Spilling the Tea on Accidental Data Exposure
To err is human — and, unfortunately, we are awfully good at it.
A new study from Verizon finds that three-quarters of all data exposures are the result of human error. In one recent example, a Microsoft employee accidentally leaked 38 terabytes of internal data, which included the backups of Microsoft employee workstations and their credentials. The accidental exposure of sensitive or confidential information is commonly known as data spillage or data leakage. It can happen in a variety of ways, from emailing sensitive information to the wrong recipient to misconfiguring a cloud storage bucket. Such events are distinct from data breaches that involve malicious intent.
While IT organizations implement various security measures to keep criminals from gaining unauthorized access to confidential data, everyone in the company has a role in preventing accidental leaks. Here are some of the ways you can reduce the risk of data spillage in your organization:
Passwords: Use strong, unique passwords for your accounts, update them regularly, and don’t share them.
Email: When sending emails, double-check that your recipient list is accurate. Also, be wary of unexpected emails requesting sensitive information. Always verify authenticity before clicking on links or downloading attachments.
Physical security: Do not leave work devices unattended. Log out when stepping away to prevent unauthorized access.
Patch and update: Apply security patches and regularly update the operating system and software for desktops, laptops, smart devices, and other endpoints.
Mobile devices: Use strong passwords or biometric authentication to secure your laptops and mobile devices. If a device is lost or stolen, report it to your IT department immediately.
Social media awareness: Be cautious about sharing personal or work-related information on social media. Keep in mind that details shared online are often used for social engineering attacks.