When he finds an employee – accidentally – revealed data includes the salaries of his colleagues, the monopoly of force rolling stock: “the data helps the water”, in the latest survey conducted by Kaspersky, I think nearly four of every ten employees (37%) access by mistake or coincidence to the confidential information with their colleagues; such as salaries and bonuses.
And payroll details one example of sensitive personal data located on corporate servers today, which, if leaked in public places as a result of the lack of security and not taking access rights into account, can undermine the spirit of the team, and serious consequences such as cyber attacks, potential fines and regulatory non-compliance to protect data, and even lawsuits from affected staff.
One of the factors that may lead to unauthorized access to files by unauthorized people, and that less than half of staff members only (43%) periodically checked the access rights for the shared documents or coordination services that they use, and modify. It is important when leaving an employee of the company or moves to another department, to immediately extinguishing his rights in the access to shared files. Otherwise, it would be risky for the company and its workers.
This is part of the larger problem called “Digital Anarchy”, which represents the uncontrolled spread and share work files and documents saved without taking the necessary precautions. The lack of policies and procedures to implement the digital system to blurring the boundaries of responsibilities and limits of widespread indifference among staff in relation to the freedom of documents, whether inside or outside the company. According to the report, fewer than one-third of staff members only (29%) know exactly what is stored in each level or shared services work coordination that they can access.
And to the challenge of “Digital Anarchy” as one of the factors of concern, especially among small and medium enterprises that give priority to the growth of the business with leaving the issues of security and management of Information Technology in the hands of the staff is not competent, or outsourcing, in the best case, the outsourcing service providers of Information Technology.
Related topics what you read now:
He said (Dmitry men) – Vice President, Product Marketing, Kaspersky: the work in the office environments on the vehicle means, in most cases, dealing with sensitive and personal data, saying that companies should begin to “pay attention to objectivity and protection and security policies, in order to protect themselves from security risks. He added: “Should the staff, ordinary or specialists in Information Technology, knowing how to use your services to share files and coordinating Collaborative, a sign of how to encrypt important documents and emails, dodgy, and then in the market solutions and services that can help it.”
Companies should, in this context, assuming staff training is particularly important, with a war to remind them regularly to the rules of e-Security core and, in this framework, the platform provides Kaspersky Automated Security Awareness Platform of education, electronic security in the form of lessons attractive short based on true events staff training on practical skills that apply to everyday business tasks.
In the same vein, the solution Kaspersky Endpoint Security Cloud to improve the level of protection of corporate data at all the terminal points. The house includes the protection of files and e-mail and the web, in order to not let malicious software to penetrate the terminal points and content networks, whether through a phishing email or through the web site is not secure. It can encrypt all the employees ‘ devices remotely using special management to consult, means to retain information on the device safe even in the event the device is lost or stolen.
It is also recommended the adoption of appropriate protection for corporate email that uses Exchange Online within the application package of Office 365 from Microsoft. And solution Kaspersky Security for Microsoft Office 365 staff from the junk mail “spam” mail and the design and attachments of malicious ad hoc to steal credentials or planting malware in the enterprise network.