Connecting North West business to relevant training, insight, conversation and each other

Is email your organisation's biggest downfall?

Napthens - August 22nd 2018

When considering the phrase “data breach”, most people automatically think of a large scale cyber-attack or an organisation using unscrupulous methods to extract people’s personal data, such as what happened with the Cambridge Analytica scandal. A data breach could even occur through a disgruntled employee, as happened to Morrisons earlier this year.

Whilst many forms of data breach can be difficult to prevent and can, in some circumstances, take months to discover, organisations should take steps to minimise risks where they can. One simple way is to ensure that care is taken when sending emails.

For most people sending and receiving emails at work is a daily occurrence, with an estimated 132 billion business emails from over 1.1 billion business email accounts sent during 2017.. In addition, each person sends on average over 15 email attachments per day. With so many emails and attachments being sent, it is clear that this poses a serious risk of a data breach to organisations.

It is then perhaps of little surprise that 63% of employees say that they frequently send sensitive data over email. With so many emails being sent and over half of employees admitting that they send personal data via email frequently, it’s understandable how an oversight or momentary lapse of concentration could result in a headline data breach. Given the sheer quantity of sensitive data being sent each day, it is no surprise that 45% of employees have admitted to accidentally sharing sensitive data with an unintended recipient.

As such, to help prevent a significant data breach which could be damaging financially and to the reputation of your business, we have put together 5 simple steps to limit the chance of a potential data breach:

  1. Remove any unnecessary personal data from the documents/email body
  2. Double check the files you are sending to ensure the correct document is being sent
  3. If your email has an auto-fill function, double check the recipient
  4. Where possible ensure that any documents containing sensitive data are encrypted
  5. If the email contains links, hover over them and check that the address is correct

If you do accidentally send sensitive data to the wrong recipient, you should contact your Organisation’s Data Protection Officer (DPO) or your organisation’s nominated person if you don’t have a DPO, as soon as you become aware of the breach.