The increase in data breaches seen in 2017 will likely continue in 2018. These breaches have obvious consequence for the individuals or entities whose confidentiality was compromised, but they also have legal (and other) repercussions for the organizations that caused—or did not prevent—the breach.
Here are five common security mistakes that could lead to data breaches:
1. Accessing Critical Information Remotely
As we become increasingly mobile, it is less and less feasible to access data held by your organization from a single location, or in a single way. However, it is essential that you understand what information could leave you vulnerable if removed from your organization’s secure network. Portable devices can be lost, and connecting to wireless networks outside of your secure organization’s network can leave information open to theft or compromise.
2. Using Personal Devices on Organization Networks
This security mistake is the flip side of mistake #1. Connecting your personal device to your organization’s network and transferring data could compromise data held on the network and corrupt data on the personal device.
3. Holding On To Old Hard Drives
It might seem harmless to keep old hard drives around, especially if you’ve deleted sensitive information, but someone with the right skill can still find and extract that information, causing a major security problem. Hard drives should be destroyed according to current industry standards as soon as they have outlived their usefulness.
4. Leaving Confidential Information Open
It’s easy to forget to log out of secure networks, especially if you’re only going to be away from your computer for a few minutes. But staying logged in provides anyone with malicious intent the opportunity to compromise sensitive data. As distrustful of other employees as this may seem, a significant number of data breaches arise from within the workplace and can be prevented from always consistently following this simple tip.
5. Poor Password Hygiene
While it’s simpler to make your password easy to remember, like “12345”, “password,” or “admin,” doing so is a recipe for data security disaster (as Equifax found out with the use of “admin.”) Passwords should be “strong” (e.g. at least 12 characters, including numbers, symbols, capital and lower case letters). Work passwords should be completely different from those used use on personal accounts, to further reduce the possibility of someone unauthorized accessing sensitive data.
To avoid lawsuits as well as the loss of consumer and market confidence, it makes good sense to secure your data by using these simple guidelines.