Data and human errors: Where does it go wrong?

People make a mistake every 200-20,000 actions. So when humans play a role in a system, it is very likely they make mistakes. Like writing ‘2017’ for instance, when it should be ‘2018’, forgetting their keys, calling somebody by the wrong name. These things happen, after all, you cannot make an omelette without breaking eggs.

Most people spend a large part of their time at work. Since 93% of the Dutch people use internet and email at work, it will be no surprise that many mistakes occur in this area. We will discuss the top three errors that cause data breaches.


Error 1: wrong recipient / wrong content (47% of all data breaches)

All-time high: sending or delivering personal data to the wrong recipient. We have all done it: sending an email to the wrong person.
You want to send something to Rick and you start typing “Ric”. Your mail application completes the name, and you press “send”. Then you suddenly see, to your horror, that the message was sent to Richard Jones, instead of Rick Johnson!
Or you accidentally attach the wrong file to your message, and send it. It happened within a few seconds, but if the message contains personal data, this is really a data breach. The impact of this can be enormous, causing reputational damage to your organisation, or resulting in an annoying fine. And the people whose data you sent, may become the victims of identity theft.


Error 2: lost data carrier (23% of all data breaches)

Another type of error that occurs quite often: a data breach caused by the loss of theft of a device, data carrier and/or paper. A ‘data carrier’ is probably a word you do not use very often, but think of your laptop that is stolen from your car, for instance, or a DVD or USB flash drive that got lost. Lost (or opened and returned) letters or parcels are most common errors in this category. This is the cause of 9% of all data breaches. This type of error is easy to avoid. Stop using data carriers, and send large files digitally. However, make sure the data reaches the right recipient.


Error 3: hacking, phishing and/or malware (6% of all data breaches)

This type of error occurs a lot less often than you would think, even though it is a broad category. Hacking means that an unauthorised party deliberately intercepts information. Phishing implies that a user clicks on a link and incurs malware, for instance. Contamination often occurs through infected files, such as mail attachments or via online advertisements that abuse a leak in outdated software.
Employees causing these types of data breaches are often not well-informed about the dangers. However, the impact of infected network drives or cloud storage is significant. Education and awareness will help prevent this type of data breaches. In case of hacking of mailboxes, we advise to opt for a solution that ensures that access can be remotely revoked if necessary. Interception of messages can be prevented by means of encryption and TLS.

When you have read the above, you understand that preventing data breaches takes more than good encryption. If you do not take the human factor into account, you are just wasting of time and effort. Particularly since humans play such an important role in the start of data breaches, it is essential that they are aware of the presence of sensitive data and the risks involved. But how do you ensure that this subject becomes a reality for your colleagues? How to create a permanent focus on privacy in your organisation? Read about it in our e-book Create awareness on privacy and the GDPR.


GO TO THE E-BOOK

RELATED
The_advantages_of_Email_vs_Fax and_Snail_Mail_zivver_blog_en

The Advantages of Email vs. Fax and Snail Mail

Before email came into popularity, fax transmissions presented the only way to send written communication quickly. They could provide paper printouts in a few short minutes over hundreds of thousands of kilometers. Nowadays, email has become the preferred method of communication. Consequently, most companies have entirely abandoned fax machines. […]

Read more
Data_Breach_vs. Data_leak_explained_zivve_blog_en

Data breach vs. Data leak explained

You probably remember when Facebook's founder Mark Zuckerberg testified before the American Congress and UK lawmakers regarding the Cambridge Analytica data leak scandal. The political consulting firm harvested raw data from 87 million Facebook profiles while working for Donald Trump's presidential campaign in 2016. You might also recall the massive data breach […]

Read more
Untitled design (2)

Encryption for beginners 2: PGP and Hashing

If you want to prevent unintended recipients from gaining access to emails containing sensitive personal data, it is imperative to use encryption. Encryption is an interesting and yet complex subject, not widely understood by the general public. We started covering the topic with the encryption for beginners 1 blog post, in which we highlighted the differences between […]

Read more
Encryption for Beginners_locks_ZIVVER_email

Encryption for Beginners 1: (A)symmetric encryption

Most people don't realize how easily an email can be sent to the wrong recipient. A typo in the address, a mistake in the configuration of a server, the wrong name selected from the automatic address book: they are all simple and common mistakes. In addition to the human error element, there is always a risk that hackers could compromise the mail server of a provider […]

Read more
Sales_Channel_UK_Email_Security_DPA

ZIVVER set to expand its sales channel for email security in the UK

Fresh off a media tour to support the recent launch of ZIVVER’s secure email and file transfer solutions in the United Kingdom, ZIVVER is poised to announce new channel partners shortly. These partners will help support the company’s aggressive growth strategy in 2020 and beyond. […]

Read more
FromAtoZivver

Cybersecurity Awareness Month: Email and File Transfer Security

When people think about email security, they typically associate it with widely reported hacking incidents, often nefarious in nature. These breaches tend to be higher in profile for a multitude of reasons, but actually account for a lower percentage of data breaches overall. For many organizations, the biggest threat to protecting privacy-sensitive data simply comes […]

Read more