January 20, 2015
In a post about data breach trends to watch for in 2015, SecurityInfoWatch.com editor, Joel Griffin, reported that employee mistakes remain the biggest threats to a business' security.
“Perhaps one of the biggest misnomers about data breaches is that most of them are the result of some sophisticated hacking scheme carried out by criminals half a world away. In reality, the majority of data breaches are the result of employee negligence such as posting usernames and passwords in plain sight or losing a laptop computer that contains sensitive information.”
Of course, workplace policies and messaging are key to tackling these kinds of security breach hotspots. Here are five vulnerable areas to check out.
In most offices, computer printers and copy machines are located in common areas. But how many times have you gone to print something only to find papers left in the print tray or machine?
Set up printers in secured areas such as at employees’ desks or in an access-controlled area. Here are other ways to manage risks of printer security.
Some people work in chaos and their work areas are a disaster. But a messy desk, and loose papers especially, are a security risk. It’s also risky to leave your desk with the computer unlocked and screen visible to the rest of the office.
Implement a Clean Desk Policy so that everyone has a clear desk with lockable drawers, and computers are locked down when employees are not at their desks.
Does your workplace still use open recycling bins? Open recycling bins (and waste baskets) are a huge security risk. Potential fraudsters can pick papers out of these containers.
When these containers are dumped into larger bins outside, documents become fodder for dumpster divers. Instead, partner with a document shredding provider that has a secure chain of custody with locked consoles for document storage in the workplace. All of the material in these are still 100% recycled but also ensure information is kept secure. Also, introduce a Shred-all Policy so all documents that are no longer needed are securely destroyed.
Many employees download confidential documents onto their laptops or smart phones so they can work at home or on the road. But removing confidential information in any form (hard copies stuffed into your briefcase or electronic files stored on a desktop) increases the risk of a security breach.
Provide practical advice on a regular basis using employee training. For example, remove only what is necessary to do the job and securely dispose of the information when done with it. Paper documents should be securely shredded (bring them back to the office if need be). A secure cloud service may help avoid downloading documents altogether.
So many breaches are the result of misplaced thumb drives that contain confidential information. Also, the growing use of personal unsecured devices (smart phones, laptops and tablet computers) is cited by 75% of organizations in the Fourth Annual Benchmark Study on Patient Privacy and Data Security by Ponemon as their biggest security worry.
Devices must be secured, and every company needs to train employees on how to protect devices. For example, do not leave them in plain sight in vehicles or in restaurants and other areas.
For more simple and inexpensive solutions to help mitigate these vulnerable areas in the workplace, download this office security infographic.