Regardless of
whether customer and employee data is legally protected in your country
or industry, we all have an ethical obligation to protect others'
personal information as
well as our own organizations' proprietary information. Doing otherwise
is an open invitation for that information to be used in malicious ways
ranging from identity theft to corporate espionage. At the very least,
it's simply common courtesy to protect others' privacy!
Even in companies with elaborate
data-protection systems, here are three sources of electronic data
breaches that I see all the time:
- The most common breach has perhaps always been - and will perhaps always be - computer monitors left on and exposed so that passers-by can read the screen. (Plus, if that machine is 'live' and unattended, what's to stop someone from using it to forage for still more information?). Have a reasonable and enforceable policy to prevent each of these things from happening.
- Redeploying computers. Most companies seem to be getting better about removing hard drives from old computers they are trashing or selling off. (And if you aren't doing that, you need to! Those drives can easily be accessed by the new owners to retrieve whatever is on there. Remember, that is true even if you've used many of the programs designed to mask that data.) What about redeploying computers to new parts of your business, though? Are you sure that the new user needs access to the information gathered by the former user? If not, get that data off the machine before it goes where it ought not be going!
- People change their electronic technology more often than their underwear these days and all those machines and gadgets are a huge source of potential data breaches. While cell phones are especially likely to have your and others' private information on them, remember that there are memory chips or drives in pretty much everything these days and some are surprisingly large. Things like copy machines and fax machines are prone to have a ton of data on them that needs to be protected. Be sure that their memories are wiped clean before you get rid of them.
