There are still various reports in the media describing that thousands of customer data simply end up on the street. This concerns privacy-sensitive data about, for example, your visit to a hospital or information about a concluded life insurance policy that could fall into the hands of an unknown person. The GDPR legislation does exist, but not all companies succeed in preventing a data leak. What can you do yourself?
1. Look where people work
Data leaks are mainly caused by, usually unconscious, human errors. For example, take a look at your workplace and analyze what you see. Despite all AVG guidelines, it is not inconceivable that sensitive information is on desks and printers. Who can join if you leave the house after working hours?
2. Share knowledge among themselves
You are not there with all kinds of rules and guidelines. By sharing knowledge, you constantly bring the subject of digital security to the attention. This is becoming increasingly necessary, because the more devices people use, the more data, the more chances that data can be leaked. For example, what happens to customer data if your smartphone is suddenly stolen? Share knowledge and start sharing this blog.
3. Avoid duplicates via e-mail, for example
Literally storing a signed contract on paper in a safe is perhaps the safest thing to do. Scanning and digitizing this contract ensures that the contract ends up in all kinds of different places. That is why it is good to consider whether e-mailing is always necessary. It is better to give colleagues access to documents via a secure Cloud environment than to make duplicates in all kinds of different places.
4. Have a clear authorization policy
A data breach occurs because people can access data that is not intended for their eyes. That is why it is good to determine who should and who should not have access to certain documents. By investigating this, it may just happen that 'an old employee' can still access files. Of course, a good authorization policy also includes strong passwords, MFA (Multi Factor Authentication) and possible login via biometric features.
5. Beware of Unauthorized 'Social' Behavior
Where is the boundary between transparency and the distribution of company or customer-sensitive information? The world is becoming increasingly transparent, but without approval, customers will not always like it when they suddenly see their photo on LinkedIn that has been posted by you or your colleague. What matters most is that you make social media behavior open to discussion internally and that you record it in desired guidelines that are appropriate and ethical for your customers.
6. Get attention in the boardroom
Raising awareness of digital security among colleagues is not possible without being an example. It will not be the case that every director, owner or CEO understands the matter surrounding IT security, but attention from the boardroom will in any case prevent the risk of a data breach. Unfortunately, we live in a complex digital age where, for example, a hacker can take over the e-mail functionality of a CEO, with all the attendant consequences.
These were just six practical examples of how to prevent a data breach and they mainly have to do with human behavior. Of course, there is also a technical side to preventing a data breach by, for example, better separating private and business use. We are happy to help with that. Do you want to know how? Then take Contact us. We will talk about backup in the next blog. Because what measures should you take if you suddenly lose data?