How Employees Inadvertently Expose Their Company’s Sensitive Data
It is so easy for employees to share information and accidentally contribute to data leaks in businesses. Here are a few ways to prevent employees from inadvertently exposing your organization’s sensitive data.
83% of companies believe that employee errors have put sensitive business and customer data at risk of exposure, according to a study by Egress. More than 1,000 security professionals at US-based companies participated in this recent research.
This 2019 study also identified the technologies that are most often involved in this type of accidental data leak. Email services provided by both on-premises systems and cloud service providers (e.g., Google Gmail) topped the list. Examples of email-based accidents include sending emails to the wrong address (which can easily occur when the auto-completion feature is enabled) and forwarding messages that contain sensitive information. Other technologies commonly involved include:
- File-sharing services (e.g., Dropbox)
- Collaboration tools (e.g., Slack)
- Messaging apps (e.g., WhatsApp)
Note, all these tools are used for sharing information.
Avoid Getting Caught With This Dilemma
To minimize the number of accidental data leaks caused by employee errors, the following are a few precautions to greatly assist:
- Document the company’s rules regarding the sharing of sensitive data in a new or existing policy. If sharing is allowed, be sure to specify the conditions under which it is sanctioned and create procedures on how to properly share this data.
- Provide employee training. After documenting the rules and procedures, notify employees and be sure to discuss what is considered sensitive data and how easily accidental leaks can occur.
- Use encryption. Encryption is one of the most effective ways to protect sensitive data that has accidentally fallen into the wrong hands. Numerous encryption strategies exist that meet different needs.
- Limit your employee access to sensitive data. Employees may not realize or may forget that certain types of data are sensitive. By using access controls, you can prevent them from obtaining and sharing that data.
- Use a solution that automatically identifies sensitive files and prevents them from being copied into emails or other tools.
Other precautions to take will depend on your business’s data, operations, and employees. Our experts at CopperTree can explain the different encryption strategies, types of access controls, and other types of solutions to help you make an informed choice.
Need help with your company’s IT planning & internal and external security defense? Let us help get you started with IT planning items to consider and how IT Services can assist.
CopperTree Solutions can help develop and implement a backup strategy that fits your business to keep you current and protected.
We serve clients both large and small, in Kitchener, Waterloo, Cambridge, Guelph, Stratford and surrounding areas.
Call 519-804-2461 or email Colin.Shantz@ctsol.ca