carrying unnecessary sensitive data on a laptop or smart phone when traveling is an easy mistake to make. But everyone has to become more conscious of what data they are putting onto their devices. Get into the habit of not removing confidential data from the workplace (saved on a mobile device or in paper form) – unless it’s needed to complete a work task.
- CONNECTING TO THE CORPORATE NETWORK WITH A PERSONAL DEVICE
Unless the workplace has a comprehensive Mobile Device Policy and your device has met all the criteria, do not use a personal device to connect with the office. Research has shown that over 50% of businesses expect to increase security strategies for employee use of personal devices in the next year.
- STOCKPILING OLD HARD DRIVES
Even if confidential data has been deleted from a hard drive, there’s no guarantee that information thieves won’t be able to retrieve it. Protect all hard drives during their lifetime. When dated or broken down, have the hard drive securely destroyed.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.