Image - Staff Privacy Training Logo
Employees cause 85% of Data Breaches
How This Can Close You Down & How to Fix It.
The Most Common Problems...

These are known problems and your staff are expected to understand them

The Password Problem

85 out of every 100 employees keep their passwords in their heads

That means they use the same passwords over and over. 

This is very dangerous for your business.

Your employees need to use password management. tools.

The Encryption Problem

9 out of every 10 employees think a password is enough to protect the data on their PC.

It's simple to extract a disk and access it without a password. This is very dangerous for your business.

Your employees need to encrypt their disks.

The Home Work Problem

Most devices used at home are shared amongst family members.

It's easy for a child or spouse to access dangerous sites or plug in a USB stick without knowing it holds malicious files.

Your employees need to know the dangers and how to share devices safely. 

The Email Problem

Every day, at least 350,000 new malicious programs are detected

Most malware enters firms via Email. 

Ii is very easy to target unsuspecting users, especially when an email seem to come from a trusted source. 

Social Engineering Problem

Each employee gets between 14 and 49 phishing attacks each year, depending on industry.

These are efforts to gather information like passwords or PIN numbers that allow the attacker to access accounts or data that should be kept private.

The Responsibility Issue

You cannot blame employees for losing data or exposing data if they have no training.

This means that the owner(s) of the business carry full responsibility, unless they can prove they took reasonable steps to train all staff with access to supplier and client information.

This Price is Valid for:

00 Years 00 Months 00 Weeks 00 Days 00 Hours 00 Minutes 00 Seconds

The Transcript of the Video, if you prefer reading...

Hi. Peter Carruthers here. 

It's been a year, almost to the day, since the protection of personal information act went "live". During that time, there have been a bunch of breaches, data losses, data exposures, data thefts, and ransomware attacks. The press fallout has been awful for most companies who found themselves victims of something stupid or malicious that one of their staff members did. Or one of their client's staff members or one of their suppliers' staff members.

The bottom line is that 85% of data breaches result from employees doing things wrong. 

Most of these staff did not behave maliciously. We could say that most are stupid, but you don't employ stupid people. Instead, most of these events result from ignorance, staff not trained in the simple awareness of the importance of data and how to easily combat efforts to slip into your systems via their emails, websites, or phones.

The truth is that when you employ somebody, you give them the keys to your entire future. They're not physical keys, although it's a nice image. Instead, you give them the codes to allow anybody else to access your systems without knowing if they know how to protect those codes on which your future depends. 

The average employee in a large company faces at least one such threat in their inbox daily. They have massive education and technology resources to stop employee incompetence. We don't.

When we employ somebody, we assume they understand computers, security, and data privacy. Maybe we should ask some simple questions right up front. Just because they're great salespeople or superb at client support does not mean they know much about computers.

I recently brought on board a lady with two degrees. She part-times as a teacher. She is competent with computers. But like many people, she uses 2 or 3 passwords which she "circulates" between the various online social media systems she uses, email systems, and online dating sites...

Just like most of your employees do. 

I think it makes sense to ask a simple question before letting anyone near your systems: "What password manager do you use?" That's the first question I ask. They cannot touch our systems until they've completed our privacy awareness course if they don't know what a password manager is. If they know what it is but don't use one, they cannot touch our systems until they've completed our privacy awareness course.

And then, I made sure that this lady completed our privacy awareness course. It takes about an hour.

And, yes, it costs some money. A hell of a lot less money than you will pay this person in the next 12 months. A lot less than the amount of money you pay for the space they use and the equipment they use.

Our online course normally costs R497 per person. It's the anniversary of POPIA, so you save R200 and invest just R297 per person. They get lifetime access. They get a certificate at the end to prove that they attended. En route through the course, they can ask questions and get answers via the comments at the bottom of each lecture.

If something goes wrong, you can show that certificate to the Information Regulator to show that you did your bit.

In other words, this is the most magical grudge expense you will likely make in your lifetime.

Ask DisChem, the Department of Justice, Transunion, Experian and the dozen high-profile ransomware and data exposure victims this past year. 

When you employ somebody, they hold your future in their hands as much as you hold their future in yours. Make sure they know what they are doing in your systems. 

Peter Carruthers | Copyright ©2022 | All Rights Reserved
Powered By