The Verizon Data Breach Report determined there were 2,013 confirmed data breaches in the United States last year. A total of 43% of those involved were small business victims. So what are the top causes of data breaches? More often than not, a breach can be traced back to something that happened internally in your organization. Whether it is an employee falling for a phishing scam or a stolen laptop, internal mistakes can lead to disaster. That’s why it’s important to educate yourself and your employees on these common human causes of a data breach.
Using a weak password is a common bad habit. Passwords that contain actual words and personally significant numbers, like birthdates, are easy for hackers to guess. You should use unique passwords for every account and store your passwords safely. Writing your passwords down and leaving them out makes it easier for someone with ill intentions to gain access to sensitive information. Password reuse also works to cybercriminals advantage. Once they guess your password on one account, they can access all of your accounts. Create strong, custom passwords for each of your accounts, and keep them in a password protector to ensure their safety.
Sending sensitive info to the wrong contact
In 2018, 37% of breaches were due to misdelivery. This means that sensitive information was sent to the wrong contact most likely because of a simple human mistake. It’s important to double-check your contacts before sending emails that contain any type of sensitive data. You should be wary of sending account login credentials via email as well.
Sharing account info with coworkers
It may be easier to hand out company account credentials to all of your employees, but you shouldn’t give them out so easily. When privileges go unmanaged and unprotected, your business is exposed to unnecessary risk. You should be sure only authorized personnel have access to certain company accounts and make sure they aren’t sharing login information with others.
Falling for phishing scams
According to the Verizon report, 32% of the breaches last year involved phishing. Phishing is one of the most common tactics cybercriminals use to gain trust. It’s easy for your employees to be fooled into clicking on a malicious link, especially if they’re uneducated on what to look for. It’s important to train your employees on how to identify a potentially malicious email, and even more important to continuously educate them in the future.
Unfortunately, misuse by employees can happen. Whether it’s a disgruntled employee, an insider acting on behalf of an outside agent, or an employee trying to take advantage for their own personal gain, insider misuse is prevalent. Make sure only trusted employees have access to certain accounts and passwords and that they do not share them with unauthorized employees.
Loss/Theft Unencrypted devices
Leaving devices laying around is risky. Smaller items like cellphones and tablets are especially easy for people to snag when walking by. It’s important to lock these devices away or take them with you rather than leaving them out in the open. Losing a device is a careless mistake that happens from time to time. Keeping your devices locked down can help prevent sensitive info from getting into the wrong hands.
The most important step to avoiding the human causes of a data breach is educating and training your employees. Ensuring your employees know the proper protocols will help keep your information, their information, and your business’ information secured.