How to Prevent Data Security Leaks Caused by Human Error

The speed of business has accelerated to the point where data must be available at all times to empower productive employees. This data portability has created a data security nightmare for many organizations since poor data security puts company viability and competitiveness at risk. Here, Knowledge Center contributor Angel Mehta explains how to use enterprise rights management as well as e-mail and instant messaging solutions to prevent data security leaks caused by human error.


While malicious users are always on the minds of enterprise IT teams, employees who are sometimes just careless concerns IT teams as well. A recent spate of data leaks attributed to simple human error shows the critical role that data access plays in the protection of confidential corporate information.

Earlier this year, for example, Google blamed human error as the cause of a major data leak it experienced within its Local Business Center (since renamed Google Places). A Google customer that invested in a listing with the search giant found that information on their listing, the search terms people used before clicking it and other related data was sent to third parties. There was nothing malicious about the act; Google describes the incident as an employee simply copying and pasting the information from one template to an incorrect one.

But this does not nullify the damage done. If the information was sent to a competitor, for instance, Google's customer would have been put at a serious strategic disadvantage and would have likely cut its ties with the search giant. Mea culpas don't always work in the corporate world, as data leaks can fatally wound partnerships. Confidential files can be whisked around the globe in only a few clicks so it is imperative that enterprises safeguard their sensitive information from both malicious users and their own employees' carelessness.

Sterling-Hoffman's data security strategy

The central tenet of Sterling-Hoffman's data security strategy is that any measure that allows employees to visually recreate documents is useless. Whether it's copying information on the screen to another file or even snapping a photo using a camera phone, the battle is lost once malicious insiders have data on the screen. Despite this fact, enterprises cannot impose overly aggressive data protection policies because they then run the risk of inhibiting productivity, thus dulling their competitive edge. This is why we have implemented a comprehensive data security strategy that protects information at its source, as well as on primary communications channels, to prevent leaks.