It’s in the news again – another company had a data security breach. This time it was Sony and this time there was an interesting twist to the story.
Most of us were impacted by some of the data security breaches that have affected other companies recently – companies like:
- Target
- JP Morgan Chase
- Home Depot
We were told to change our passwords and monitor our credit and bank accounts for suspicious activity because these represented a data security breach related to financial information. The consequence to each of these companies for the data security breach has been astronomical, which one would expect when it comes to compromised financial information.
Where the data security breach with Sony is a little different is in the kind of information that was compromised and the resulting damage. This data security breach exposed information about Sony’s current and past employees and confidential company projects, things like:
- Employee emails
- Upcoming movies
- Social security numbers
It’s one thing to offer free credit monitoring services when a data security breach compromises someone’s financial information, but what do you do when everyone now knows that one of your employees has been trying, unsuccessfully, to get pregnant? When it becomes public knowledge that an employee is racist – and now everyone knows their name? When all your competitors know what your next few movie projects are going to be about?
It’s complicated.
On the TechCrunch blog on December 16, 2014, author Alexia Tsotsis titles her post, “Employee Data Breach the Worst Part of Sony Hack” and says,
The one lesson that’s the hardest to stomach is that you (an employee) may be doing everything possible to protect yourself online, but your employer may be laissez faire about the whole thing. This is the position that over 6,500 current (and many former) employees of Sony find themselves in today.
Business owners and managers, and especially human resource managers, need to be aware that they have an obligation to protect their employees from a data security breach as much as they do their customers. Financial damages aren’t the only damages associated with a data security breach – privacy and reputation can also be damaged. And the way most people deal with damages these days is through lawsuits – and now Sony is facing two of them from former employees.
A data security breach isn’t just a threat to data containing devices that are currently in use – out of service devices pose just as great a threat.
Those old electronics you have stored just waiting for time to get rid of are exposing you to liability. That employee who wants to take home that old CPU or laptop that is no longer needed at the office so their son can use it to play games with – seems harmless – is exposing you to liability. You may not think they hold any important information, but it only takes one personal email from an ex-employee to be made public, exposing them in ways they didn’t intend, to cause you problems you don’t need.
It’s hard to protect yourself completely from a data security breach from devices that are currently in use – but with a good plan in place and partnership with the right company, you can virtually eliminate your liability from a data security breach on your unwanted, outdated, out-of-use electronics. That is our goal – to shift that liability from you and your company to ours. Contact us to find out how we can do that for you.