Your employees are putting your company's data at risk right now. In most cases, they do this without even knowing that they are. Here are five ways that your employees are putting your confidential information at risk:
1. Not using password protection
A password is one of the most basic ways to protect data. It immediately adds a front-line encryption protection for your data. Unfortunately, though, many people don't bother using one at all. If your employees are using devices that are not password protected while managing confidential data, that data could become compromised, even if they aren't actively sharing it via the web. This is because un-encrypted devices are more likely to be hacked, and all of your sensitive data will be readily available to a thief if they steal the device. Your employees should password protect everything that could potentially be used for work purposes. This includes mobile devices like their cell phone.
2. Not sharing data securely
In order to send files, you need to use what is known as a file transfer protocol (FTP). An FTP is not inherently secure, so thieves can easily pick away passwords and other confidential information while your data is being sent. To prevent this, you should be using a secure FTP (SFTP). While your internal system may be using an SFTP, this may not be the case for your employees' external data exchanges. Make sure that you employees understand the importance of – and use – SFTP for all of their transfers of confidential information.
3. Using personal email to share confidential information
United States presidential candidate Hillary Clinton has been under fire for months about her personal emails. The reason for this is not that she is accused of trying to do anything illicit. It's because of the fact that she was using that personal email address for work-related correspondences while she served as the Secretary of State.
Personal email addresses are not backed by secure servers like your internal emails are; because of this, some people believe that she compromised classified information by simply using her personal email. In this case, nobody is certain whether or not she discussed anything classified via her personal email. However, this case highlights the fact that using a personal email improperly puts an organization's confidential information at risk. As such, you must make sure that your employees only use your internal email, which is protected, monitored and encrypted by your team, to share sensitive data.
4. Accidental virus downloads
When someone sees an email with an attachment, their first instinct is often to open it to sate their curiosity. Unfortunately, data thieves can easily upload a virus that compromises your entire network via a single email attachment. Instruct your employees to not open messages unfamiliar email addresses, and to contact a known sender directly to confirm the validity of a message before opening an unexpected email with an attachment.
5. Data theft by a terminated employee
When someone is fired from their job, they are inevitably unhappy. This can cause a great deal of resentment towards the company that terminated them. As the recent Ashley Madison data leak revealed, even a single employee who is angered by a termination could destroy a company's ability to protect its data. To avoid this, make sure that you revoke a terminated employee's access to all company data, and make sure that you let them go the right way.
Don't let your employees put your company at risk
You can prevent your employees from compromising your company's confidential information by having them use the data protection resources that you already have on hand.