A number of years ago, approximately one month after leaving a previous organisation I worked for, I received an email from the HR department with an excel spreadsheet attached that contained the sales plans and compensation for the entire local sales team in the Australia and New Zealand office. Apparently I had the same first name as the intended recipient and as I had been in conversation with the HR team based around my departure. As that person started typing in the “‘To” field, my name popped up and I was selected as the recipient by mistake.

Having experienced firsthand how easy it is for a simple typo to cause the leakage of valuable information, I can understand how over half of the reported breaches under the new Australian Notifiable Data breach act were the fault of human error. The statistics for January-March show that approximately 51 percent of breaches reported in the Notifiable Data breach were as a result of human error. This is still less than the global average reported by the Ponemon Institute for 2017 which reported that nearly 70 percent of compromised records last year was the result of human error.

What are the main causes of a data breach? 

Common errors are the misconfiguration of a database or an error in the way a cloud server has been provisioned which can lead to much bigger data breaches than an actual cyber intrusion. Also a common misconception is with cloud security. Moving your data to the cloud doesn’t actually mean it’s any more or less secure than it was if you kept it in house, and it’s not Microsoft or Amazons responsibility to secure your data, it’s yours.

Users make mistakes, and due to any number of reasons such as working double shifts in a hospital, working over the weekend at the office getting that project done while keeping an eye on the sports game or just trying to multi-task to get more done, there is a chance that you can forget to do something that results in some form of data loss.

How to reduce data breaches caused by human error

There are a few simple ways to help reduce the amount of ways human error can lead to the exposure of data records. One of those is through automation, especially around cloud provisioning or database configurations. By using run book automation and removing the human involvement in these two areas, you can greatly reduce the chances of error as the same rules are being applied time after time. IT personnel no longer have to manually configure something on local or cloud provisioned systems.

The same concept of automation applies to patch management , which can be the result of a human error during a patch cycle, but can lead to malicious attacks as important patches either aren’t applied or configured correctly leaving holes in your network ready for attackers to exploit. Automation can help with this by taking the vulnerability scanning, and patch deployment tasks away from the IT person and letting them run in an automated and controlled fashion.

By using automation. you also get the added benefits of time savings and increased security. You no longer have to work those extra hours doing the same tasks over and over plus the organization improves its security posture by knowing that tried and tested provisioning steps, configurations or patch steps are being carried out on time.

For information on how Ivanti can help you automate your infrastructure, click here.