Top Five Human Errors That Impact Data Security
Posted onJun 3rd, 2019
Despite our security innovations, human folly continues to be the source of hacks and breaches. Just last year, vulnerabilities were found in Android’s API that allowed cyber attackers to access device data and user tracking. Social network Google Plus was forced to shut down after a major profile data leak that went undisclosed for months. And most recently, Facebook faced another privacy breach, this time affecting 1.5 million users.
This wasn’t the fault of some system or AI. This is an oversight by the world’s greatest engineers and developers. If it can happen to companies like Google and Facebook, it can happen to small startups and growing enterprises.
So what are the main reasons that data security is impacted?
1. Unauthorized user or application access
According to Cisco, 44% of IT professionals have dealt with unauthorized network access or unsupervised device sharing. 70% believe that unauthorized programs resulted in “as many as half of their companies’ data loss incidents.”
It’s no surprise- with the surge of mobile devices and laptops, anyone can access a secure portal from almost anywhere. Friends and family may use an employee’s login without their approval, or even their notice.
2. Falling for scams, trojans, phishing sites
Even emails that appear innocuous could potentially devastate a company’s entire system. In the Check Point Research Security Report of 2018, 64% of organizations faced some sort of phishing attack in the previous year. Verizon reported that 28% of phishing attacks are targeted.
Phishing attacks, scams, and trojans underscore the importance of robust firewalls and anti-virus software. Each week hackers are inventing new ways to trick people into letting their digital safeguard down. That’s why it’s vital to maintain updated security measures and to constantly remind users to be wary of these attacks.
3. Lack of cryptographic or high-level security
You would be astonished to find out how many businesses fail to uphold even the most basic privacy standards. And it’s not just Instagram. In fact, there’s a whole website dedicated to companies that email you your own password, a list called Plain Text Offenders. This careless habit opens up websites to a multitude of data breaches.
That’s also why 2FA or “two-factor authentication” has become so popular recently. With an added layer of protection, the most common attacks can be easily prevented. Encryption is also important, especially in sending and receiving information, to ensure that only the sender and the recipient are allowed to view the contents of a message.
4. Failure to properly dispose of data
Don’t think that just because you delete your data and or password protected a device that your information is safe because it’s not. Even when you dispose of an old computer or phone, there’s still a small likelihood that hackers can gain access to your photos, messages, emails, contacts, and other sensitive information.
Never run that risk. Whenever possible, hire a reputable company to properly destroy these devices in a safe manner. Only then can you sleep soundly knowing that hackers aren’t trying to pry into your recycle bin.
5. Untrained or undertrained employees
Above all, sheer ignorance is the root cause of security breaches. Whether it’s an employee forgetting to lock their computer, or a developer that forgot to implement a second layer of authentication, you can never be too careful in training your employees.
As soon as you hire each new member, conduct a rigid test on your IT security. Educate them on the best practices of handling sensitive information, as well as protecting IT systems the right way. Consider having a dedicated cybersecurity team to handle the most urgent security issues, and to also conduct regular maintenance checks to prevent any leaks.
Brave new world
We’re living in an era of rapid connectivity, social interaction, cloud storage and computation, and even artificial intelligence. Who knows what the future will hold ten, twenty years from now. Perhaps our most robust systems of protection like 2FA and cryptography will prove worthless. Only time will tell.
Until then, there should be no excuse for any company not to employ the highest standards of cybersecurity. You may feel inconvenienced at the time and cost involved. But think of the consequences involved if ever your business faced a major data breach. It could spell the end of your company altogether. Train your employees. Protect your systems. Update your software regularly. And if you’re ever lost on how to best protect your data, work with a trusted partner like Securis.