We all understand the importance of protecting our organisations’ data against malicious attacks. But did you know that 38 per cent of the breach notifications received under Australia’s Notifiable Data Breaches scheme resulted from human error?
The Office of the Australian Information Commissioner (OAIC) made this startling finding in its July–December 2020 report—and it’s an 18 per cent jump from the previous half year.
The OAIC identified the pandemic as a possible reason for the increase. And there’s little doubt that data leaks would be more likely if the sudden shift to remote working resulted in looser controls over business files and data.
But regardless of the reasons, it’s a wake-up call for every enterprise. We need to secure our organisations’ sensitive documents, no matter where our people are located. Here’s how to achieve that and mitigate the risks of leaks and breaches.
1. Digitise your organisation’s important documents
Think your paper documents are secure? Think again. No amount of physical security can protect them from being misplaced or damaged—or stop someone from scanning or using a mobile device to photograph them. Then there are the other downsides, such as the costs associated with storing, printing and shredding paper documents, and the difficulties with collaborating on them.
The solution is to digitise your business documents, so you can put in place the security controls needed to restrict who has access to them and what they can do with them. An enterprise content management (ECM) system can do this and more.
2. Consolidate your important documents into your enterprise solution
Even if your documents are digitised, they may be stored in disparate locations and systems. That makes them difficult to secure and comply with the many pieces of legislation regulating how information should be kept and used.
An ECM system can consolidate all your documents, records and other content into one centralised place. This makes it easier to keep track of your organisation’s documents and comply with statutory and regulatory recordkeeping requirements.
However, to be most effective, your ECM system should make it easy for your people to capture, manage and secure all your enterprise’s information. This will greatly reduce the potential for non-compliance of recordkeeping policies and processes.
3. Ensure the right people have the right access to documents
One problem with basic digital storage systems is that it’s difficult to control who has access to sensitive information. Like many organisations, you may need to classify documents based on the sensitivity of the information. For example, you might have classifications for public, internal, restricted and highly confidential documents.
An ECM can allow you to put controls in place to allow only authorised users or teams to access certain types of documents. What’s more, you can implement fine-grained controls to reduce the risk of information being inappropriately accessed, altered or deleted.
However, with flexible work arrangements likely to continue in many businesses into the foreseeable future, documents need to be secure no matter where your people are accessing them from. With a Software as a Service (SaaS) ECM system, your teams can securely store and access content from anywhere, on any device.