Workplace errors increase risk of data breaches
Around two thirds of businesses have experienced a data breach in the last year and seemingly innocent workplace mistakes could be one of the main causes.
A new report produced by the Ponemon Institute for document security specialist Shred-it reveals that 71 percent of managers have seen or picked up confidential documents left on a printer.
This seemingly innocent workplace mistake isn't the only thing threatening information security, over three quarters (77 percent) of managers admit they have accidentally sent an email containing sensitive information to the wrong person. What's more, 88 percent have received an email containing sensitive information from someone within or outside of their organization that they were not intended to receive.
"The report reveals two key factors about information security in North American businesses -- employee negligence, intentional or not, can be a leading contributor to data breaches and that businesses should equally consider the needs for cybersecurity and physical information security within their organization," says Ann Nickolas, senior vice president of Stericycle, the provider of Shred-it information security solutions. "Although cybersecurity is no doubt an important element of protection, businesses should look to strike a balance between investing in physical security and cybersecurity, as well as integrating better communication with employees on risk factors, to best arm themselves against potential breaches."
Among other findings are that there is confusion surrounding responsibility for handling of sensitive documents. 25 percent of technology managers believe that CISOs are most responsible for granting access to paper documents or electronic devices containing sensitive or confidential information, compared to only one percent of business managers. 22 percent of business managers believe no one function is most responsible, compared to 16 percent of technology managers.
It's also the case that 54 percent of managers say they have been targeted by a phishing email or social engineering scam at work, but only 39 percent have contacted their supervisor.
The full report with more findings is available from the Shred-it site.
Photo Credit: sukiyaki/Shutterstock