Distributed denial of service (DDoS) attacks (attacks that aim to overwhelm a network until the server crashes) against educational resources grew exponentially this spring when compared to the previous year.Read More >
As the saying goes, “data is money”. Sometimes it literally is — for example, when one bumps into a spreadsheet with their colleagues’ salaries in it. In the latest Kaspersky Lab’s survey, almost four-in-ten employees (37%) admitted to accidentally accessing confidential information about their colleagues – such as salary and bonus information.
Payroll details is just one example of the sensitive personal data that reside on companies’ servers today. If leaked in public due to a lack of security and access consideration, it can not only undermine team spirit but also lead to more drastic consequences such as possible cyberattacks, regulatory fines for data protection non-compliance and lawsuits from affected employees.
One of the factors that may lead to work files being accessed by unauthorized people is that less than half (43%) of employees periodically check and amend the access rights for shared documents or collaboration work services that they use. Whenever someone leaves the company or transits to another department within the same firm, it’s essential that they have their access annulled immediately. Otherwise, it creates risks for the organization and for the people working in it.
This is part of a bigger problem called ‘digital clutter’ which stands for the uncontrolled proliferation and sharing of working files and documents that are kept without the necessary precautions. The lack of procedures and policies in place to regulate the digital order may lead to a blurred responsibility and general indifference among employees regarding the flow of documents — inside and outside the company. According to the report, only a third of employees (29%) knows exactly what is stored in each shared document or collaboration work services they access.
The challenge of ‘digital clutter’ is especially alarming for small and medium size businesses that are prioritizing business growth while leaving security and IT management issues in the hands of non-specialist employees or, at best, outsourcing to an external IT service provider.
“In most cases, working in an office today means working with sensitive and personal data. In order to protect themselves from related risks, businesses should start paying attention to security awareness, protection and policies. Employees, from regular ones to IT specialists, need to know how to use services for file sharing, collaborative work, how to encrypt important documents and how to recognize a phishing email. There are solutions and services in the market that can help with this,” comments Dmitry Aleshin, VP, Product Marketing at Kaspersky Lab.
Training of employees and regular reminding them about basic cybersecurity rules is essential. Kaspersky Automated Security Awareness Platform provides education in the form of short engaging lessons based on real life events to train practical skills that are applicable to employees’ daily work.
For better protection of businesses’ data on any endpoint — Kaspersky Endpoint Security Cloud. The product includes file, mail and web protection to not let a malware compromise endpoint and network content — whether through phishing email or an unsecured web site. With encryption management, all employees’ devices can be encrypted remotely — information on a device is kept in safe even if it is lost or stolen.
Proper email protection is also recommended for businesses using Exchange Online inside the Microsoft Office 365 suite. Kaspersky Security for Microsoft Office 365 protects employees from spam, phishing and malicious attachments dedicated to lure credentials or deliver malicious software to the office network.
For more information about the threats of digital clutter at work read the full report “Sorting out digital clutter in business”.
About Kaspersky Lab
Kaspersky Lab is a global cybersecurity company, which has been operating in the market for 21 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.
Related Articles Press Releases
Free security awareness training on remote working from Kaspersky and Area9 Lyceum has seen participants enact correct responses 66% of the time.Read More >
Penguin caught in the crosshairs: advanced persistent threat groups actively target Linux-based workstations and servers
Many organizations choose Linux for strategically important servers and systems, not least because this operating system is thought to be safer and less prone to cyberthreats than the far more popular Windows operating system.Read More >