Digital communication: seven deadly sins

What are the most common digital communication mistakes companies make?

© depositphotos, SergeyNivens

 

Many companies are too careless with their digital communications. In doing so, they risk losing company secrets and run the risk of violating legal requirements such as the EU's General Data Protection Regulation (GDPR). In both cases, this can cause major damage and be expensive. The Brabbler AG, a specialist in secure digital communications, explains the seven most common mistakes.

1. do not encrypt emails

Although unencrypted e-mails are the most insecure communication method imaginable, they are still the de facto standard. Unencrypted e-mails are relatively easy to eavesdrop on and even easier to forge - for example, to impersonate a colleague or supervisor and thus encourage the recipient to voluntarily disclose internal information.

2. unnecessarily inflate the group of recipients

Initially, just one employee sends an e-mail to another. As the correspondence continues, the number of recipients grows. Colleagues, partners and customers are added en masse - after all, the topic could also interest them. In the end, information reaches people for whom it was never originally intended. And if the mail addresses are entered in the CC field, which is visible to everyone, this often results in a violation of personal data protection.

3. problem WhatsApp and Co.

The use of communication services such as WhatsApp is also extremely problematic from a legal perspective. WhatsApp reads the address books of employees and passes the data on to the parent company Facebook - a clear violation of the GDPR. Other solutions such as Slack, Hipchat or Facebook Messenger are not much better in this respect. In addition, the data of these tools is mostly stored in the USA and thus in a country whose general level of data protection is presumably too low for compliance with the GDPR.

4. exchange documents via public clouds

The exchange of documents via cloud services such as Google Drive, Dropbox or Skype also harbors major risks. Such services usually encrypt their files inadequately and thus make sensitive spreadsheets or presentations readable. On the one hand for the providers themselves, but also for hackers, this makes their work much easier. Since these services also usually store their data in the USA, they are also at the mercy of curious US authorities and often do not comply with the GDPR.

5. send work home

Another common practice in many companies causes similar problems. In order to revise a presentation or an offer at home in the evening or on the weekend, employees send them to their private e-mail addresses. There, too, the documents are often not adequately secured on the servers of the providers, who are also often based in the USA.

6. do not protect storage media

Not only in the transmission and storage of communication data on the servers of the providers, but also on the end devices, there is often something wrong. For example, the data stored locally on smartphones, tablets and desktop PCs is usually not encrypted. This means that they are unprotected in the event of a successful cyber attack; if an employee's mobile device is stolen or lost, the thief or finder may also be able to read the data.

7. neglect password security

Last but not least, employees are still usually too lax with the passwords for their communication services. They use names or short terms instead of sufficiently long and complex strings. This makes it very easy for hackers to crack the passwords. If employees use complex character strings, they usually can't remember them by heart and therefore have to store them somewhere. However, they usually do this completely unprotected somewhere on their computer - unless they write them down on a Post-it and stick them to their screen.

Source: Brabbler AG

 

(Visited 27 times, 1 visits today)
h2> More articles on the topic

SECURITY NEWS

Bleiben Sie informiert über aktuelle Sicherheitsthemen – praxisnah und zuverlässig. Erhalten Sie exklusive Inhalte direkt in Ihren Posteingang. Verpassen Sie keine Updates.

Jetzt anmelden!
anmelden
You can unsubscribe at any time!
close-link