Be Sure to Look Around the Office When Searching for Gaps in Your Data Security High profile data breaches reported in the media rarely point to the significant threats from employees, either disgruntled or negligent.

By Robert Siciliano

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

What's inside your own company may hurt you. Recent research reveals that internal security breaches, including accidental ones by careless employees, are dangerous and rampant.

Your business's greatest cyber threat could be festering right inside your offices. A recent report by Forrester Research, called "Understand the State of Data Security and Privacy," shows that one-fourth of survey respondents said that a malicious employee was the most common means to a data breach within the past year. However, respondents noted that 36 percent of data breaches resulted from employee errors.

Related: 10 Data-Security Measures You Can't Do Without

A report from MeriTalk found that 49 percent of compromises occur when workers bypass security measures, e.g., downloading e-mail files. This report focused on the federal government. If the feds can't protect themselves, how the heck can small businesses?

Businesses are spending more and more resources on protection, such as antivirus software, anti-phishing software and firewalls, plus teaching employees security awareness but the problems are crooked insiders and careless employees.

The MeriTalk report also reveals that 66 percent of respondents see security as time consuming and restrictive, while 60 percent believe their work takes longer due to additional cyber security tactics. Another 20 percent say they can't complete their work due to security measures and 31 percent skirt around security measures at least once per week.

The Forrester study reveals that 36 percent of data breaches come from accidental misuse of data by workers. Only 42 percent of respondents received security training and 57 percent weren't even aware of their company's current security protocols. One in four reported a breach was caused by malicious inside activity.

What should be done? To start, focus on workers with access to sensitive data, such as employees in human resources, accounting, legal, administration and personnel but also company officers and contractors. Businesses need to work with all the key departments to identify vulnerabilities and devise security tactics that don't obstruct productivity. Determine the level of risk for various kinds of data and set protections accordingly.

Related: 5 Ways to Avoid a Costly Data Security Breach

Following that, conduct a cost/benefit analysis. Review the different technologies that can be incorporated with the company's existing systems. This includes data loss prevention technologies and internal system status monitoring. The goal is to limit who has access to what kind of data. Determine why an individual needs the data.

Companies also need to examine their weaknesses from an outside-attack perspective. System-wide encryption should be implemented, as well as tools that report alerts and events. Access controls should be inspected and put in place, along with password management and multi-factor authentication.

Device recognition is crucial. There must also be disposal for e-data, paper data and discarded devices.

Transparency is also important. The more transparent that a business's network security and security policies are, the more effective and clear each department will be communicating their requirements, needs and differences.

Don't be let efforts to combat outside cybercriminals blind you to internal threats. Attention on one should not diffuse attention on the other.

Related: A Lack of Communication on Cyber Security Will Cost Your Business Big (Infographic)

Robert Siciliano

Personal Security, Privacy and Identity Theft Expert

Robert Siciliano, CEO of IDTheftSecurity.com, is committed to informing, educating and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics

Business Solutions

Stay Organized with This Task Management Tool, on Sale for $30

A Study Planr Pro subscription is just $30 for life.

Business Ideas

55 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business News

Here Are 3 Strategies Startup Founders Can Use to Approach High-Impact Disputes

The $7 billion "buy now, pay later" startup Klarna recently faced a public board spat. Here are three strategies to approach conflict within a business.

Social Media

How To Start a Youtube Channel: Step-by-Step Guide

YouTube can be a valuable way to grow your audience. If you're ready to create content, read more about starting a business YouTube Channel.

Data & Recovery

Get 2TB of Cloud Storage with PhotoSphere for Just $280 for a Limited Time

Easily store and access photos, videos, and other files spread across your work devices.