Promoting Data Security in the Workplace
By Tim Wayne, Writer
The threat of data theft has impacted individuals, major retailers, and even the U.S. government as thieves become more sophisticated in their efforts to steal sensitive information. However, the most common problems leading to leaked data are most often caused by businesses’ own employees.
While rogue employees account for leaks in many instances, employees often make themselves vulnerable through carelessness or lack of training. Some of these risky behaviors include:
- Sharing passwords with peers, or reusing the same password repeatedly
- Leaving devices unlocked and unattended
- Using channels or devices which aren’t encrypted to send sensitive data
- Improperly disposing information, or not deleting information when no longer needed
And this recklessness isn’t just a problem among lower-level employees, either.
In fact, studies illustrated in the infographic below show that senior managers are more than twice as likely than workers overall to send sensitive information to the wrong personnel, or take files with them after leaving a job. On that note, nearly nine out of ten business owners upload work files to personal email or cloud accounts, and over six out of ten use the same passwords across multiple accounts.
If you recognize some of these behaviors in your own workplace, it might be time to start becoming more aware of how to promote data security.
How to Promote Data Security at Work
The first step to promote security is for employers to create a written security policy that clearly defines steps employees should take when handling data. But without following through with employee briefing and training, this policy isn’t likely to do much. While the majority IT professionals claim security policies are communicated to new hires, only 28% of employees say they actually received any kind of briefing on them.
Training on data security is especially important if employees are using their own devices, since this introduces new vulnerabilities. Unsecured or jailbroken devices can be particularly risky when used for work. This makes it worthwhile to demand extra security measures for employee-owned devices, such as requiring a password for access and using antivirus software.
Another issue impacting data security is that many employees feels that they simply aren’t responsible for keeping work data secure. Your security policy needs to reinforce the importance of data security by outlining potential consequences of failing to comply. And for when a leak does occur, it’s always a good idea to have a data breach response plan in place as well.
For more stats and tips on promoting data security in your workplace, check out the infographic below: