David Zemann explains how data breach protection and metadata management at the right time can safeguard against damaging breaches.
The Q4 report on Australia’s Notifiable Data Breaches Scheme (NDB) has been released by the OAIC, and the number of reported breaches has not shown much improvement. There were 245 breaches, affecting mainly health service providers and professional services industries like finance and legal, accounting, and management services. To really see an impact on the number of breaches affecting Australians each quarter, its time businesses got serious about data breach prevention.
1. Stop email data breaches
Human error accounted for 34% of all breaches reported in Q4, and of these, the most significant cause was data was emailed to the wrong recipient.
For context, think about how many times you’ve almost chosen the wrong Stephanie or John from the autofill menu in Outlook. Sometimes mistakes like this are harmless. But, what if you sent a spreadsheet full of client names, addresses and bank account details to the wrong Stephanie? Human error can easily lead to damaging data breaches.
To prevent sensitive information being sent to the wrong person, use email recipient and attachment checking software directly in Outlook. This technology can check recipient lists for external or blacklisted domains and show warnings for potentially risky email behaviors to ensure the user’s actions are as intended. And it all happens before the data has a chance to leave the business.
2. Enforce metadata management
Data breaches happen when staff don’t realize what information is attached to files being sent outside the organization. Document metadata – author name, editing time, comments, and Track Changes – can easily reveal confidential information if not removed before sending.
This can be a policy. Everyone in the business should be asked to clean metadata from documents and email attachments sent externally. The best point for intervention is before Send in email, or in a File System before a document is uploaded or otherwise shared. This way, your business is protected against accidental information and metadata leaks with minimal impact on productivity.
For more ways to strengthen your data protection strategy – including for NDB compliance – get your free industry guide.
David Zemann, Business Development and Channels Manager (APAC)