How would you feel if you find out that your most loyal employees could be responsible for information security breaches in your company? What will you think if we tell you that even you could be leaking your business’s secrets without you intending to do so?
Canadian Survey Says Human Error is the Primary Cause of Information Security Breaches
To err is human – you’ve probably heard of this saying so many times, and yet it cannot be truer especially when dealing with information. How many times have you simply dumped out receipts at a regular bin without shredding the receipts first? How many times have someone in your business answered the phone and simply gave away your company’s bank details without verifying if there is indeed a real reason for the caller to know such details?
It is not surprising that Shred-it’s 2016 Security Tracker Survey found out that the number one cause of information security breaches for small businesses is human error. Shred-it is a business specializing in destroying information sources to protect a business’s private information.
Truth be told, establishing protocols and implementing training programs are often far below the list of priorities for many small businesses despite the fact that staff errors and lack of awareness being the biggest threats to any business’s security.
What You Do Matters
The survey actually showed that 41% of Canadian C-suite executives and 47% of small business owners are aware that the biggest threat to their companies’ futures is the lack of employee knowledge regarding protocols and safety measures when it comes to handling information, but not many are doing something about this.
To illustrate the above, 39% of small business owners don’t ever conduct compliance training and only 31% of surveyed C-suite executives admit to facilitating a once-a-year training and mostly just for compliance requirements. More so, 47% of SBOs only audit their policies every few years if they do at all.
To safeguard your information, it is recommended that training should be an ongoing process and protocols should be audited and reviewed often. When employees are not trained properly, they often make crucial decisions as they see fit or whatever is convenient for them – actions that can lead to a serious security breach plus increased risk of fraud.
Failing to audit and revise policies, train employees, and keep abreast with information security trends can cause your business to lose or expose important employee, customer, and business data. This can ruin your business or severely affect your business depending on how critical the information leak is when it happens.
Correcting employee behaviour can take time because you will need to have professional help to train them and devise a sound system for protecting your data. In the meantime, you can start with the following:
- Start shredding all documents that leave your office for the bin.
- Have employees clear their desks each time they have to leave their workstation for longer periods.
- Wipe out hard drives when cleaning data stored electronically. Better yet, destroy wiped-out hard drives before throwing them away if they are no longer needed.
Need more help in protecting your data and devising a training system? We can help with that! Our private investigators can help with a lot! Not only will we help with training, but we can also seek out possible breach points. Contact us for an obligation-free initial consultation!