October 11, 2018

How to Prevent a Data Security Breach in the Workplace: 9 Slip-Ups to Avoid

When it comes to data breach risk in the workplace, cyber criminals often get all the attention.

But research has shown that employees can be the most worrisome –and weakest – link. For example, a recent Intermedia report found that 93% of employees engage in at least one form of poor data security. You may not realize that some of your everyday office activities are putting you at risk, and even if you do, it can be easy to slip-up now and again.

Here are 9 common types of security risks that can put an organization in danger of a data breach and simple solutions to keep you secure.

  1. Delaying patching. Software companies regularly issue patches to fix security and other vulnerabilities in computer and network systems, and these are a common IT risk for a security breach. The longer the delay, the greater the opportunity for hackers. Solution: Deploy patches right away to avoid network security risks.
  2. Leaving computers unlocked and unattended. Over 25% of workers surveyed by Shred-it leave their computers unlocked and unattended, creating computer security risks. Solution: Lock all devices – use a screen lock and if possible, lock the device in a drawer or office – when leaving the area temporarily or for a longer time. In the workplace, a Clean Desk Policy is recommended to help emphasize and teach security-driven procedures.
  3. Clicking on links or email attachments.  Attackers have gotten good at creating email messages that look legitimate. But these phishing scams can introduce malware or fake websites that collect confidential information. Solution: Double-check the URL (hover over links/hyperlinks). If it doesn’t match the link or looks suspicious in any way, don’t click on it. Don’t open unexpected attachments. 
  4. Using sticky notes for confidential information.  Writing down an account number or password and sticking it in an easy-to-see location means anyone walking by can steal it.  Solution: Lock away all confidential information - do not expose it for all to see, and use a password manager.
  5. Using the same weak password for everything. A Norrie Johnston Recruitment report showed that 23% of employees use the same password for different work applications. Solution: Create strong passwords (use a pass phrase and numbers and symbols) for different accounts.
  6. Downloading mobile apps. Cyber security in the workplace extends beyond the desktop. Downloading apps without reviewing them carefully (including privacy policies) can introduce malware to your mobile devices as well. There are often risky access permissions required too.  Solution: Don’t download unapproved apps to corporate devices, and limit permissions on mobile devices.
  7. Leaving private papers on your desk or in meeting rooms. Insider fraudsters can steal data either by visual hacking or physical theft. Solution: Never leave confidential data unattended, and be conscious of this in meetings. Securely shred confidential papers that are no longer needed.
  8. Putting confidential papers into the recycling bin. Dumpster divers go through recycling bins looking for sensitive information. Solution: Have all paper documents securely destroyed when no longer needed. A Shred-it all Policy is recommended.
  9. Forgetting to pick up printed documents. Leaving printed papers in the copier machine is risky because anyone can pick them up. Solution: Pick up anything you print right away. Consider implementing password-protected printing in your workplace.

Start Protecting Your Business

To learn more about how Shred-it can protect your documents and hard drives, please contact us to get a free quote and security risk assessment.