In the 2018 Cost of Insider Threats report by Ponemon, 64% of organizations blamed the ‘careless employee or contractor’ as the root-cause of most insider threat incidents in the workplace.
Unfortunately, just one little slip in security can start the ball rolling towards a serious data breach.
6 Common Data Security Risks to Avoid
Lack of Security on Connected Devices
The Internet of Things
, or IoT, is moving full steam ahead with fitness trackers, digital assistants, cars, garage doors, and other devices, being connected. Before allowing apps and devices – and third parties – to connect and share your personal information, check the security features and update default usernames and passwords. Consider two networks in the home, one for home devices and a second for IoT devices. Refer to the Mobile Devices Policy in your workplace as well.
Using Weak Passwords
It’s so important to protect all devices and accounts with strong, unique passwords
. Rather than using easy-to-guess pet names or common phrases, use a passphrase (start with a sentence you easily remember; take the first letter of each word and add number or symbol for a very unique password). Or, a password manager will generate, store and sync logins for you as well.
Opening Malicious Emails
Falling for an email phishing attack
is one of the biggest security mistakes, according to the International Institute of Risk and Safety Management. Targeted emails, called spear phishing, are personalized (data thieves research social media sites
for personal information to use). The email tries to trick the receiver into clicking on a link or opening a malicious attachment – and that can lead to account compromise. Do not open anything from someone you do not know or if the email feels suspicious.
Posting Confidential Information on Social Media
Nearly 90% of employees check social media at work, according to a recent survey by Chicago-based ComPsych
. Protect personal – and company – information by not over-sharing on social media. Never post full name, date of birth, family information and home address – this information is the first thing a fraudster will use to try to guess your passwords. Don’t post photos of confidential data such as a new driver’s license or credit card either.
Recycling Confidential Data
The blue bin
is not a secure container for recycling confidential information – and it should never be used for data that is no longer needed. The same rule applies to data on hard drives. If a hard drive is broken down or being upgraded, consider it to be a source of confidential data for information thieves. Instead of ‘recycling’ or stockpiling a hard drive
, have it securely destroyed. A professional information destruction company will provide both of these services and will recommend a Shred-it All Policy.
Leaving Confidential Data Exposed
There are so many ways to expose data ranging from leaving confidential information sitting out on your desk to not being careful about who can see your laptop screen in a coffee shop. Always protect and shield confidential information in public. In the workplace, a Clean Desk Policy
helps reduce the risk. Plus, here are 12 simple information security office reminders
from information destruction leader, Shred-it.
Start Protecting Your Business
To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.