Long before software and hardware failures, human factor is one of the most commonly encountered reason why companies suffer data leakages. According to a study carried out by Ponemon Institute, human error was pointed by 78 percent of respondents as the main cause for data leakage and security breaches in companies.
The study, sponsored by Trend Micro, a security technology company, further revealed that small businesses are more likely to experience security breaches connected with negligent human behavior rather than big companies or enterprises.
3 Causes for Data Leakage
The survey pointed top three causes which contribute to data leakage. They are:
- loss of laptops or other mobile devices
- system glitches
- mishandling of data by employees
The respondents in the study, professionals in the field of IT security, also admitted that as many as 58 percent of workers in small businesses have routinely clicked on spam links, 77 percent left their company computers unattended, and 55 percent frequently entered malicious websites.
10 Risky Practices
Below are 10 more practices in which company workers participate that Trend Micro cites as risky.
1. Connecting computers to the Internet through an insecure wireless network.
2. Not deleting information on their computer when no longer necessary.
3. Sharing passwords with others.
4. Reusing the same password and username on different websites.
5. Using generic USB drives not encrypted or safeguarded by other means.
6. Leaving computers unattended when outside the workplace.
7. Losing a USB drive possibly containing confidential data and not immediately notifying their organization.
8. Working on a laptop when traveling and not using a privacy screen.
9. Carrying unnecessary sensitive information on a laptop when traveling.
10. Using personally owned mobile devices that connect to their organization’s network.
The above shows that no matter how advanced security technologies employed within a company are, nothing will ensure the company's sensitive data is safe until employee negligence is dealt with. However, without latest and most efficient security solutions not only employees but also third party threats could compromise confidential data of companies.
To reduce the risk of data leakage, small businesses should put more emphasis on data protection policies, and ensure that workers are aware of the risks connected with negligent computer usage. This can be acquired by organizing thorough cyber security trainings for employees.
Moreover, small companies should also analyze the security technologies available at the company and check their effectiveness and accuracy.
If you fear that your company may not have proper security measures implemented, contact our specialists. We conclude in-depth security audits where we target vulnerable parts in your company's security network and can later help you address them so that your security solutions are up to date and solid.