Human Error Accounts for 35% of Data Breaches

This week the Office of the Australian Information Commissioner (OAIC) released their first annual report on the operation of the Notifiable Data Breaches Scheme. One of their key findings is that Human Error accounts for a massive 35% of data breaches.

When the OAIC further broke down their data into sub-categories, they saw that 13.5% of human error breaches (46 in total) were attributed to loss of paperwork or a data storage device.

While it points to the need to have a strict mobile device management policy in place so that you can remotely wipe access to files in the event of a lost asset, it also drives home the importance of ensuring that your end-of-life processes for erasing drives and flash storage devices are carried out to international standards like ISO 27001: Information Security Management.

There are plenty of examples of in-house teams failing to sanitise all drives or failing to destroy the sensitive data on every drive before devices exit the organisation. We frequently see that data is still present on devices marked as “deleted” before they are sent for data sanitisation.

The Takeaway

The simple fact is that humans make mistakes. The IT Asset Disposition processes at ACT Logistics catch them, keeping your information secure as intended.

Source:
Office of the Australian Information Commissioner Notifiable Data Breaches Scheme 12‑month Insights Report. https://www.oaic.gov.au/privacy-law/privacy-act/notifiable-data-breaches-scheme/quarterly-statistics-reports/notifiable-data-breaches-scheme-12-month-insights-report