By Charles Leaver

Data leak prevention: Keeping an eye on employee activity

Although many enterprise administrators may believe that the majority of all data leakage events come as a result of the malicious activity of hackers, a Forrester Research report found that many are in fact due to employee practices. In this way, decision makers should ensure that workers are aware of and adhere to security policies to prevent data loss. Additionally, supervisors can keep an eye out for several common employee mistakes that could lead to important information being lost.

PCWorld reported that a Forrester survey of more than 7,000 IT executives and employees found that the highest percentage of data leakage occurs because of loss, theft or inadvertent worker misuse. Only 25 percent of cases came due to external attack, and respondents stated that only 12 percent were because of the actions of a malicious insider.

“Whether their actions are intentional or unintentional, insiders cause their fair share of breaches,” the report stated. “It’s not simply just a matter of having the appropriate tools and controls in place. It’s worth noting that only 56 percent of information workers in North American and Europe say that they are aware of their organization’s current security policies.”

In addition to spreading awareness of company data safety practices, higher ups should also look out for other risky employee activities that can cause data leakage. Cisco noted that many workers utilize applications that have not been authorized by their employers, which IT professionals said caused 70 percent of data loss events.

Furthermore, workers misusing company computers and other business-owned devices can also cause information loss. Cisco found that 44 percent of individuals share work hardware with others without the proper permission or supervision. When unauthorized persons are allowed to access corporate resources, it can boost the chances of data loss.

Cisco also stated that 18 percent of employees share passwords with co-workers, which can create significant problems from endpoint data protection. Administrators should make sure that workers are utilizing company resources appropriately to prevent data leakage.

Get the General Here