Featured|Planning & Management

Top tips to prevent a breach from within

Dr Vikram Sharma
October 22, 20182 mins read

Data breaches can be devastating for businesses of any size. With mandatory reporting requirements, data breaches can cause irreparable reputational damage.

According to QuintessenceLabs’ Breach from Within report, 49 per cent of Australian office workers have performed benign, yet careless acts that can make a company’s data more vulnerable.

It’s important to assess your security protocols to minimise the risk of accidental breaches. Important measures that should be implemented include:

  1. Implement the Essential Eight Maturity Model – the Australian Signals Directorate has developed the ‘Essential Eight’ model to help businesses prevent cyber breaches. This enables businesses to adopt a strong baseline level of protection and identify their risk profile.
  2. Ensure a multi-layered approach – while human error can never be completely eliminated, when a multi-layered security approach is implemented, the risk can be mitigated. Encryption with strong key and policy management helps ensure data is protected, even in the event of a breach, by:
    a.  Limiting staff access to only data and files they’re required to.
    b.  Setting boundaries on how much data employees can access in a set time frame.
    c.  Providing oversight of data access, enabling businesses to act quickly and revoke access in the event of a suspected breach.
  3. Take staff exits seriously – only 62 per cent of business leaders eliminate employee access in the event of a staff termination. When employees leave the company, they should lose all access privileges immediately including email, server and remote access as well as physical keys and swipe cards.
  4. Understand reporting procedures – 30 per cent of business leaders don’t fully understand Australia’s legislation regarding the reporting of cybersecurity breaches. To avoid fines or reputation damage it’s essential that businesses keep up to date with data breach reporting requirements.
  5. Communicate security policies – 11 per cent of business leaders have no security protocols in place and another 11 per cent are unsure what security procedures their business has, if any at all. It’s important for everyone in an organisation to understand the company’s security policy, in regard to both cyber and physical security. A process should also be in place for communicating any changes or updates.

Dr Vikram Sharma, Founder and CEO, QuintessenceLabs

Recommended by IR
Building better teams – anywhere
Productivity
Building better teams – anywhere
Virtual worlds, real learning
Innovation
Virtual worlds, real learning
Show them how you’re special
Branding
Show them how you’re special
An upgrade in kindness
Sustainability
An upgrade in kindness
Payment apps that pay off
Digital
Payment apps that pay off
Author's latest articles
×
Essential insights delivered straight to your inbox. Sign up now - it's FREE
By submitting your details you confirm you have read our T&Cs and privacy policy.