Why every HR team needs stronger communication security…now

A staggering 91% of data breaches occur at the communication layer – with email being the primary source.

While some breaches are caused by phishing attacks, many information leaks result from well-intentioned employees making accidental mistakes.

Unfortunately, breaches often are not identified until well after they have occurred (if it at all).

As an HR professional, you have likely been trained on how to spot email phishing attacks and other suspicious behavior.

However, despite maintaining good cyber hygiene, it’s possible that you have fallen victim to security vulnerabilities at the hands of others inside your organization.

When you send information over email, you lose control over the security, access and permissions (e.g., printing, forwarding, copying, etc.) of your data.

It’s also very difficult to know if your recipient maintains good cyber hygiene or if they have fallen victim to a phishing attack, thereby allowing others to read their emails.

How do you prevent your information from leaking to unauthorized people?

It’s important to establish a plan for:

  1. What information needs protecting
  2. Who should be able to see your information, and
  3. How can to control your information after it has been sent.

We’ve found that most HR departments need to protect data relating to hiring/firing/furloughs, opening/closing of locations, internal investigations, compensation/benefits and other sensitive topics.

Given its sensitive nature, it’s critical that only authorized people have access to this information.

Managers should control what others can do with sensitive data, including whether they can forward, print, copy or edit the information.

Additionally, the ability to delete/destroy/archive conversations and documents can be of paramount importance.

Since email, text message, and team collaboration platforms don’t provide the described level of privacy, security and control, “what does?”

First, let’s identify the technology you should be using:

  • Automatic message and document encryption
    • Manually encrypting and decrypting messages and files is frustrating and time consuming. Similarly, assigning passwords to documents is impossible to manage. Solutions with automatic encrypting and decrypting of data ensure your data is secure, your company is compliant, and your people are happy.
  • Zero knowledge
    • Did you know that most tech companies have access to your data? Ensure you choose a communication solution who is unable to access your information and thus has “zero-knowledge” of your messages.
  • Zero trust
    • You shouldn’t have to trust a third party, the platform you’re using, or the cloud with your sensitive information. Use a platform that gives you granular access controls over your data so you can enforce policy through technology, not the other way around.

What solution offers this technology?

Despite everything you do, you don’t have control over other people. We recommend using technology, rather than relying on other people, to stay in control of your information.

If you’d like to learn more, you can schedule time with us here.

Recent Posts

The Low Down on LockDown Business

LockDown Business is an encrypted communication platform that offers businesses tight controls over the information they send and share. Here is everything you need to now to understand how LockDown … Read More

Why consumer encrypted messaging apps are a threat to your business

Encrypted messaging tools like Signal, WhatsApp, and Telegram are increasingly finding their way into businesses as secure communication solutions. While it may seem like a prudent decision to use them, … Read More

The Rise of Phishing Attacks on College Campuses

I checked my email this morning and was elated to discover that I had been personally selected for a new job opportunity! All the boxes were checked for a student … Read More