Case Studies

Privacy breaches

by msecadm4921

Managers face challenges in attempting to reduce exposure to the risk of serious data privacy breaches. The online survey of UK office workers, conducted independently by YouGov as the EU revealed its new framework for data protection, has highlighted patterns of behaviour that have developed in the workplace and are placing business at high risk of fines and reputational damage, it is claimed.

 

 

The online research reveals frequent risk of inadvertent data loss; 46 per cent of respondents have received an email that was not intended for them, 35pc know they have mis-sent work emails. The way in which recipients handle messages they receive in error varies, but with 66% of office workers who have received a work email that was not intended for them saying they would read the email as part of their response, the risk of further disclosure is high especially as only 55pc would directly notify the sender. 

 

Some 17pc of respondents say that they have sent an email containing sensitive information without additional security measures such as password protection or encryption in place. These people are aware of the sensitive nature of the data but do not use appropriate tools to protect it. This may be less of a surprise considering only 41pc of respondents say they have had training in both data and privacy protection.

 

Managers working to educate their teams and impose control on sensitive data are fighting against a changing communication landscape; 28pc of workers have sent work data via a personal email account either because of restrictions on sending large files or the unavailability of work email systems. These actions are potentially risky as only the most advanced security and message archiving systems can monitor, control and record these transfers. Coupled with the fact that 11pc share information by file transfer services, 10pc over IM and 7pc on collaboration tools, the challenge for managers of developing comprehensive data privacy policies and deploying the right technology to enforce them becomes clear.

 

Businesses have a challenge ahead in both making employees aware of privacy and data protection as the rules are tightened; 76pc of respondents are not aware that privacy and data protection laws are about to change in the UK as a result of EU regulations changing, so the education and policy enforcement responsibilities for businesses are set to rise.

 

“Organisations today face a complex and evolving set of data protection and privacy considerations,” says Paul Hennin, Director, EMEA Marketing. “Managers need to ensure that compliant collaboration is possible. Workers should be enabled to work flexibly, for example by supporting consumer devices like iPads on corporate networks and opening multiple channels of communication including email, collaboration tools and social media. At the same time they need to actively and automatically protect workers from human error, prevent malicious acts and ensure compliance with the evolving regulatory landscape.”

Related News

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing