We’re now so accustomed to mobility and data sharing that we take the technology for granted. Need to send data to a supplier? Grab a USB. Got a client meeting tomorrow? Take the laptop home tonight to save time. Users don’t pay much attention to the risk involved. Unfortunately that lack of awareness has become a huge issue that could cost your company dearly.
The EY 19th Global Information Security Survey 2016–17 cites poor user awareness and careless behavior regarding mobile devices as sources of major risk for organizations. This is backed up by AlertSec’s latest survey that revealed a shocking lack of awareness when it comes to keeping laptops safe. Read more on this below. It’s not just your employees but also third party suppliers who may be leaving laptops unattended or storing your data on unencrypted USB drives. In the article below we suggest three people-focused steps to avoid careless behavior being the weak link in your security strategy.
In August’s newsletter we published a special edition on the EU General Data Protection Regulation (GDPR). We strongly advise that you start preparing for GDPR now.
Use the link below to download our new guide ‘Preparing for GDPR’, which provides an overview, recommended actions and further references. If you have any questions, contact our help desk.
AlertSec’s latest cyber security survey revealed that company laptops are regularly put at risk from careless employee behavior:
Leaving the laptop in the car
Declining security updates
Attaching login information to the device
Putting a laptop in checked luggage
New cyber security regulations in the US and EU are “expanding the perimeter of responsibility”, making your company responsible for the way third-party contractors protect data. Here are three steps to avoid their behavior being your weak link:
Assess: check the data protection measures your third party associates are using;
Train: ensure employees and third party suppliers know how to encrypt devices such as USB drives and phones, how to keep devices safe and what to do in the event of a potential issue such as a lost laptop;
Monitor: AlertSec’s Encryption for Third Parties service helps you check encryption deployment and software update compliance.
The UK’s Information Commissioner's Office has seen a 23% jump in data breaches reported by financial services businesses, according to London based law firm RPC. The biggest increase in reported data breaches has come from insurance companies. RPC said that hackers are paying more attention to smaller financial services firms that sit on huge quantities of sensitive data but are less likely to have robust data protection systems in place.