How to educate users to avoid putting sensitive data at risk

Image of grey background with illustrated storm cloud and umbrella

Even if it might sound like it, it’s actually not exaggerated to say that Big Data is one of the biggest drivers of change across the world. More specifically—in the world of business, enterprise and commerce—the collection, analysis and use of data in almost every industry is leading to huge changes.

For businesses of every size, number crunching and advanced algorithms are one of the first go-to measures being used to improve how everything is done – from managing relationships with customers to the way corporate decisions are made.

Throw that in to the field of artificial intelligence and machine learning (these are fueled by Big Data) and the value of such a vast landscape of information becomes clear.

Therefore, data is now an important business asset. It allows us to recognize customer trends as well as learn insights into ways of being more efficient.

Yet, with that comes a warning: wherever there are assets, liabilities are likely nearby. Such is the case with the data that businesses are hoovering up, because a substantial amount of it is sensitive.

Assets and Liabilities

Sensitive data is wide ranging, and can include a number of personal details. Individual’s ethnic or racial origins, political opinion, religion, mental health details, physical health, criminal record, sexual orientation, gender etc. But it can also include confidential corporate information that, if leaked, could seriously compromise your operations.

It might depend on your industry, the size of your company, and the nature of the information leaked, but a breach could potentially:

  • Result in an admission of guilt and a public apology
  • Severely damage your reputation
  • Cost you financially
  • Compromise you legally
  • Actually put you out of business

When we think of data breaches or leaks, we tend to imagine external factors that pose a threat: cyber-criminal gangs or state sponsored groups, even business competitors. However, a study by Intel Security has found that 43 percent of data breaches come from an internal source. And on top of that, about half of these breaches happen accidentally. Educate and inform employees on how to protect sensitive content.

Protect Your Users by Keeping Them Informed

With many serious potential consequences and a large percentage of leaks coming from accidents, employee education is of major importance when it comes to sensitive data.

Below, we’ll look at some of the most common employee habits that frequently put sensitive SharePoint data most at risk, along with a few pointers to empower them to do the right thing.

  1. Emailing confidential documents from the workplace, to a home computer or mobile device using a web-based email account

    It’s not a case of a web-based email being an open door for hackers, necessarily. It’s more the idea that sending important files outside the security wall of your company’s IT system leaves them more open to a breach. What’s more, personal email inboxes are often easier to infiltrate, whether it be weaker passwords or a less secure connection at home.

    Sending confidential documents to personal emails can put your data at risk

    Empower your employees:

    Mobile working should be embraced as a flexible means of productivity. Decide on a company-issued device that can be controlled by the IT department/SharePoint admins. Alternatively, opt for a secure app on an MDM-enabled device (Mobile Device Management) that also remains within the corporate IT environment.

  2. Retaining confidential documents or files that are no longer required

    This is another simple oversight. How often have you meant to clear out old files and folders from previous campaigns or projects that are now completed? Often these files get left behind and can pile up—they eat up space, get mistaken for current files and, importantly, contain sensitive information that shouldn’t be left lying around.

    Empower your employees:

    Employ a best practice routine of archiving efficiently or deleting files that are no longer needed.

  3. Moving large files containing confidential business information to a web-based file sharing application

    Certain files and documents cannot, for legal and compliance reasons, be taken off-premises, and doing so can put your organization in real trouble through fines and reputation damage. That’s why uploading confidential information to a web-based file-sharing application is risky, in that you give up 100 percent control over that data.

    Empower your employees:

    Make sure everyone knows what data can and cannot be moved off-premises. Regular training and reminders over sensitive data best practice is important here. Third party tools with strong end-to-end encryption can also be useful.

  4. Sharing files and documents not intended for them

    A good, consistent practice of proper labelling of content and files stored in the right places will hopefully help with accidental sharing of data that’s in the wrong hands. But for more important pieces of information, correct storage and SharePoint permissions should be employed by your IT department.

  5. Forwarding confidential files or documents to colleagues not authorized to receive them

    Another reason why accidental data leaks can happen is through individuals sending files to colleagues who they may assume have authorization to view the data, when in fact they don’t.

    Empower your employees:

    Trying to cover which individual has access to which piece of data, and who doesn’t, even in the smallest of organizations just wouldn’t make any practical sense. Organizing your data in a precise way with good labelling and assigning specialized persons to particular folders might be a better way forward.

    Also, education on what is and what is not sensitive data is important.

You can’t put a price on reputation!

Like many subjects that we cover in this blog—when it comes down to it, good, consistent business practices and processes are the best way to avoid accidents and other problems.

By putting an emphasis on educating your employees, both junior and senior, you can significantly reduce the chances of potential data breaches, saving your company face, legal fees and reputation.

What did you think of this article?

Recommended by our team

Getting started is easy

Try ShareGate free for 15 days. No credit card required.

Gif Transparent

On-demand webinar Harmonize your SharePoint sites with Teams