The risk of data leakage to companies is immense and covers all types of industries. Last year, the Identity Theft Resource Center documented 447 breaches in the U.S. that exposed 17.3 million records, and there have been 255 breaches in the first six months of this year that have exposed 6.2 million records. Globally, the cost of a data breach averages $136 per compromised record, according to the Ponemon Institute and Symantec. When employees fail to observe correct security protocols, even down to the basics like login and logout procedures, it can cause serious damage to any business.
The State of Login & Logout
Using a login and password to protect important data is one of the oldest security measures in the book. You may be surprised to learn, however, that one in three employees doesn’t bother to log off his or her work computer when leaving for lunch or the day, Cisco found. This means one out of three employees leaves company data unguarded on a daily basis.
To make matters worse, one in five employees writes down important login information and stores it on his computer or in obvious locations like a desk or pasted to the computer. Many employees are often guilty of leaving company laptops out in the open and logged in, too. This allows would-be thieves access to important data at their convenience. They can steal the laptop now and take it home to examine later.
U.S. Isn’t Alone
Employers are often surprised that employees fail to observe such a simple security measure, but studies indicates that this problem persists across the world. Cisco obtained its data by surveying IT professionals in a range of industries from 10 different countries.
While 18 percent of employees chose to share important login information with co-workers in the U.S., 25 percent chose to do so in places like Italy, China and India. U.S. employers are not alone in their need for establishing better security guidelines for employees.
Data security must be instilled into employees at the most basic level. Behaviors such as failing to guard login and logout information and failure to perform basic login and logout security protocols are part of a much bigger problem. Negligence is responsible for 39 percent of data breaches, LifeLock reports, and employees do not fully grasp the severity of the situation.
Cisco recommends a comprehensive solution that tracks your company data and involves extensive and ongoing training. Your employees must understand and be reminded regularly of how important company data is. They need to be trained, from the lowest-level employee to the highest, to guard that data as part of their job.
When data breaches do happen, as an employer you need to know immediately. Employees should be made to feel comfortable reporting suspicious activity. They should also be comfortable reporting security issues even if the breach was caused by something they did. This will ensure you know immediately and will help you mitigate the damage.
An Ongoing Process
Understanding the facts of the situation is only the first step. As an employer, you must work continuously to create a security-conscious work environment. Ongoing effort is a must to prevent the threat of data breaches.