The first quarterly report from The Office of the Australian Information Commissioner (OAIC) since the Notifiable Data Breaches scheme (NDB) came into effect showed a staggering 180% year-on-year increase in reported breaches. And this happened in only a matter of weeks.
As the OAIC shows it's serious about holding Australian businesses accountable for data breaches that happen under their watch, it's time for Australian businesses to get serious about managing them better.
1. Stop email data breaches
Sending a document to the wrong person is the number one cause of data breaches worldwide. In Australia, more than half of the breaches reported under Q1 of the NDB were due to human error.
For context, think about how many times you’ve almost chosen the wrong Stephanie or John from the autofill menu in Outlook. Sometimes mistakes like this are harmless. But, what if you sent a spreadsheet full of client names, addresses and bank account details to the wrong Stephanie? Human error can easily lead to damaging data breaches.
To prevent sensitive information being sent to the wrong person, use email recipient and attachment checking software directly in Outlook. This technology can check recipient lists for external or blacklisted domains and show warnings for potentially risky email behaviors to ensure the user’s actions are as intended. And it all happens before the data has a chance to leave the business.
2. Enforce metadata management
Data breaches happen when staff don’t realize what information is attached to files being sent outside the organization. Document metadata – author name, editing time, comments and Track Changes – can easily reveal confidential information if not removed before sending.
This can be a policy. Everyone in the business should be asked to clean metadata from documents and email attachments sent externally. The best point for intervention is before Send in email, or in a File System before a document is uploaded or otherwise shared. This way, your business is protected against accidental information and metadata leaks with minimal impact on productivity.
For more ways to strengthen your data protection strategy in 2018 and beyond – including for NDB compliance – download our free industry guide.
About the author
David Zemann is the Business Development and Channels Manager for DocsCorp (APAC). David has more than 15 years' experience in providing technology solutions to document and practice management professionals.