Human Error: The Greatest Risk And Root Cause Of Data Security

Author:Mr Richard Bortnick
Profession:Cozen O'Connor

Whether discussing data encryption, network security, or internal data privacy management practices and policies, the most sophisticated IT security protocols, the most learned team of specialists, and the most compliant of data management practices and policies cannot escape, prevent, or remedy what many businesses and organizations have rightly labeled as the root cause of data security failures: human error. While they tend to possess greater network security than smaller organizations, the risk of human error should be of particular a concern to medium and large size organizations whose internal controls over data and employees are inevitably diluted by their size and numbers.

Compounding this problem is an environment in which data is becoming easier and cheaper to store. Think for a moment of the difference between a manual filing system versus a USB Flash Drive. For only a few dollars, thousands of pages of data can be uploaded, downloaded, or stored on a single data storage device, which is easily removable, transferable, rewritable, and physically much smaller. As the trend in media storage devices is towards diversification as well as improvement in size and price per capacity, the duplication and multiplication of data is favored, and the risk of data mismanagement through human error is further increased.

The risk of exposure created by human error and our current technological landscape was recently illustrated in Ontario, Canada, when the names, birth dates, addresses and gender of 2.4 million Ontario voters was recently compromised after two memory sticks where mishandled by employees of an elections warehouse. Despite having internal policies in place to this effect, the data was neither...

To continue reading