In today's computer-dependent world, it seems like just about every week brings a new story about a data breach. Last November, it was the Sony breach that leaked thousands of employee social security numbers and emails, in addition to a slew of movies that were still under wraps. That was quickly followed in December by news of a breach at financial firm Morgan Stanley. And that's just the tiny tip of the data breach iceberg. According to a report published in Forbes, about 40 percent of all companies experienced some type of data breach during 2014 – not exactly inspiring news.
While part of Sony's problem was failed security measures on their network, another part of the breach involved the lack of secure behavior by employees, many of whom used their work computers for personal activities, exposing both themselves and their colleagues in the process. To the employees, these activities certainly may have seemed innocent enough; but in the end, they wound up compounding the problem.
Consumer rights group Privacy Rights Clearinghouse keeps track of data breach reports from companies across the country, and it's a list that includes major players as well as minor ones that you probably have never heard of. From the U.S. Postal Service to the National Weather Service to the Seattle School District and a small medical practice in Brookville, Pa., hackers were mighty busy last year – and it looks like we can expect more of the same in 2015.
While a few of these breaches occurred when laptops or paper records were stolen, the bulk were the result of poor security practices at the businesses themselves. And one of the primary causes of data breaches is human error.
In fact, a study conducted by security software company Symantec and independent research company Ponemon found a whopping 66 percent of data breaches were due to human error, much of which could have been prevented through proper education and training. In its press release announcing the results of the study, Symantec listed educating employees as its top recommendation for preventing data breaches at companies of all sizes.
But it's one thing to have training in place, and it's another thing to make sure every employee is receiving the same training with the same goals and objectives. Training can be costly, and sending employees to off-site training locations can cause major disruptions in productivity – not to mention logistical nightmares. Offering training in-house would seem to be an option that would address those issues, at least in part. But you still have the problem of making sure all employees – including new hires – are receiving the same training. Plus, there are still the production problems that arise when a seasoned employee has to be taken away from their duties to train a new employee.
E-learning offers a much better solution. Not only is it much more cost-effective, it can be completed on a schedule that's convenient both for your company and for your employees. Plus, because it's based on a program you design, it can be customized to address the security issues that are unique to your company. You also have the confidence that comes from knowing every employee is receiving the same training, so the chances of miscommunication are slim to none. Software like EHSSoftware.io LMS offers tracking options so you can keep track of which employees have completed training and which ones still need to be trained. Plus, tracking data also helps ensure you have the proof of training you need for audits, certification, licensing or other needs.
Data breaches can cause serious security compromises, and inadequate employee training is the Achilles tendon many hackers are looking to exploit. EHSSoftware.io LMS can help you build a robust security education program that's flexible, responsive and customizable, so employees will understand their vital role in maintaining security – not just for your company's sake, but for the sake of their own personal information.
According to a report from credit company Experian, the threat of data breaches is expected to rise in 2015, which means you need to take steps now to ensure the integrity of your company, your data, your employees and your customers. Implementing a comprehensive e-learning program is one of the most effective and proactive steps you can take to reduce human error and decrease your company's risk of a potentially devastating breach.