Sunday, April 14, 2024
No menu items!

3 Types of Employees that can cause a data breach

Must Read

Fortinet Security
Employees provide the internal threat when it comes to cybercrime.
When it comes to cybercrime, it is easy to imagine that the biggest threat to your company is external. However, more and more companies are realizing that trusted and trained employees can also pose an enormous threat. You may buy and install the latest and greatest in cyber security programmes  and yet still be vulnerable to attacks because of your employees.

While some attacks and breaches are caused by employees with a grudge, many occur due to negligence – perhaps ignoring a warning; failing to allow procedure – or simple human error. Carey van Vlaanderen, CEO Of ESET South Africa, has identified three types of employees that can cause a data breach.

1) Innocent Actions

When it comes to a breach of data, innocent workers can cause as much damage as malicious hackers. Examples – and true-life stories – of human errors are: a mobile phone being lost, letters being misaddressed and even a filing cabinet containing sensitive data being sold to a third party.

2) Careless of Negligent 

You now the security warning that flashes up on your screen – do you always take immediate action?

A survey by Google in 2013 discovered that 25 million Chrome warnings were ignored by 70.2% of the time partly due to the users’ lack of technical knowledge, which led to the tech giant simplifying language it uses for its warnings.

3) Malicious

Unfortunately, as well as human error, malicious actions by employees also play a part in insider data breaches. This is illustrated by the story of the UK’s communications regulator OFCOM, which discovered in 2016 that a former employee had sneakily been gathering its third-party data. Shockingly, the malicious activity had been taking place over a six-year period.

What can be done?

Corporations may start reprimanding employees who “misunderstand, misinterpret, or miscalculate longstanding security policies and procedures.

And with the impact of a data leak causing damage to businesses, including financial loss and the damage to a firm’s reputation, it is unsurprising that companies are open to finding ways to mitigate and limit computer misuse.

1) Increase employee awareness

Perhaps the most logical step for employers is to ensure that all employees are aware of the potential impact of their actions, and how to avoid inadvertent data loss. It is also important to involve all employees in appropriate training, rather than simply those involved directly with IT.

2) Keep information safe

There are many reasons why one should encrypt data – while not embraced by all, encrypting data could be an important part of preventing data loss.

4) Monitor data, and behaviours

Keeping a close eye on computer use and the behaviour of individuals should enable businesses to remain aware of and identify unusual or risky activity. BYOD (Bring your own device) schemes which operate in many companies should also be carefully monitored and controlled.

5) Look to the future

With the risk posed by employees – however innocent – potentially catastrophic to business, it is hardly surprising that employers seem set to take a much tougher approach to insider security threats in future years.

Staff Writer

- Advertisement -

How Are Smart Contracts Transforming Financial Transactions?

In the dynamic landscape of financial technology, smart contracts emerge as a transformative force. These self-executing contracts, with terms...
Latest News
- Advertisement -

More Articles Like This

- Advertisement -