May 18, 2015

Five Ways Employees are Increasing the Risk of a Security Breach

In a post about data breach trends to watch for in 2015, editor, Joel Griffin, reported that employee mistakes remain the biggest threats to business security.

“Perhaps one of the biggest misnomers about data breaches is that most of them are the result of some sophisticated hacking scheme carried out by criminals half a world away. In reality, the majority of data breaches are the result of employee negligence such as posting usernames and passwords in plain sight or losing a laptop computer that contains sensitive information.”

Of course, workplace policies and messaging are key to tackling these kinds of information security hotspots. Here are five vulnerable areas to check out.

1. Printer Stations

In most offices, computer printers and photocopiers are located in common areas. But how many times have you gone to print something only to find papers left in the print tray or machine? Set up printers in secured areas such as at employees’ desks or in an access-controlled area. 

2. Work Area

Some people work in chaos and their work areas are a disaster. But a messy desk, and loose papers especially, are a security risk. It’s also risky to leave your desk with the computer unlocked and screen visible to the rest of the office.

Implement a Clean Desk Policy so that everyone has a clear desk with lockable drawers, and computers are locked down when employees are not at their desks.

3. Recycling Bins

Does your workplace still use open recycling bins? Open recycling bins (and waste baskets) are a huge security risk. Potential fraudsters can pick papers out of these containers.

When these containers are dumped into larger bins outside, documents become fodder for 'bin raiders'. Instead, partner with a document shredding provider that has a secure chain of custody with locked consoles for document storage in the workplace. All of the material in these are still 100% recycled but also ensure information is kept secure. Rather than leaving it up to individual employees to decide what's confidential, it is also a good idea to introduce a Shred-all Policy so all documents that are no longer needed are securely destroyed.

4. Work Habits Outside the Office

Many employees download confidential documents onto their laptops or smart phones so they can work at home or on the road. But removing confidential information in any form (hard copies stuffed into your briefcase or electronic files stored on a desktop) increases the risk of a security breach.

Provide practical advice on a regular basis using employee training. For example, remove only what is necessary to do the job and securely dispose of the information when finished with it. Paper documents should be securely shredded (bring them back to the office if need be). A secure cloud service may help avoid downloading documents altogether. 

5. Portable Drives

So many breaches are the result of misplaced USB flash drives that contain confidential information. Also, the growing use of unsecured personal devices (smart phones, laptops and tablets) is another potential source of a security breach. All devices must be secured, and every company needs to train employees on how to protect them. For example, do not leave them in plain sight in vehicles or in restaurants and other areas.

For more simple and inexpensive solutions to help mitigate these vulnerable areas in the workplace, download this office security infographic