Why do we need to practice employee privacy?

Every day there is a new data breach reported in the news, many of them caused by internal employees failing to adhere to proper privacy guidelines. Data breaches from tech giants like Facebook, Google, and Microsoft seem so commonplace that you might not feel like it’s a question of if, but when, it might happen to you. Newsworthy material often entails anonymous hackers infiltrating millions of accounts that contain sensitive data. But this focus on anonymous hackers must not distract organizations from one of their top sources of risk, their own employees. Data breaches often occur due to negligent employee actions and mishandling of personal data. This article discusses six tips for how employees can better-safeguard personal information at work. 

Tip #1: Good Password Hygiene

The first tip is to practice good password hygiene. Employees should not maintain the same password across multiple websites and company logins. Most employees are typically unaware of the risks associated with maintaining the same password across multiple websites.

For example, a password that has been compromised in another company’s data breach can create vulnerabilities on your organizations’ site. As a result, organizations must educate and train employees on why and how poor passwords practices can lead to data breaches. If employees are concerned about forgetting their passwords, educate them on using a password manager app to store their passwords securely.

Also, organizations should consider using a Two-Factor Authentication system. A two-factor authentication system requires that there be two ways of proving your identity. Most people are unaware that they use two factor authentication each day.

Take, for example, purchasing an item on a credit card from a store. The credit card acts as “one factor,” while the employees request to see another form of identification—such as a driver’s license, constitutes a “second factor.” The additional layer of security helps defend against hackers gaining unauthorized access into secured systems.

Tip #2: Keep Your Paper Data Secure

The second tip is to secure all paper data. This means the days of employees decorating cubicles or computer screen with sticky notes filled with passwords and other sensitive data must end.

Tip #3: Avoid Using Public Wifi

The third tip is to avoid connecting to unsecured networks. This includes public Wi-Fi systems, as cybercriminals use these unsecured networks to steal your personal information. Although convenient, especially for remote workers, employees should avoid using public Wi-Fi networks to reduce security threats and protect personal information.

Tip #4: Frequently Update Software

The fourth tip is to regularly update your software and other applications to ensure the latest security updates. Although the occasional pop-up window notifying of an available update can be annoying, such updates are essential to patching software security flaws and protecting your digital safety surrounding your personal information.

Tip #5: DO NOT Click on Suspicious Emails

The fifth tip is to NOT click on any suspicious looking emails. Although this may sound obvious, malicious emails have become increasingly challenging to spot. If you think you have spotted a malicious email, immediately report it to the appropriate personnel within your organization to quickly alert other employees to not to open the email.

Tip #6: Always Log Out of All Programs

Lastly, the sixth employee privacy tip is that employees should log out of all their programs and applications once they are finished. Leaving an application open exposes the system to risks—like unauthorized access by other co-workers or personnel.

These six tips comprise just a handful of the many ways that employees can better-safeguard personal data organizations.

Contact our team of privacy professionals at DPOAdviser.com to assist your organization in developing internal privacy policies and employee training to ensure your organization achieves and maintains CCPA and GDPR compliance today.

Skip to content