Your teammate needs a file. Why not just attach it to an email and send it?
Or maybe you need to check a patient’s record. Why not download it and open it up on your phone?
According to a new report by Netwrix, 2020 Cyber Threats Report, the pandemic has significantly changed the way we approach data security.
- 39 percent said they’ve tightened their data security during the pandemic, but 24 percent say their organization is at greater cybersecurity risk than before
- 63 percent have reported an increase in the frequency of cyberattacks
- 60 percent have found new security gaps as a result of the transition to work remotely
And the most troubling of all is that 85 percent of CISOs have sacrificed cybersecurity to enable employees to work remotely. And that’s only the respondents willing to admit that on record.
People have a lot on their minds these days. Few people set out to compromise data, yet it happens easily when the lines are blurred between office and personal devices.
Data misuse happens when there aren’t clearcut rules for handling data. When an employee moves an EHR or other confidential work files over to their personal smart devices, for example, it moves outside a secure environment. This allows data to be compromised, even unknowingly.
How do you prevent data misuse?
Implement identity management techniques
Every file or system you use that contains sensitive data should be secured with multi-factor authentication so that only trusted users can gain access. That includes verifying every user as they attempt to login. Management should consist of tracking all users and devices that gain access to company data, and keep varying levels of privilege based on a need-to-know basis.
Establish activity monitoring processes
The only way to detect misuse is if you see what’s happening with your data. Activity logs are a starting point to allow you to track every action made within your network. Upgrading and automating this will provide you with alerts when rules are broken, and security breaches happen. The faster you are notified of a problem, the quicker you can act.
Educate your employees
Every step of the process should be relayed to your employees. Keep them informed of rules and policies. Train them regularly on how to protect your data. It would help if you also kept them in the loop as breaches occur - it’s the best way to learn about data misuse and what people could do differently to protect sensitive information.
Create systems and processes around your data
This isn’t just about the internal structure of your data. It’s important to relay your procedures with your customers as well. Customers want to know how safe their information is with you. The more transparent you are, the better they will feel.
While we may not be sure how data will be handled in the coming years, we can learn from what we’ve been facing during a pandemic. This isn’t time to do “business as usual.” Instead, use this time to start building a structure that will protect your data, no matter how you develop your practice in the future.
It’ll make it that much easier as new rules and regulations are put into place.
For IT Strategy, Cloud Conversion, or Help Desk Services reach out to us at Silver Linings Technology 360-450-4759.
