Story image

Avoid the traps of human error

08 Jan 13

When people talk about data breaches, the tendency is to think about cybercriminals and hackers trying to access networks to extract valuable information.

This is dangerous for two reasons. Firstly, it can lull organisations into a false sense of security.

“What could criminals possibly want with our data?” they ask. Or: “We don’t hold payment details – they wouldn’t target us.”

This in itself can lead to a general air of complacency around data security: “It’ll never happen to us.”

Secondly, research has shown that in reality the biggest risk to an organisation’s data lies somewhat closer to home.

Recent research from the Ponemon Institute showed that organisations cite “human factors” as the cause of 78% of all data breaches.

In other words, the greatest threat to an organisation’s data actually comes from its own staff.

This is not to say that your employees are deliberately trying to harm your organisation. Instead, the research shows that the vast majority of data breaches are caused instead by human beings, being human – forgetful and careless.

So, the challenge is how to stop them.

Take charge of device management

Technology has an answer. The idea is to take responsibility away from the user as far as possible whilst maintaining a workable solution which enables staff to be productive.

Using a management console to enforce data security policy across an organisation prevents this problem.

Organisations are responsible for administering their own management systems, which can be used to monitor, set and enforce policies right down to individual users if required.

In addition, management software can also track and monitor what devices are allowed and what data is downloaded, and can be used to block the usage of unencrypted USBs.

This removes the chance of human error by automatically guaranteeing the use of an encrypted device.

Management consoles can also remotely wipe USB devices which are lost or stolen, monitor usage and even control precisely what data may be downloaded to portable memory devices, thereby adding extra layers of data protection.

Management technology takes the responsibility out of the hands of staff and ensures compliance by removing the chance of human error.

Enforcing data security policy via an automated, managed solution prevents data breaches, and in doing so protects both staff and data.

Encryption counters human error

The use of encryption effectively counters human error because it is relatively inexpensive, simple to administer and highly successful in preventing data breaches. If an encrypted device is lost or stolen, the data remains secure and a breach is avoided.

Encryption is also easy to use. Employees are sensitive to new policies which they feel will prevent them from doing their jobs properly or make them less efficient.

An encrypted memory stick can be used with the same ease as an unencrypted device, and provides peace of mind for staff and security for data.

Biometric devices are more expensive but are also more secure, and have the usual benefits that biometric security holds over passwords (a fingerprint can’t be forgotten, guessed or written down on a Post-it).

Make life easier, not harder

Employees are adept at finding workarounds for policies which make their lives harder, they don’t agree with or they see as unnecessary. If following the rules makes life harder, a recipe for data breaches will result.

Education has to go hand-in-hand with technology. Staff need to understand their responsibilities around data security and how to use technology effectively in order to do their jobs without risking a data breach.

Technology in data security should be an enabler, which allows staff to do their jobs better and more safely.

Human beings will always make mistakes, so the onus is on organisations to ensure that they can mitigate this threat.

The good news is that technology support can prevent carelessness turning into a data breach.

Dimension Data nabs three Cisco partner awards
Cisco announced the awards, including APJ Partner of the Year, at a global awards reception during its annual partner conference.
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
Rimini Street hits NZ shores with new subsidiary
The third-party support provider for Oracle and SAP has opened a new Auckland-based office and appointed Sean Jones as NZ senior account executive.
Why the adoption of SAP is growing among SMEs
Small and medium scale enterprises are emerging as lucrative end users for SAP.
Exclusive: How the separation of Amazon and AWS could affect the cloud market
"Amazon Web Services is one of the rare companies that can be a market leader but remain ruthlessly innovative and agile."
HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.
A roadmap to AI project success
Five keys preparation tasks, and eight implementation elements to keep in mind when developing and implementing an AI service.