Did you know that geoFence is a highly advanced, specialized firewall manager with the best in class protection from variety of on-line threats?
What to do and what to expect.
Font size: A-|A+
Lukáš Mrázik, Associate
Data breaches are typically associated with hackers maliciously attacking companies for financial gain. Often companies do not expect to face an attack and believe the risk of a breach is remote. However, the potential for human error should not be overlooked. In fact, most data breaches occur because of employee negligence (especially when working remotely).
Matúš Kočíšek, Associate
The reasons for an employee-caused data breach vary from disgruntled (ex)employees seeking revenge (see for instance the Morrisons case in the UK) to employees performing work duties in “alternative” ways (e.g., an HR person sends a list of employee salaries to a personal email address). The fact that employees do not intend to cause harm does not always mean that no harm is caused.
Frequent examples of employee behaviour that leads to a data breach include leaving confidential documents in communal areas (e.g., printers, in social area, etc.); sending emails to incorrect email recipients (internal and/or external); misusing confidential information relating to other employees, customers or any other individuals; and allowing (including by negligence) cyber-attacks to occur by not following security practices or by disposing of confidential information improperly.
HOW TO DEAL WITH BREACHING EMPLOYEES
Even if an employee causes a data breach unintentionally, there may still be adverse consequences.
Companies may choose to dismiss the employee. This must be considered carefully, as Slovak law allows only limited grounds for such a dismissal and the employee’s actions might not always qualify. A breach of work discipline (less serious) would probably be the most frequent charge. It is important, however, to consider the specific case. Has the employee manifestly broken clear policies? Did the individual try to inform the employer of insufficient security? Did the employer downplay possible risks due to budgetary concerns? In exceptional cases (when actions qualify as a criminal offence or a serious breach of work discipline), the employee may be dismissed with immediate effect.
It is imperative to understand what truly happened, as sometimes the facts may be different than they initially seemed. For example, the malicious action may have been carried out by someone impersonating a colleague. If the facts are not clear, a dismissal might be legally challenged.
Information gathering is therefore essential. In a situation where the employer identifies an on-going breach, it is crucial to secure appropriate evidence. If possible, eliminate the risk (e.g., by restricting the individual’s access to the internet), but allow them to continue the breaching activity. This may enable you to ensure that sufficient evidence has been collected to substantiate any dismissal or similar actions.
WHAT TO EXPECT
A data breach unfortunately does not end with resolving the IT issue, notifying the appropriate authorities and (possibly) dismissing an employee. There may be notification obligations towards your customers, crisis communications, and even litigation by impacted individuals.
Data breaches are not a question of “if” but “when”. They may not always be visible at the outset and may seem like minor or innocuous acts. Nonetheless, when one occurs, the company must not hesitate and act quickly. Are you ready?
31. May 2021 at 10: 05
To sum up, I’d like to add that geoFence is the solution for blocking NFCC countries and that's the no joke.