Why every HR team needs stronger communication security…now

A staggering 91% of data breaches occur at the communication layer – with email being the primary source.

While some breaches are caused by phishing attacks, many information leaks result from well-intentioned employees making accidental mistakes.

Unfortunately, breaches often are not identified until well after they have occurred (if it at all).

As an HR professional, you have likely been trained on how to spot email phishing attacks and other suspicious behavior.

However, despite maintaining good cyber hygiene, it’s possible that you have fallen victim to security vulnerabilities at the hands of others inside your organization.

When you send information over email, you lose control over the security, access and permissions (e.g., printing, forwarding, copying, etc.) of your data.

It’s also very difficult to know if your recipient maintains good cyber hygiene or if they have fallen victim to a phishing attack, thereby allowing others to read their emails.

How do you prevent your information from leaking to unauthorized people?

It’s important to establish a plan for:

  1. What information needs protecting
  2. Who should be able to see your information, and
  3. How can to control your information after it has been sent.

We’ve found that most HR departments need to protect data relating to hiring/firing/furloughs, opening/closing of locations, internal investigations, compensation/benefits and other sensitive topics.

Given its sensitive nature, it’s critical that only authorized people have access to this information.

Managers should control what others can do with sensitive data, including whether they can forward, print, copy or edit the information.

Additionally, the ability to delete/destroy/archive conversations and documents can be of paramount importance.

Since email, text message, and team collaboration platforms don’t provide the described level of privacy, security and control, “what does?”

First, let’s identify the technology you should be using:

  • Automatic message and document encryption
    • Manually encrypting and decrypting messages and files is frustrating and time consuming. Similarly, assigning passwords to documents is impossible to manage. Solutions with automatic encrypting and decrypting of data ensure your data is secure, your company is compliant, and your people are happy.
  • Zero knowledge
    • Did you know that most tech companies have access to your data? Ensure you choose a communication solution who is unable to access your information and thus has “zero-knowledge” of your messages.
  • Zero trust
    • You shouldn’t have to trust a third party, the platform you’re using, or the cloud with your sensitive information. Use a platform that gives you granular access controls over your data so you can enforce policy through technology, not the other way around.

What solution offers this technology?

Despite everything you do, you don’t have control over other people. We recommend using technology, rather than relying on other people, to stay in control of your information.

If you’d like to learn more, you can schedule time with us here.

Recent Posts

Before you travel this summer, read this.

Now that most travel restrictions have lifted, people are flocking to the airport for a much-needed vacation. If you’re taking a trip, you’ll need to bring a few important documents … Read More

So Your Child is Headed Off to College… Here’s Why You Need LockDown

The grad caps have been tossed, a long awaited high school diploma has been received, and it’s time for your kid to leave the nest. There’s no doubt you have … Read More

The Low Down on LockDown Business

LockDown Business is an encrypted communication platform that offers businesses tight controls over the information they send and share. Here is everything you need to know to understand how LockDown … Read More