In October, a USB memory stick was found on the street and handed in to a tabloid newspaper where it was found to contain unencrypted details of security measures at Heathrow Airport. The data included files marked ‘Confidential’ and ‘Restricted’ which contained details of terrorist threats, information on how to get access to restricted areas, and also the Queen’s travel plans.
The airport has launched an internal inquiry into the incident, but it highlights just how easy it can be to have a massive security breach on your hands.
Whichever reason it was, the incident highlights just how vulnerable your data is, and how breaches can so easily affect your business. It also shows that it is not just security systems that need to be protected – every member of your staff needs to understand why it is so important to protect the data.
There are many lessons to be learned. It is clear that Heathrow’s security measures were inadequate. To ensure that your company does not make the same mistake, there are a number of measures you can take to ensure your data is protected, including:
The human factor
Technology is an important tool in data security, but it is not a panacea. Many data breaches are the result of staff carelessness, which is why your company needs to undertake mandatory awareness training, detailing the procedures for all staff at all levels – from the cleaners to the directors.
The regularity these kind of cyber threat news stories prove that, as companies, we are not doing enough. The world is changing and getting more dangerous all the time which means the risks are getter greater. You need to treat data security in the same way as the more ‘traditional’ risks to your company – you use alarms to warn of fire and intruders, and have insurance policies in case of accidental or malicious acts, yet data breaches are much more likely to happen.
Events like this one should be a wake-up call for all businesses – however large or small – to take control of their data or risk potential loss.