It’s a dark and rainy night in October. You are alone in a cottage on the countryside that you have rented over the weekend to get away from the busy city. Tonight, you are going to relax on the sofa with a movie, some lit candles, and lots of delicious snacks. You take your popcorn bowl, sit down in the sofa, and just manage to turn on the movie when you suddenly hear something coming from the hallway. Slowly you turn around to locate the source of the sound, but you can’t see anything. The hallway is as empty as it was just a minute ago. You wait for a few minutes, but everything is still quiet. Only the rustling of the leaves in the trees outside can be heard.
You decide that the sound must have come from the house itself. Old buildings do this after all – move and crack in a way that you never experience in the city.
Once more, you make yourself comfortable, relax and hit the play button on the controller. But only a few minutes pass before you hear a loud thud. That was definitely NOT the house. Slowly you rise, with every fiber of your being on high alert. You step out in the dark hallway, reach for the light switch, and just have enough time to see him, Human Error, before he throws himself over you and a fight for life and death starts.
The return of the data breach
It’s true that we might not get physically attacked by human error a late Halloween night. But it is becoming more and more common for data breaches to turn into real life horror stories for the affected businesses. We have seen huge organizations like Facebook, Uber and Yahoo fall victims to breaches and expensive fines being just one of many consequences.
This is why we at SmartLockr have created a survival guide just for you. Learn how to protect yourself against two of the biggest cyber monsters: Human Error and Unsecure Filesharing.
Unsecure filesharing – The uninvited guest
“The call is coming from inside the house!”. Just like in the horror classic When a stranger calls, internal threats are a big issue when it comes to cybersecurity. The reality is that data breaches caused by mistakes are far more likely to happen than those caused by external attacks, like ransomware, malware, or hacking. And unsecure filesharing is a big villain when it comes to internal threats.
Digital services for filesharing, like WeTranfer, are without a doubt handy, but they aren’t very secure. To send your files, you first have to upload all your information on the service’s own server. This is not an issue, as the process is encrypted. The problem is the unencrypted version of your data that is sent to the recipient. It is completely vulnerable, and it would be easy for a third party to break in and access your information.
Aside from that, all anyone need to access your files is a link. Since the link isn’t protected with multifactor authentication, anyone who has it can also spread it without your control. And poof, suddenly your sensitive data is all out in the open and you have a data breach on your hands.
Read more about secure filesharing here.
Human error – The curse that always follows you
”One, two, human error is coming for you!”. 95% of all cybersecurity breaches are caused by human error: A threat that always hangs over your organization. Small mistakes like sending a message to the wrong recipient or attaching an incorrect file are easy to make, but they can lead to gigantic consequences.
Read about 5 examples of real data breaches caused by human error here.
Human error is the most common cause of data breaches, even when it's not Halloween.
A clear example of this, is the Dutch municipality Assen where an employee accidentally sent a file containing the personal data of 530 people to the wrong email address.
This mistake could only have been averted by raising the awareness of the sender. It shows how important it is to invest in a solution for data protection that focuses on preventing human error. Without it, it is only a matter of time before a mistake will happen.
In more dramatic, horror movie lingo: Your days are numbered before human error crawls out of the metaphorical TV screen and drags you down to its well MOHAHAHA.
How do you solve these issues? – "The power of Christ compels you"
The answer is to invest in a solution for secure email and file sharing that focuses on preventing human error. These are the three most important criteria to consider:
To prevent human error in digital communication, you need a solution that puts this problem in the spotlight. SmartLockr makes sure that you are always aware of who you send your emails to, which files you are sharing and if any sensitive data is included. This is done with the help of smart systems that recognize trigger words, like ‘account number’, and turn SmartLockr on automatically. It is also completely integrated with your messaging client.
This allows you to focus on your job, while we take care of the security.
Zero knowledge end-to-end encryption
When you share sensitive data digitally it’s important to use a solution that encrypts your messages and files from start to finish. This is called end-to-end encryption and it is what SmartLockr uses to protect your data from unauthorized access.
Additionally, SmartLockr works with zero knowledge, which means that only the sender and the recipient has access to the encryption keys. Not even we have a copy. This means that even if your emails or files would end up in the wrong hands, they would be unreadable and therefore useless. Learn everything you need to know about encryption here.
If your organization handles any type of personal data, it is also important to consider regulations like the GDPR. To be compliant you would need both the right type of encryption and to store your data in the correct way.
Are your personal data saved in a US cloud without the correct encryption? Then you are not following GDPR.
In 2020, the Schrems II verdict ruled that European organizations are no longer allowed to store personal data in US clouds. The reason is that an American law, the Cloud Act, allows US authorities to request information from any cloud that is owned by an American company. This is a direct violation of the GDPR.
We take GDPR compliancy seriously, which is why we use end-to-end encryption with zero knowledge. This guarantees that no one without encryption keys can access your data in any meaningful way. And like mentioned above: Only the sender and the receiver have the encryption keys.
Do you feel ready to enter the night and take up the fight against the cyber monsters? Well, SmartLockr’s got your back! With weapons, garlic, and crosses if need be. We are more than happy to tell you about how we can protect your organization. Read more about how to prevent data breaches in our free e-book below.