When it comes to a business’ data security strategy, it’s still a huge challenge to protect workers from their own carelessness, poor decision-making, and (occasionally) even their maliciousness, while also staying out of a worker’s way and avoiding data security becoming a cumbersome burden that harms productivity and leaves them irritated. This balance is no easy task, but it’s a critical one for most companies that can’t afford to sacrifice too much worker flexibility for obtrusive security protocols, or vice versa. The goal, then, really becomes having employees be functionally unaware of the security apparatus at work, and at the same time completely (or, more accurately, more-completely) secure.
The data security threats presented by normal human behavior are more varied than one might initially think, and even the best of intentions can precipitate a costly data breach. Companies suffering these data breaches are then not only exposed to legal repercussions for failing to secure data they are often obligated to protect, but they also must endure damage to their reputation and the stigma of failing to safeguard their customers’ privacy (we’ve probably all gotten at least one mass email from an apologetic CEO explaining how our personal data got out). And, while cyberattacks involving hackers pilfering data over networks make the headlines more often, data breaches caused by the loss or theft of personal devices (those in the care and responsibility of individual workers) represent the lion’s share of data incidents across many industries. A case in point: the 2014 Healthcare Breach Report by Bitglass found that 68 percent of all healthcare data breaches were due to device loss or theft, with less than a quarter being the result of hacking.
Please log in or register below to read the full article.