Are Data Breaches a Product of Man or Machine

Recently, the Singapore media has frequently covered news of data breaches and cyber security issues. We may be quick to blame systems which should be in place to protect personal data, however that may not always the case. Human error has resulted in some of the biggest data breaches recently, such as the recent data leak that exposed the personal information and health statuses of at least 14,000 individuals[1]. Whilst it is crucial to enforce good data ownership among individuals, it is equally important to maintain a strong data protection system.

What Should Organisations do to Protect Their Data?

With human error a major culprit in data breaches, organisations should keep up to date with the current measures employed to protect collected data, especially when handling large amounts of confidential customer data. Reducing the chances of a human error occurring may be as simple as having checks and balances to ensure compliance with both the Personal Data Protection Commission (PDPC) and the General Data Protection Regulation (GDPR). Internal processes should also be reviewed to prevent ineffective data security measures from being put into effect.

Offices are prone to the misplacement of sensitive information which inevitably lead to the risk of an unwanted data leak. Adopting a Clean Desk Policy, in which employees keep their desks clear of documents at the end of each work day, minimises the risk of human error and promotes good data responsibility. Proper data disposal such as secure shredding also contributes to reducing the risks of data breaches.

Better Safe Than Sorry

It is also important to understand that breaches do not always happen through cyber-attacks. Alongside the Data Protection Officers (DPO), every individual in an organisation also has a part to play in creating safe environments which do not run the risk of compromising guidelines created by the data regulation watchdogs. Non-compliance carries heavy penalties as well as a loss in reputation among your stakeholders. Take charge of your data, employ healthy data protection practices and ensure vigilance to avoid data breaches.

Start Protecting Your Business

An organisation that integrates data protection into its business processes can help reduce the risk of a data breach. Learn more about how Shred-it can protect your documents and hard-drives by contacting us for a free quote and a security risk assessment.

[1] The Straits Times. (2019). Data of 14,200 people with HIV leaked online by US fraudster. [ONLINE] Available at: https://www.straitstimes.com/singapore/health/data-of-14200-people-with-hiv-leaked-online-by-us-fraudster. [Accessed 4 Mar 2019].