Businesses face security threats from almost all angles these days, with some high profile hacks costing companies like Target and LinkedIn millions of dollars. That’s more or less the risk we’re all dealing with when handling sensitive data, whether stored in outdated filing systems or unsecured cloud storage. There are all too many points of vulnerability for businesses, but you might be shocked to hear your greatest threat may come from within.
It’s surprising to hear, but often your employees may be the biggest threat to security breaches within your office. It is one thing to plan for a hack or cyber attack, but the vast majority of data loss comes from an internal breach. Disgruntled workers or former employees who still have access to networks, devices, files, or buildings can be an extremely important consideration when evaluating your security risks. It’s also worthwhile to pro-actively establish, monitor and enforce security protocols and to limit internal access to sensitive content. By limiting your exposure, you add an extra layer of protection to your data that will surely serve you well.
Here are 2 critical ways you can improve your internal security.
Think Security Over Convenience
While most employees (and hiring managers too) find value in the convenience of being able to access personal email on their work computer or mobile phone, it does come with certain risks. Hackers can more easily phish passwords or send viruses through personal email accounts with less built in security than the standard corporate account. They can cause real damage very quickly once they have access. Considering how risky using personal email on work devices can be, it’s a surprise that more companies don’t have policies against personal email.
According to a Computer Economics survey of IT organizations, only 17% of respondents say they block or monitor use of personal webmail within the corporate network. 7% of respondents said they had a policy against such use but do not actively block or monitor those actions. And the vast majority of respondents said they had no policy against this practice whatsoever.
Given that the practice is so widespread, it may only be a concern to victims of hacks or to IT professionals, but as more companies and corporate users become aware of the risks these trends are likely to shift. The key is to educating your team about the risks of accessing personal email accounts while on the corporate network. This will help spread the awareness of how they may be putting the security of the company at risk, and what alternatives are available to them as users.
Prevent Unauthorized Use
Personal email is probably the most commonly used yet unauthorized application on corporate devices. This is a real problem because hackers know that such accounts are unmonitored and vulnerable, providing easy access to a corporate network. As explained above, personal emails are easy access points for phishing and malware attacks, providing near direct access to corporate machines.
According to CISCO, 78% of employees accessed personal email from business computers. 63% of employees admit to using work computers for personal use every day, while 83% admit to doing so at least sometimes. 70% of IT professionals believe that it is this use of unauthorized programs that results in as much as half of the data loss incidents experienced by their companies. Personal email provides a very convenient entry point for unauthorized use. It can quickly lead to data loss, leaked industry secrets, and even private information of employees and customers.
For more tips on how to protect your data from theft or loss, connect with the Happy Faces Records Management team today.
Frequently Asked Questions
What is a records center, and why would I use one?
A commercial records center is a professional firm that specializes in the storage and security, management of and access to records/data. This is accomplished utilizing the latest technologies and proven records management practices.
Records management companies provide:
- Efficiency in terms of maximum use of space
- Detailed tracking and accurate information of every item stored
- Expedited retrieval and return, often faster than office staff can locate files themselves
- Confidentiality and protection against inappropriate access
- Compliance with numerous government regulations
- Documented process for destruction of records once they exceed mandated retention periods
- Cost based on actual usage is far less than utilizing self-storage facilities or expensive office space
What are retention policies, and how are they applied?
Retention policies are documented sets of rules for how long each record type must be retained before being eligible for destruction. Every industry has a different set of record types. HF Services maintains a default set of policies that will meet minimum requirements for state and federal regulations. In some cases, however, companies, management structure, or even insurance companies may require a more stringent set of retention policies. We rely on the customer to inform us of any retention policy that should be applied over and above our default.
Do you automatically destroy items once retention is met?
Once an item is scheduled for destruction based on its retention policy, we generate a report and present it to your records manager. Nothing is destroyed until a signed authorization is received by our office.
What do I need to do in order to prepare items for storage with HF Services?
It is quite simple. As a full service records center, the only thing you NEED to do is call our office, and alert us to the type and approximate quantity of files for storage. HF Services will arrive with the appropriate number of boxes at a time that is most convenient to your operation. IF this means arriving after normal business hours, then we will do so without a surcharge to you.
We will pull, box and categorize all items scheduled for transfer. Once back at our facility, each box/item will undergo our speedy intake process where we capture relevant data to properly index and account for attributes such as general description, destroy date, security levels, etc. Once this has been completed, the items are placed in their storage area until retrieval or destruction.
What is the cost for storage, and does the size of the box make a difference?
Box size will determine the total number of cubic footage you will require. Other factors such as boxes being over packed (such that the tops do not fit) can factor into the overall cost of storage. Costs are calculated based on a number of factors, including type of storage required, estimated activity and volume. In all cases, storage is based on how many cubic feet in terms of boxes, or linear feet in terms of open files, you store. Please call our management team at 770-414-9931 or via email at firstname.lastname@example.org to talk through our pricing options.