Data security is in the news daily, with more and more intrusions reported. But many of those intrusions are easily preventable, as they occur due to employee-related information leaks. These breaches can take the form of willful sabotage or simple carelessness. Either way, these data breaches are a serious concern that all companies need to manage.
Image via Flickr by StockMonkeys.com
A lot of data leaks originate from people having access to information that they don’t need. Keeping data in the hands of appropriate parties is called data compartmentalization. While your office doesn’t need to employ draconian tactics, it is important to keep the most vital information in your company restricted to only those employees who need it for their work tasks. Not only does this safeguarding reduce the potential number of leaks, it also helps in the unfortunate event of a data breach, since you know the short list of employees with access.
Create a Plan
The single most important thing to do is to make sure you have a solid plan in place to deal with data security with the software you use. If your company uses a cloud-based or internal storage and sharing solution, it is imperative that you look into the specific security implications of the software being used and devise a plan for overcoming potential problem areas. The same is true of any other software setup or online service your company uses; if it runs on a computer in your office, you need to have a plan in place.
The sad truth is not everyone at your office ends up working there forever. Some employees move on to other opportunities, some change fields to find work more appropriate for their skills and talents, and some need to be let go. Former employees are a significant potential risk of leaked information, as hackers trying to find your company’s valuable data will target and exploit them, especially if the parting of ways was not voluntary on the employee’s part. You can fend off this danger by paying close attention to the comings and goings of employees, and promptly erasing the credentials of those who no longer work for the company.
The best plans in the world will go awry if no one in the company understands the importance of data security and howto keep data safe. Data security is the job of every employee, and you need to give them the tools to do that job. Employees need to understand the importance of protecting data on various devices, from USB drives and external hard drives to laptops, smartphones and tablets. But beyond that, sending security tips to employees and explaining why things like password changes are necessary to keep data secure is a good way to keep communications in the office open.
While data security will never be absolute, taking a few steps can help protect against the most common forms of intrusion. If you plan for employee-related data leakage, you can prevent it from doing critical damage.