4 Data Security Mistakes Employees Make

8 years ago

We live in the world of knowledge workers. A world where what a company knows is far more valuable than what a company physically possesses, which makes Data Security one of the most pressing concerns for Big Business—despite most businesses being unequipped to deal with these dangers.

Here we’ll be covering three innocent mistakes that employees make, one less-than-innocent mistake, and how an enterprise can mitigate these dangers

Innocent Mistakes

1) Lack of Awareness Training

The truth of the matter is, your employees are probably not security experts, and they’re probably not equipped to recognize highly sophisticated social engineering attacks like Phishing and Spear-Phishing.

“Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication” (Phishing attacks and countermeasures”. In Stamp, Mark & Stavroulakis, Peter. Handbook of Information and Communicat Security. Springer).

In the past these were rarely successful due to poor spelling and grammar, however these days these attacks are often written grammatically correctly and may appear to becoming from within the company. Your employees may innocently be providing information to someone from another department whom they believe to have access to that information. This threat can be mitigated by making clear guidelines about what information is never to be shared via email or over the phone. (For example. the IT department will never ask staff for passwords.)

2) Under-Reporting

Imagine you’re an employee who’s noticed a security threat or may have fallen victim to a sophisticated phishing attack. Do you know who you would report to? The truth is that most companies don’t have clear accountabilities or hierarchies for reporting security threats. Make sure that vulnerabilities are patched well in advance and that the same mistake never happens twice by making sure that your employees always know how and where to report security lapses or vulnerabilities and feel safe and comfortable doing so. Even if they were the one to make the mistake. Remember, your staff are human, not criminals.

3) Dangers of “Bring Your Own Device”

Everyone wants to use their own device. We use it everyday, we’re familiar with it and can work much faster and smoother with equipment that we’re intimately familiar with. However this can lead to situations where employees are working on computer networks that may not be as secure as your enterprise network. (. All it would take is someone working on sensitive Intellectual Property while on a public Wi-Fi network for all of that data to be taken, and your client’s information potentially being compromised. Despite the possible productivity benefits be very wary with letting employees use their own devices for sensitive material, or make sure that your IT Department or cyber-security team is involved every step of the way.

Less Innocent Mistake…

Employee Theft

I know I said that your employees are human, not criminals, but sometimes there are tough breaks and people make some rash decisions and decide to steal company property or information. The US Chamber of Commerce estimates that employee theft costs American businesses $20 to $40 billion per annum so this issue shouldn’t be ignored (“Employee Theft Still Costing Business” – Inc.com). This threat can be contained by making sure that there is clear internal infrastructure for reporting security concerns as discussed above, and making sure that disgruntled employees don’t have unbridled access to sensitive information.

WinMagic – Your Trusted Source for Data Encryption Solutions

Are you looking for ways to safeguard your company’s most valuable asset? Contact WinMagic today at 1-888-879-5879. WinMagic has been helping customers secure data through encryption since 1997.

Our products have won several awards, and we have five million clients in over 80 countries. Find out how our data encryption solutions can work for you and your business by speaking with a customer service representative.

WinMagic https://www.winmagic.com

WinMagic is a leading developer of endpoint authentication and encryption products that, over the course of 25 years, has raised the bar for user security. With extensive experience with securing the endpoint — and continuous innovation — WinMagic is trusted by over 2,500 businesses and government agencies around the world and has over 3 million active licenses globally.

Are Your Employees Your Biggest Network Security Problem?

Server Security: Use Pre-Boot Network Authentication

MFA and Zero-Trust Misconceptions Prevent Effective Solutions

The WinMagic team believes we can revolutionize the cybersecurity of the world. Our latest authentication solution, MagicEndpoint, is ready to…

May 16, 2023

Thi Nguyen-Huu

Device-Level Signals: Framework of Zero Trust Security

The U.S. government is tightening the reins, requiring agencies to comply with Zero Trust architecture (ZTA) by the end of…

April 13, 2023

Garry McCracken

Passkey vs. MagicEndpoint

There are three types of people in the corporate world: Those who think their laptop is just an average computing…

March 27, 2023

WinMagic

A more secure “client” for passwordless authentication

In this article, I’ll introduce a new passwordless authentication thought process: an entirely new “entity” that advanced passwordless solutions should…

March 8, 2023