Data Loss Disasters: Bad Decisions Revisited
Data loss has become an epidemic that has spread across businesses of all sizes and industry, costing billions of dollars along its way. Still, many companies overlook the impact of data loss, because it is difficult to appraise the value of something that exists on a network and/or hard drive. We don’t want you to make the same mistake in your business, so we’ve come up with a series of everyday data loss disasters and how to avoid them.
In Part One, we’re going to discuss one of the most frequent causes of data loss: your own employees.
1. Someone Messes Up
Human error accounts for an alarming percentage of data loss. One study, conducted with the benefit of 20 years of data, showed that 70% of data center incidents were caused by human error.
There are a number of ways a simple employee mistake can cause irreparable damage to your business, and these mistakes can happen at all levels despite the employee’s position or experience.
For instance, there’s the “Accidental Accomplice”:
Julia is your HR manager. She’s eating lunch at her desk and pulls up her personal email account. She sees a message in her inbox from a company that requests that people sign a petition to help save an endangered species. Julia opens the email and downloads the attached file. The file is infected with malware and makes short work of locking up her system, along with a month’s worth of expense reports.
In this one scenario, you can see the financial loss of having to a.) reimage the hard drive, b.) devote payroll hours so all 24 of your employees can file new expense reports, and c.) devote payroll time to the account manager for time down while the computer is repaired.
Now, what if Julia forwards that email to her co-workers, thinking it’s just an innocent file from her sister? Then that malware spreads across the company, multiplying your financial loss.
One study by Verizon found that “a small data breach where only 100 records are lost would most likely cost an organization anywhere from $18,120 to $35,730, but could cost as much as $555,660.” It’s easy to see how even one simple attack can have a catastrophic impact on a business.
Cyberattacks can also cause irreparable harm to your reputation as a business. In one study, 70 percent of consumers stated they would stop doing business with an organization if it experienced a data breach.
In another study, 93 percent of consumers said they would take or consider taking legal action against an enterprise that has been breached.
All of these hits to a business’s reputation and financial stability lead to 60% of small businesses closing within 6 months of a significant data breach.
In this example, Julia was tricked into downloading a virus from an attachment that seemed to be legitimate. This happens all of the time.
Downloading rogue attachments isn’t the only way to wreck your system. Other ways to become infected by a virus include clicking malicious links, giving your information to phishing websites, and visiting unsecured sites that harbor infected code.
The best way to avoid such potential disasters is — education. Your employees should never, and we can’t stress this enough, NEVER, open attached files from a trusted or untrusted source that have not been scanned for viruses.
That said, education can only do so much for the large amounts of email businesses receive on a daily basis. Your MSP can set up spam and antivirus filtering to quarantine suspect emails, and can also implement content filtering that removes the ability to access to sites that have been identified as unsafe.
Through best cybersecurity practices and proper employee education, you can be prepared for deterring worst-case-scenarios.
In Data Loss Disasters, Part Two, we’re going to talk about how failing to backup your data is another way that your business will lose big time.
If you are curious about other ways to protect your business from data loss, please contact us anytime. GB Tech is experienced at creating cybersecurity solutions and data backup plans that help you avoid costly data loss.