SUBSCRIBE: Newsletter

Human Resources



Finance and HR staff pose the biggest security risk to firms

Learn at your own convenience with Uniqskills Asia. Top quality online training courses
accessible anywhere, anytime. Learn more about the available courses »

Just because HR can help to stop data breaches doesn’t mean it might not have a role in causing it.

The HR department is, in fact, among the biggest security threats to organisations today.

That was the key finding of a survey by Clearswift, which polled over 500 information technology decision makers and 4000 employees.

The report found nearly half of respondents (46%) indicated that finance departments posed a security threat to their organisation.

Almost four out of 10 (39%) said the same of the HR function.

The report suggested such results might be attributed to the fact that finance and HR hold sensitive data, and might be prone to accidently sending personal (salaries, social security numbers, bank accounts, etc.) or proprietary (contracts, customer details, etc.) information to the wrong person(s).

ALSO READ: Singapore firms lose $1.3 billion from data loss and unplanned downtime

“Despite all the security worries about people working out of the office on whatever devices they want, those in the office actually have easier access to sensitive data, so are more likely to lose it,” explained Heath Davies, chief executive officer, Clearswift.

“We’re not proposing targeting individuals, but if you can understand the combination of factors that make certain people in certain roles more of a risk, you can focus your resources on ensuring those breaches don’t happen.”

The survey also profiled the type of individual most likely to cause such breaches.

It found 33% of respondents believed middle management posed the biggest security threat (compared to 19% for senior management and 16% for executives).

Almost half (49%) stated that permanenet employees are more likely to cause a breach, with 79% saying male employees were more likely to do so than female ones.

“Senior managers are generally in tune with the consequences of data loss, while junior people often don’t have access to the kind of data that can cause disasters,” said Davies.

“Middle aged, middle managers are in between – having access to the data, but no obvious stake in the consequences of losing it. They are also more likely to be under time and financial pressure, and so may be more inclined to take risks.”

Image: Shutterstock

Human Resources magazine and the HR Bulletin daily email newsletter:
Asia's only regional HR print and digital media brand.
Register for your FREE subscription now »

Read More News


Leave a Reply

You must be logged in to post a comment.