The Human Factor in Data Protection

By: Absolute Team | 4/27/2012

Our own study has previously revealed that employees undermine laptop encryption policies, by turning it off or using insecure passwords, so it comes as no surprise to us anytime we see additional statistics about the role employees play in data protection. Either through ignorance, mistakes or neglect, employees are often the cause of lost or stolen data.

As Trend Micro recently noted, "humanity is the weakest link" in business security. Trend Micro recently released a research report with the Ponemon Institute about The Human Factor in Data Protection. The study, of 709 IT practitioners, revealed that 81% of organizations have experienced a data breach as a result of negligent or malicious employees or other insiders. The top 3 data breach causes listed were:

  1. 35% - Loss of laptops / mobile devices
  2. 32% - Third-party mishaps
  3. 29% - System glitches

The most common behaviours by employees that lead to data loss are:

  • Not changing passwords frequently enough
  • Reusing the same passwords / user names
  • Leaving a computer unattended
  • Using insecure wireless networks
  • Failing to delete confidential information
  • Password sharing
  • Carrying sensitive information on laptops when traveling

According to the study, employees either very frequently (23%) or frequently (46%) carry sensitive data on their laptops, smartphones, tablets or other mobile devices. If that device goes missing, most employees will not report it to the organization; only 19% of employees are self-reporting data breaches.

While it's obvious that employees do play a role in the loss of data, companies are also negligent in preventing such data loss. According to the report, 65% of respondents believe their organization's sensitive / confidential business information is not protected (by encryption or other technologies). Small businesses, in particular, did not feel confident that data protection technologies were in place.

Absolute Software would love to help better protect your data - our products can help protect your data without hindering employee productivity or otherwise requiring employee action. Learn more here.

Financial Services