Three Often Overlooked Sources of Electronic Data Breaches

Regardless of
whether customer and employee data is legally protected in your country
or industry, we all have an ethical obligation to protect others'
personal information
as
well as our own organizations' proprietary information. Doing otherwise
is an open invitation for that information to be used in malicious ways
ranging from identity theft to corporate espionage. At the very least,
it's simply common courtesy to protect others' privacy!
 
Even in companies with elaborate
data-protection systems, here are three sources of electronic data
breaches that I see all the time:
  • The most common breach has perhaps always been -
    and will perhaps always be – computer monitors left on and exposed so
    that passers-by can read the screen. (Plus, if that machine is 'live'
    and unattended, what's to stop someone from using it to forage for still
    more information?). Have a reasonable and enforceable policy to prevent
    each of these things from happening.
  • Redeploying computers. Most companies seem to
    be getting better about removing hard drives from old computers they are
    trashing or selling off. (And if you aren't doing that, you need to!
    Those drives can easily be accessed by the new owners to retrieve
    whatever is on there. Remember, that is true even if you've used many of
    the programs designed to mask that data.) What about redeploying
    computers to new parts of your business, though? Are you sure that the
    new user needs access to the information gathered by the former user? If
    not, get that data off the machine before it goes where it ought not be
    going!
  • People change their electronic technology more
    often than their underwear these days and all those machines and gadgets
    are a huge source of potential data breaches. While cell phones are
    especially likely to have
    your and others' private information on them, remember that there are
    memory chips or drives in pretty much everything these days and some are
    surprisingly large. Things like copy machines and fax machines are
    prone to have a ton of data on them that needs to be protected. Be sure
    that their memories are wiped clean before you get rid of them.

Like with so many things ethical, electronic data
security is often seen as someone else's job. Also like so many things
ethical, however, we have not fulfilled our ethical obligation if we
don't do everything in our power to assure that the proper thing is
being done. If you see any of these potential data breaches occurring in
your organization, make it a point to bring the problem to whomever has the
authority to correct the problem.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>