Data security and how HR can help strengthen it

Digital transformations have taken the entire world by a storm and have swept away traditional norms and hidden them under the rug. This also includes data security. Because almost all electronic devices in the office are interconnected seamlessly over an Ethernet or wireless connection, it makes sense for data to easily fall into the hands of a third-party which could compromise your client’s credentials.

The biggest issue with data security isn’t the lack of protection against viruses and other digital attacks, the underlying problem is the human error. We’re all prone to making errors, becoming lackadaisical by clicking on error prone links or downloading malicious files which can all inadvertently lead a crippling malware code directly into our computers.

The weakest link in data security is your own employees. This means that it falls on HR to prioritize employee-driven security mistakes, including;

• casually sharing information to the wrong party
• inability to properly dispose of the company’s information
• lost or stolen mobile devices such as laptops and tablets.

An alarming fact which should raise concerns to all HR departments worldwide is how dependent an average company has become on the use of Software as a Service (SaaS) applications, in essence making use of over 20 different software such as Dropbox, Skype, Gmail and a host of similar cloudbased solutions.

And guess what – they all seem to use the same overlapping passwords which can be best described as ‘weak’.

To prove to HR personnel that we’re not just scaremongering them into action here is a report by Verizon 2016 Data Breach Investigations which found that over 63% of data breaches take place because of passwords which are easy to guess, and are used elsewhere in the company’s systems. This large statistical blight should serve to hit home with most HR managers and employers alike.

Taking the necessary steps

Cyber attacks continue to evolve, and have become more potent and lethal versions of themselves. Criminals and ethical hackers are on a relentless journey to find loopholes and cracks in the systems, which may or may not exist. What this means is that the security of confidential data is an ongoing journey.

Part of this journey requires the active involvement of both the IT department and HR department in making employees realize the importance of their own critical roles in keeping data safe. They must be educated about leakage of sensitive data and must be given the lowdown on how to prevent it. They need to be made aware of security protocols in the company, how to make use of strong passwords and how to handle misplaced or stolen devices which might contain sensitive information about the company.

Importance of following security protocols

According to a study by LawInsider, a large percentage of the workforce reported that if they could, they would find ways to maneuver around restrictive secure controls just so they could perform their jobs more efficiently. This shows the office staff generally does not understand the tradeoff between security and efficiency.

Properly communicating the gravity of the situation is the key here. It falls on the HR personnel to bring to light the importance of security issues at the work place before a ransomware attack does!