Skip to main content

Employee errors are the leading cause of security breaches within organizations. People are unpredictable, careless, and just plain ignorant when it comes to protecting confidential company data. As technology grows more complex, the risk of error increases with it, leaving your business susceptible to hackers and other security threats.

Employers must work harder to stop potential threats in their tracks. It starts with identifying the top errors employees make that lead to data breaches. Here’s the top four:

  1. Leaving confidential documents around the office.

    Do you have careless employees who leave confidential files at the copier or spread across their desk for anyone to see? If so, this could lead to misuse of information by visitors or other co-workers.

    There’s a few things you can do to prevent this from happening including:

  • Providing employees with ample storage space for physical documents such as a small filing cabinet with a lock and key.
  • Giving them access to scanners and shredders so that they can digitize files and securely discard them.
  • Include requirements in employee policies stating that desks should remain clean at all times and papers should be picked up immediately from printers and copiers.
  1. Clicking links or opening attachments in phishing emails.

    Phishing emails are sent out to unsuspecting employees with the intent of ransoming or accessing confidential information. If your staff isn’t properly trained on how to spot them, then you could end up with a huge data breach on your hands. Imagine trying to explain that to your customers….

    The only way to prevent this from happening is to train your staff on the latest security threats and how they are being delivered. When they see a threat come in, they can then send it over to their IT support company to confirm. It’s also good to have Advanced Threat Protection in place that will click all of the links in the email before delivering it to your inbox.

  2. Losing company devices with critical data. 

    Every year, 70 million mobile phones are lost. And every 53 seconds, one laptop is stolen. The last thing you want is confidential company data on those devices that are lost. To prevent data from getting in the wrong hands, you’ll want to make sure you have remote wipe capabilities and encryption.

  3. Not following proper password management protocol.

    People make mistakes every day with their passwords. Whether it’s storing them in plain sight or not changing them every day 90 days, it can lead to cyber criminals hacking your accounts. No online account is safe from hackers! Therefore, each and every employee should follow these simple best practices when it comes to passwords:

  • Change passwords at least every 90 days.
  • Use a different password for every account.
  • Store credentials in an encrypted password portal.
  • Change passwords whenever an employee quits or is fired from the organization.
  • Do not use factory-set passwords.
  • Use your password management system to generate more complicated passwords that won’t be easily guessed.

How to Stop Employee-Error Data Breaches 

As an employer, you must create and enforce employee policies. Without clear guidelines, employees won’t know what is right or wrong when it comes to the security of your organization. Instead of leaving it up to fate, you need to clearly document rules and regulations in policies that are communicated with the staff. Going over policies should be part of your onboarding process. Employees should sign the policy and it should be enforced by managers.

Every business needs the following policies:

Once policies are in place, employers must train their workers consistently on potential security threats.

Fill out the form to the right to get your {free} cybersecurity training program for your staff.



Biz Technology Solutions provides full-service technology solutions for medium to large organizations throughout the Southeast. We offer business-critical services including enterprise IT professional services, managed IT services and application development services.


Phone: 704-658-1707