Categories: Fraud & Scams

Data breaches from within the workplace

Protecting your businesses precious data

As we roll on towards the European Union General Data Protection Regulation early next year, it’s becoming even more important for companies of all sizes to tackle data security within their structure. Small businesses may have a simpler organisational setup but lack the required skills and resources to manage their data within the new regulations framework, and medium sized enterprises might have some in-house IT skills, but a massively more complex data structure and processing setup that are adding to data security issues.

A quarter of employees have deliberately shared company information with other companies

In the report by Egress, 24% of employees questioned said they had “purposefully shared confidential business information outside their organisation, typically to competitors, or new and previous employers” with half of them stating that they would delete the email from their sent items folder.
This information could include contact and costing details of your clients, and financial information relating to your company. Once in a competitors hands it’s easy to see how you can quickly loose clients even without them being made aware of the data breach.

Email Recall

46% of the respondents said they had received email recall requests, this is when an email is sent from a business server, and the sender realises their mistake and attempts to recall the email from the recipients inbox. While this works fine within your company organisation, if any emails are sent outside your company domain you have no guarantee over control of recall on those systems.

Check before you click

More than one third of those questioned said they did not check the contents on emails before clicking send, stating they they were rushed in the majority of times (although using a mobile device, alcohol, tiredness and autofill systems also accounted for some of the errors)
Checking you have the correct recipient in the TO, CC and BCC boxes is a simple step and can greatly reduce the number of emails sent to the wrong people. Often it’s where names a similar, so consider giving your email contacts nicknames to make it more obvious to you, also when sending emails to an email list, check the recipients on the list quickly before sending just to make sure it’s the correct list, in a recent data security breach, details of health problems, family bereavements and personal issues were sent by the University of East Anglia to 298 students
In the report, of those who had accidentally sent an email to the wrong person, 40% had insulted the recipient or included rude jokes, swear words and even risqué messages and 9% had accidentally leaked sensitive attachments, such as bank details or customer information.

It’s not always hackers

Taking control of your data is not a outside threat only situation, you also needs to manage the internal threat. It might be accidental or deliberate, but staff with access to precious data should have regular data security refreshers, alongside a robust data security policy that includes the digital policy used on staff computers and BYOD situations, to documented procedures on how you comply with the GDRP and how you will manage any potential data breach, intentional or otherwise.

#WeCanHelp

We can help you implement and manage a data security policy to manage your companies precious data and reputation. For small business who do not have in-house IT we can offer end-to-end IT security helping you maintain the integrity of your precious data, and for larger companies who do have in-house IT support, we can offer supplementary IT skills to help your in-house team manage your data.
Contact us for more information on securing your IT and precious data before it’s too late.

it@tinsleynet.co.uk


07825 650122


Contact Us

Related Services

Share
Leave a Comment