A recent report from Beazley highlights the growing incidence of corporate data breaches caused by human error, and the numbers do not bode well for employers.
Beazley notes that while breaches caused by human error are not the most expensive types of data breaches to deal with, they are certainly among the most common. In fact, human error accounts for over one-third of all breaches that occur. The survey also notes that the frequency with which data breaches occur due to human error is on the rise, with a reported 10% increase from 2013 to 2014.
As you can see, human error represents a costly data breach liability to companies responsible for storing and maintaining sensitive data. Here are three simple employer insights from the Beazley report that can reduce the majority of the security risk associated with human error.
1. Better training reduces risk
Avoiding human error begins with establishing an understanding of what an error is. As noted in the Beazley report:
Unintended disclosure includes actions such as misdirected e-mails and faxes, as well as the physical loss of paper records – representing 31% and 24%, respectively.
Mistakes as simple as mislabeled email addresses can have severe consequences, and the fact that these types of breaches happen more often than others in the human error category is surprising. Training employees on simply checking email address fields twice or providing software that sets up rules for which files can be shared with whom can eliminate nearly thirty percent of human error-related data breaches.
2. Increasing use of mobile devices is creating havoc
Mobile devices are changing the way employees communicate. While many devices offer new and exciting ways to do business, certain features open companies to risk. Devices that are lost, stolen, or unattended without proper password security could leave sensitive information vulnerable. Avoiding this means educating employees on device safety protocols like turning off cloud-based backup solutions, changing habits to incorporate lock screen passwords, and notifying IT if a device is lost or stolen.
3. Rogue cloud storage solutions are simple to use, but unsafe
When employees need to transfer large files, they seek the path of least resistance. Company email servers often reject any files over a certain size. At the same time, cloud-based storage solutions have been aggressively marketing simple, one-click platforms to upload and transfer large files. The security risks of creating a personal account and uploading large documents are often overlooked in favor of simplicity and getting the job done. This human error is easily preventable through more aggressive education or by providing an easy-to-use solution that allows for the same simple collaboration a cloud-based provider offers (only safer).