As many as 43 percent of companies experienced a data breach in the past year – a 10 percent increase from last year, according to an annual study conducted by the Ponemon Institute. As companies scramble to keep their names out of the headlines by bolstering up security practices and protocols, it’s important to take a deeper look into the little things you can do to better manage privacy and security within your own company.
Here are a few things to keep in mind as you think about how to keep your company secure this year:
* Host a policy refresher. Employees can be your company’s greatest asset, as well as the weakest link when it comes to upholding standard security protocols. While it may seem obvious that an informed workforce is a more secure workforce, many employees aren’t always aware of the latest corporate procedures established to protect the organization. As the calendar turns, consider hosting a policy refresher course for all employees, regardless of level, to start the new year off strong. It will give you an opportunity to address any policy changes that may have been made in the past 12 months, speak to any industry-wide security changes and update the staff on the privacy and security tools at their disposal.
* Protect against visual hacking. While a lot of resources are spent protecting data from high-tech cyber criminals, many overlook other potential threats like visual hacking, a low-tech method that may be used to capture sensitive, confidential and private information for unauthorized use. If an employee is working on sensitive company or customer information outside of the office or in full-view of an office with employees who don’t have the same access, information is at risk of falling into the wrong hands.
In fact, the 3M Visual Hacking Experiment, conducted by Ponemon Institute on behalf of the 3M company, a leading manufacturer of privacy filters, found that in nearly nine out of 10 attempts, sensitive corporate information, such as employee access and login credentials, was able to be visually hacked. In addition to providing employees with the right tools, like privacy filters, it’s important to educate them on the potential risks of a visual breach and incorporate the need to protect visual privacy in corporate security policies.
* Rethink the open floor plan. As a means to increase productivity, many organizations are creating open workspaces, allowing employees to work within a more free-flowing setting. While it may work for some, an open floor plan comes with its own set of privacy and security drawbacks. By taking employees outside of the confines of their office walls, it becomes all too easy for vendors, third-party workers or even malicious, opportunistic employees to see confidential information from a device screen or hard-copy file. This office configuration can needlessly put your employees and data at risk.
If you have, or are moving to, an open floor plan, it is critical to assess how the set up will affect your company’s security procedures and make sure that privacy protocols are updated to reflect what information can be worked on where and when to better secure corporate information.
* Prevent social engineering. Employees may succumb to a social engineering attack because they were simply trying to be helpful and nice. However, that same employee can be the “in” a hacker needs to launch a more widespread attack on the company’s system.
Before this happens within your organization, take the necessary steps to teach employees about the impact of social engineering and how they can be part of the solution to prevent it. Show them examples of what a typical phishing email looks like, make participating in social engineering trainings mandatory so that someone doesn’t accidentally give away corporate information over the phone, and incorporate best practices for how to deal with a social engineering attempt in official corporate policies. The more your employees know about potential risks, the better equipped they will be to protect themselves – and the company.
For more information on 3M privacy products and how to protect your organization from visual hackers, visit www.3Mscreens.com/visualhacking.
Containing a potpourri of subject matter, included in this Guest Column section are articles about sales & marketing, in depth industry-specific news, legal issues, travel articles and much more. To see everything in this category, click here. If you have something you’d like to contribute, email firstname.lastname@example.org We’d love to include you!