At Absolute, we talk a lot about building a holistic approach to data security, one which includes people, processes and layered technologies. The Verizon 2015 Data Breach Investigations Report (DBIR) indicated that 90% of security incidents could still be tied back to “people,” which shows that focusing on employee training and awareness can go a long way to reducing security incidents and subsequent data breaches in all their forms (whether from lost devices or cyber attack).
Chris Mohan recently wrote an article on the challenges of Security Awareness Training. In his article, he talks about the difficulty of moving employees from being an “attack vector” to being an “attack alerter,” which indeed is a worthy goal. Chris outlined many challenges, including:
Chris talked about some resources to help build a security awareness program, including the resources at Securing the Human, which are distributed under Creative Commons. The resources at Securing the Human include industry specific ideas as well as packages on specific threats such as phishing. These are great resources you can take and customize for specific user groups within your organization.
We share some of our thoughts on employees and data security in Defending Corporate Data in Spite of Employees as well as our whitepaper, ‘The Enemy Within - Insiders are still the weakest link in your data security chain.’
Absolute Software can help you gain visibility into each area of data protection - authentication, authorization, audit and administration - and can help you ensure that governance, risk management and compliance measures are in place. The unique persistence technology offers an important layer to any data security strategy and helps mitigate the risk of human error, rogue employees, and cybercrime. Absolute Software can help organizations plug the security holes created by mobility and human error. Learn more at Absolute.com