Take Care When Digitizing Employee Data

Posted May 24, 2019 by Mary McGinley

As employers and their organizations are hurtling toward digitizing as much as their businesses as possible, extra care should be taken to ensure that the data doesn’t fall into the hands of cybercriminals.

Priya Sunit recently reported on the Human Resources Online website that a study was conducted by malware and antivirus software firm, Kaspersky Labs from December of 2018 to January of this year. The study surveyed 7,000 adult workers from 14 countries which included the United States, the UK, France, Spain, Germany, Italy, Brazil, China, Mexico, Japan, South Africa, Russia, Malaysia and Turkey that found that through a simple search, employees were able to access files where they should not have had access.

This access could allow them to edit, delete or damage, share or even use personal information of colleagues when going to work for a competitor or worse, to release the information online. Such information leaves workers and organizations open to cyber attack and can be sold on the dark web.

The survey found that many workers have disturbing attitudes when it comes to accessing and storing such sensitive information.

  • 80% of workers participating in the study said that they do not feel responsible for ensuring emails, documents, and other files.

  • 72% of the workers surveyed said that they regularly stored documents which contain personal information or sensitive data at work.

  • 37% of the participants indicated that they have had access to the salaries, bonuses, and other personal data while at work.

The study also indicated that 33% of the study’s participants admitted to having access to files at a previous workplace. For workers who leave the job on a wrong note, such access could prove to be problematic.

By working together, HR professionals and IT departments can help to ensure better security of sensitive data, even as more and more of it becomes digitized. Such security precautions can be accomplished by stressing to all employees the importance of data security and their responsibility in ensuring it at every level.

HR departments should have information such as personal data of employees and other sensitive data in a safe folder that has highly restricted access. Workers should be encouraged to make backups of confidential and personal information and keep it in a secure place. Companies are also encouraged to consult with a cybersecurity firm to help determine best practices for their own organizations.