For many businesses large and small maintaining the integrity of confidential data is a must.
In some cases they are strictly legally mandated to do so – the healthcare industry springs immediately to mind here – and in others while the actual ‘rules’ might be a bit of a gray area the ‘leak’ of confidential information often spells disaster.
With many employees working from home right now due to COVID-19 restrictions this data security is an even bigger issue
To help prevent this an increasing number of companies are quite sensibly making a deliberate effort to ‘beef up security ‘ around such information, by making use of innovations like two factor authentication, biometric identification and other data access protections.
What many do forget though is that most businesses have one more potential data security threat that needs to be addressed; the employees that access it. And given that many are ‘out of sight’ right now, aside from the occasional Zoom check in, the issue is one that has to be addressed.
Although there have been cases of confidential information being compromised deliberately by disgruntled employees most such breaches are unintentional.
That having been said they can still be very harmful. With this in mind here are three actionable steps you can take to help prevent the integrity of your confidential data being accidentally sabotaged by your employees.
Focus on Proper Training
According to an Infowatch report, 66% of the data leaks the logged were the result of an internal, rather than external breach. Further research however determined that over 40% of those leaks could be attributed to a simple lack of training on the part of the people responsible.
To address this businesses need to ensure that every employee understands what confidential data they are actually handling to prevent accidental disclosure.
This training should constitute more than just a few pages in an employee handbook that may never be read or a company wide email that may get lost in an overstuffed inbox.
A formal Zoom based training session – or sessions – is a far more effective way to try to ensure that everyone gets the message who needs to, and occasional testing may even be a good idea, especially in healthcare or customer service settings where a data breach can have serious legal ramifications for the business.
Emphasize Email Encryption
Insecure emails were a big topic of conversation last year in the run up to the Presidential election, but although there is no doubt that most people noted the issue a recent Echoworx study found that only 40% of companies were making use of email encryption to safeguard confidential data. For those businesses that do not that leaves a big hole in the security of their confidential information.
The fact is that once your team has been properly educated about just what confidential information means, this is a step should come naturally, just ensuring that employees know to – and have the ability to – encrypt any email they send that contains sensitive data. There are a number of tools available to do this and most of them are easy to implement and not particularly expensive either.
Make Security Easier
The easier a set of information protection protocols is the more likely it is they will be adhered to, so ensuring that whatever precautions are put in place are user friendly is another must.
One way to determine this is simply to ask for feedback from the employees being asked to use them. Are they still having trouble even after a formal training session? Are the tools slowing them down? If so it may be time to look at a different solution that better takes user experience into account.
Need help finding data management solutions? Contact us, we’ll be happy to help.