Despite the public’s perception of data breaches, not every breach is a meticulous, calculated operation from the laptop of some shadowy hacker. In fact, the reality is far more mundane, and a great many breaches are caused by your own workers.
Whether simple, innocent naivety or the work of some fiendish usurper, internal breaches still rank among the most common threats to company data. So who are the people allowing these data disasters? Here are the most common offenders we’ve come to know:
The Naïve Recipient
While many of us are aware of those common phishing emails, not everyone in your organisation is as sceptical. For every worker who rolls their eyes at those blatant email scams, there’s a dozen others who’ll be more easily convinced to share contact details, logins, corporate credentials or company data with fraudsters.
Nowadays, scammers are a little less audacious, posing as reputable companies and crafting some eerily authentic fake emails. For example, a request that you download some Dropbox images from a senior colleague - because they’ve “run out of the disk space” on their own computer – might lead to some nasty malware or phishing attempt.
The untrained eye might not notice the tell-tale signs of a phishing attempt; the slightly incorrect return address, the unrecognised sender name, the vague and unexpected attachment and the supposed urgency for a response - and that’s when a single click sees sensitive information uploaded, urgent invoices paid to a bogus account or crippling ransomware unexpectedly downloaded.
The Solution: Regular phishing training for employees will help them recognise the threats and signals of phishing emails, as will regular awareness tests and intermittent cyber-security training. A dedicated web filter will also block any suspicious-looking emails and limit users’ ability to download unverified files.
The Weary Wonderer
We’ve covered the benefits and risks of Remote Working in the past - but to summarise, Remote Working is a major benefit that nonetheless requires significant security measures.
With your workers out of the office, they’ll be expected to sign in remotely on a host of less-secure connections; their home network, public transport, or the ever-popular coffee shop WiFi. They’ll also be open to the physical threats of ‘shoulder-surfers’ or ‘visual-hacking’ and common thievery. It only takes a moment’s distraction for practiced criminals to get their sticky fingers on that expensive work tablet, and if it’s unlocked, it could be mere minutes before your confidential documents are available on the Dark Net.
The Solution: There’s a responsibility amongst remote workers to keep their work property out of the prying eyes and hands of thieves, but companies also have a duty to set up their Remote Working solutions with the necessary precautions, and provide training on best security practices. This will include Two-Step Authentication, SaaS Protection, VPNs, and strict password policies to minimise losses.
The Vengeful Villain
In 2014, British supermarket chain Morrisons dealt a stern wrist-slap to one of its IT Auditors after they were found to be using the company’s post facilities for their own personal use. Following said wrist-slap, the vengeful auditor bundled a wealth of payroll data onto a USB stick, uploaded the contents onto the Dark Web and then sent CDs of the same data to local newspapers. Expectedly, said newspapers reported these breaches and the employee received subsequent slaps to the wrists, face and freedom – earning eight years in prison on three convictions of fraud.
The Reckless Abandoner
This employee doesn’t even work for your company, nor are they a hacker; they’re an ex-employee who has departed and taken some confidential company details with them. Maybe the data’s still lingering on their smartphone following a lax Remote Working policy. Maybe their login privileges haven’t been revoked, and they’re still logged into your company network on an old or forgotten device. Either way, they’re still lurking in your company’s infrastructure or handling your sensitive data - and maybe they’re not even aware of the potential threat they could cause.
The Solution: A policy that regularly forces users to change passwords means that logon credentials don’t stay valid forever. Regular audits also mean that any users who have long-since left the company can be securely removed from the system.
We’re loathe to point fingers – employees are the backbone of any company – but by recognising the most common causes of internal breaches, you can give employees the assistance they need to prevent inadvertent breaches. After all, when it comes to company security, the responsibility is ultimately everybody’s.
Whether it be Careless or Calculated, a Data Breach can be Disastrous for Your Business.
Our Data Breach and Disaster Recovery eBook details everything you need to prevent and recover from data breaches – so you can respond quickly and compliantly in the event of a major incident.