Employee Activity Presents Risks to Data Security

When considering potential threats to a company's data security, many businesses focus on shoring up network defenses to keep cybercriminals at bay. What they may want to consider is the threat posed by the enemy within. While IT teams are focused on keeping hackers out of critical networks, careless employees may be leaving the door wide open, allowing easy access to company data.

Employee activity can present a major risk to the sanctity of company data. A survey of IT professionals conducted by the Ponemon Institute found that 78 percent of respondents had experienced data breaches resulting from either employee negligence or malicious activity.

Risky behavior creates risk
Exacerbating this problem is the widespread use of personal devices to access sensitive documents as well as employees engaging in personal pursuits on company terminals. Workplace Savings and Benefits reported that a recent study determined that 32 percent of employees use social media tools on company computers during business hours. In addition, 12 percent of those surveyed said they had taken home company-owned files on removable media or sent them to a private email account.

One of the most basic ways to secure data is to contain it, but these trends suggest that employees are spreading sensitive company information and creating new access points for cybercriminals.

"The fact that the highest scores for admitted undesirable activity are in the printing of personal files and the use of social media may seem relatively harmless, but it does illustrate that breaking the rules is seen as relatively acceptable, while the security implications of those breaches may not even have been taken into consideration," the report stated.

New applications could present new challenges
TechTarget reported that IT teams may be faced with even larger challenges securing data moving forward as Facebook prepares to roll out its Facebook Home feature for Android devices. The application integrates features of the popular social media site into a smartphone's OS. Facebook Home would give the company untold access to information contained on a user's device that can be leveraged by digital advertisers and marketers. Regardless of the company's intentions, increasing access to data files places that information in greater danger of being obtained by cybercriminals.

In light of these changes on the horizon, businesses need to refocus their data security solutions. Encryption measures should be utilized at every level and environment in the organization (physical, virtual, cloud and mobile)  to prevent cyberthieves from accessing sensitive information. In addition, IT teams should instate security protocols regulating what devices company information can be accessed with and where it can be stored.