Whether it’s clicking a link in a phishing email or sending sensitive data to the wrong person, it’s often a simple error that could leave your business dealing with financial losses and reputational damage due to a major data breach or cyber attack.

In this article, we’ll look at five small habits that can have a big impact on your data security, including:

• Using weak passwords
• Oversharing on email and IM tools
• Ignoring software updates
• Storing data anywhere
• Falling for phishing

Using Weak Passwords

A habit that we might all be guilty of. Using weak passwords or reusing the same passwords across multiple accounts allows attackers to exploit one breach across a number of different systems.

Brute-force and credential-stuffing attacks are successful largely because of weak passwords. 

The solution: Use unique passwords for each account, combined with multi-factor authentication (MFA) where possible. A password manager can help you keep track of different passwords and even obscure passwords from employees so they can have access to accounts without being able to view the password itself.

Oversharing on Email and IM Tools

Are your employees sending personal data, customer information, or confidential files through unsecured channels? Casual internal messaging platforms like Slack and Teams are great for quick communication, but they can lead to data leaks. 

Even email is risky – it’s not designed for secure data transmission, and it can be intercepted, especially when sent to external recipients. 

The solution: Always use secure file-sharing platforms that have end-to-end encryption enabled. Make sure your team is trained to avoid transmitting sensitive information via unprotected channels. 

Ignoring Software Updates

Software updates aren’t just nice-to-haves; they’re an important part of data security. Attackers target out-of-date systems as they’re likely to have well-known vulnerabilities that will let them in easily. 

Whether it’s a laptop, a browser, a mobile app or an important business system, delays in updating these systems leave your company open to attack. 

The solution: Enable automatic updates and centralised patch management for all devices, systems and apps. Training staff on the importance of updating software will also support this solution.  

Storing Data Anywhere

Do you know where your employees are saving their work files? From personal clouds, USB drives, and desktops to unauthorised, unvetted storage platforms, unsecured locations might be convenient for your employees, but they’re really bad for data protection. 

Scattered data increases the risk of data breaches, leaving your business data exposed to bad actors. 

The solution: Use approved platforms, write a clear policy on how and where to store your data, and ensure your staff know and understand it.  

Falling for Phishing

With the advent of AI, phishing scams have become very sophisticated and increasingly more common. Whether it’s a message from the boss asking you to pick up a gift card for a client or Microsoft asking you to click the link to update your Teams, they often look very legitimate. 

Any one of your employees falling for a phishing attack could result in a serious breach of sensitive data.

The solution: Preventative training is one of the most effective ways to prevent phishing attack success, along with email filtering and verification procedures. 

Stay Secure And Compliant With Data Protection People

Whether you’re looking to improve your data protection policies or ensure that you’re compliant with GDPR law, we can help. Our experts are seasoned professionals with a deep understanding of the current regulations and best practices to help keep your data secure. Get in touch with us today.