The Importance of Employee Security Training
UNICEF, a charity organization that works in more than 190 countries and territories to help disadvantaged children, experienced an accidental data leak in August, 2019. So what happened? Essentially, an email was sent out containing personal details of thousands of individuals who leverage their online learning portal known as Agora, a program that offers solutions to staff, partners, and supporters. This email was sent to a staggering 20,000 inboxes – containing the following personal details:
- Names
- Email addresses
- Professional information
- Gender
In addition to the personal details listed above, duty stations, contract types, and supervisor names of each individual were leaked. It’s reported that 8,254 users enrolled in courses on immunization were impacted. Shortly after, UNICEF sent an email to those who may have received the accidental email stating that said accidental email “contained a spreadsheet that included the basic personal information of some of our users.”
The email went on to ask recipients to delete the email and any copies of the email. UNICEF disabled functionality for sending these types of reports, then blocked the online learning portal’s ability to send attachments altogether. According to the organization, this should prevent an accidental data leak from occurring in the future.
Think You’ve Accounted for All Types of Threats? Don’t Overlook Human Error…
This unfortunate data leak highlights the importance of planning for human error. The truth is, an organization can have the most sophisticated security solutions in place – but that’s not enough to prevent human errors from resulting in data loss and/or theft. Security is vital at an infrastructure level, as well as at an individual level. What does this mean? Essentially, employees need regular security training to stay aware and know how to handle themselves (and any sensitive data they have access to!)
According to IBM, 27% of data breaches result from some type of human error. Your IT company should be able to provide employee security training wherein they:
- Train your employees on a regular basis in terms of how to create secure log-ins, signs of a phishing attack, how to respond to threats, and more.
- Test your employees on a regular basis with mock phishing attempts and other techniques that keep them on their toes.
Need to Book Employee Security Training Before Your Company Falls Victim to Cybercrime?
Call (408) 797-0756 or email us at info@veltecnetworks.com now. Are you a non-profit organization worried about cybercrime? Don’t forget to enter our contest for your chance to win FREE technology support for a year. We love supporting non-profit organizations, and naturally, we don’t want to see any local non-profit organizations face the same fate as UNICEF. That’s why we’re looking to give back in a HUGE way.
From now until Thanksgiving Day, we’re giving local non-profit organizations the chance to win a full year of technology support, so we can work with you to keep your company safe against all sorts of threats. Click here for full details, rules, and the ability to enter.
Like this article? Check out some of our other articles here:
Do We Need to Use DKIM and DMARC Authentication?