Why Aren’t HR Managers Prioritising Employee Data Security?

22nd November 2019

Despite their place in the wellbeing and security of employees, research has found that HR professionals lack concern when it comes to protecting their data. 

What You Need To Know 

  • According to a new GetApp survey, 41% of employers don’t train all of their HR department in protecting employee data.
  • More than a third of respondents said they are operating without a policy in place to protect employees’ data, and only 21% are aware of the General Data Protection Regulation (GDPR).
  • One-fifth of respondents said they don’t have enough time to draft a policy.

These concerning attitudes around data protection play a significant role in business vulnerability. In just the first half of 2019, data breaches exposed 4.1 billion records

And with the source of cybersecurity attacks often being internal, responsibility must fall with management before perspectives can change. 

The Problem: Poor Management 

When management fail to set a precedent of good practice, they leave their business open to negligent staff behaviours including the use of work mobiles for online shopping. 

In fact, more than half (61%) of participants in a Zix-AppRiver report know that online shopping is risky for their business information and customers, but believe it is “a fact of life; and there is not much I could do about it”

This nonchalant response to serious data risks only encourages more of the same tendencies. 

A staggering 81% of hacking-related breaches leveraged either stolen and/or weak passwords, yet employees continue to reuse passwords in the workplace. 

When outside of the office environment, they also frequent messaging apps like WhatsApp, Facebook Messenger, and Skype as often as six times a day for work purposes without HR’s knowledge, putting their data at risk. 

Given so many individuals have been granted this flexibility of working from home, it has become increasingly difficult to prevent these behaviours. 

Even if businesses do operate with and update their policies, there is always the underlying threat of non-compliance from employees.

So how can organisations keep their data secure in this new age of deskless working? 

The Solution: Implementing Training Programs And New Technology 

Though it could be argued that organisations have been slow to take action, many business owners and HR managers are beginning to take data seriously.

By 2020, security services are expected to account for 50% of cybersecurity budgets.

With this in mind, introducing the correct type of training and technology is the first step towards closing risk gaps throughout the workplace. 

RiskView is a cost-effective tool for measuring non-compliance across a wide range of data sources. 

Quickly searching for sensitive information within company emails, online chat, and devices, our technology highlights the misuse of data. 

With instant access to a detailed audit, businesses can establish an effective training program to educate both their internal and deskless employees on data handling. 

RiskView ensures you have a full understanding of how your data is being handled. To book a demonstration, contact our team of experts today.

View More Articles