Several years ago, my home desktop was wiped by malware. A pop-up said something ridiculous about how I was in trouble with the Feds for illegal activity. It said I should call a 1-800 number and pay to have it straightened out.
I wasn’t inept—I knew not to click in the pop-up, and I knew it wasn’t true. But I didn’t know that the pop-up’s appearance meant my computer was already compromised. After 30 minutes of trying to exit out of it and eventually ignoring it, I manually shut off the computer. I figured it would be fine when I turned it back on.
I was wrong. My computer guy was able to restore everything except some pictures. Years of precious photos are unrecoverable because I didn’t handle the security threat correctly—and I didn’t have backups of my photos.
If you’re like me, information governance (IG) isn’t at the top of your priority list when you’re checking email or trolling Buzzfeed at home. But when I’m at work, it should be.
Just because your document distribution processes haven’t majorly failed yet doesn’t mean they won’t soon. By continuing to do things the way you always have, you expose yourself to loads of security threats.
One successful attack could undermine your entire business.
Regardless of the power you have to change the way your company distributes documents, being informed of potential security threats is the first step away from risk-riddled document distribution.
Keep reading to learn about 8 natural, environmental, and human security threats that may be lurking in your document distribution processes.
1. Storm damage
As much as we lament the ability of weather forecasters to predict the everyday weather, we usually have some heads up when something serious is coming our way. Yet even with ample notice, you can only safeguard yourself to a point. From hailstorms to hurricanes, predicting damage before it happens is difficult.
Your location factors heavily into the kind of storm damage that could compromise your document distribution security. For example, Minnesotan companies should prepare for blizzards and tornadoes before they consider preparing for hurricanes and earthquakes.
2. Lightning strikes
Unless your company is near the summit of one of the 41 mountains with an elevation over 25,000 feet, lightning strikes are a real risk. The resulting fires and electrical shortages would certainly affect your ability to print, compile, and mail important documents.
3. Chemical leakage
There’s no question about it: chemical leaks are disastrous. Their effects can be felt immediately or years down the road. Short of accidentally creating a superhero, nothing good comes of chemical spills.
If the chemical spill doesn’t kill you outright, it could still shut down any number of steps in your manual document distribution processes.
Whether or not you believe climate change is an issue, pollution effects many things. There could be an air quality advisory that prevents you from getting to work and signing for the documents that came in the mail today. Or the air quality advisory could be in the city where the sender works, preventing them from mailing them to you for your signature.
You may have sighed a bit as you read the natural and environmental security risks. After all, the chance of a lightning strike creating a surge in electricity that shorts all your printers is low. It could happen, though.
As far as probability of a threat becoming a reality, the real risk is you and me—people.
Check out the infographic below to find out the difference between inside and outside security threats. Whether coming from inside or outside your company, though, remember this: they all come from people.
5. Disgruntled employees
Hopefully, you have protocol in place to protect enterprise data when employees or contractors leave.
With electronic documents, you might have the option to change user permissions without much to-do.
If you rely on email to share important reports, it’s difficult to control attachments.
Physical documents get even trickier. How do you stop a disgruntled employee from folding an important document and slipping it into their bag as they leave?
And even if it’s just a department switch, do you have security measures in place to revoke their access to reports and documents they don’t need anymore?
Okay, let’s assume everyone at your company likes their current position, pay, and the company overall, so they aren’t going to start dabbling in corporate espionage. That doesn’t remove what might be the biggest security risk in your document distribution process: forgetfulness.
We aren’t robots. So, we don’t always remember to shred documents as soon as possible. Or maybe we print a document and then forget to pick it up. Or maybe we don’t sign out of our computers every time we get up from our desks.
Many guidelines that should reduce security threats hinge on our ability to remember and follow through on them.
Depending on what year and source you look at, hacking may or may not account for the majority of security breaches. In 2015, it was the top cause, responsible for 31 percent of the security breaches that year.
Although hacking doesn’t always account for most security breaches, you shouldn’t dismiss it. Malware and phishing attacks become more sophisticated each day. Unfortunately, many malware and phishing attacks are only successful because of employee negligence.
You’ll want to keep employees up to date on the most pressing risks. And make sure they know what to do if they think they’ve been hacked.
8. Theft and loss
Do you bring your work laptop home with you? What precautions do you take against theft? If someone steals it, what’s stopping the thief from logging on and stumbling onto sensitive information?
You may think it will never happen to you, but people get robbed every day. And we forgetful humans lose things all the time, too. In fact, 68 percent of healthcare data breaches between 2010 and 2014 were due to device theft or loss.
If your document distribution process consists of emailing documents to clients or colleagues, you should be concerned about device loss and theft.
And if you don’t email documents, you probably print them. Companies that print documents for distribution can just as easily lose them or have them stolen. Your mail carrier, mailbox, or desk could easily be compromised.
I guess the biggest thing you should keep in mind is that having your distribution processes in your physical building—because you mail or email documents—creates more security risks than you realize. If you must be in your office to share enterprise documents, you’re creating unnecessary security risks.
Another thing to remember is that although you can prepare for natural and environmental disasters, there is little you can do to prevent them. Plus, the consequences of natural and environmental disasters tend to be smaller than those of human. There probably aren’t hackers waiting for a blizzard to knock out your power before they breach your security.
While it’s important to safeguard against natural and environmental security threats, when we’re talking about document distribution, the 2 best investments you can make are…
- Improve your document distribution with automation
- Train users so they know what the biggest security threats are and how to combat them
What you can do now
Awareness of the problem is the first step to solving it. Use the following guides to get a better grasp of what you need to change or improve in your document distribution pipeline.
- Work through this Cyber Security Checklist from CySure
- Consult this Cyber Security Planning Guide from the Federal Communications Commission
- Complete the National Institute of Health’s Security and Information Management Training Courses