If you are a Generation X computer nerd, then when you were a teenager, your parents most likely used to boast about how your computer skills would be valuable on the job market. These days, nearly paperless offices were becoming the norm even before the pandemic. Companies of all sizes store enormous volumes of information online and on computer hard disks, and every company has employees who know how to access this data. On the one hand, it is safer; the old generation remembers how much work it is to photocopy hundreds of pages of documents, compared to clicking “save” on a word document or, even better, having a Google doc automatically save the new information entered into it several times per minute. It is more dangerous, however, because, with just a few clicks, data thieves can steal your company’s proprietary information or, even worse, the identity data, bank account numbers, and credit card information, of your company’s employees, vendors, and customers. The Charlotte data breach lawyers at HKM Employment Attorneys LLP can advise you on developing a breach-proof data security strategy and can help you manage legal disputes that arise in connection to workplace data breaches.
Workplace Data Breaches: A Nightmare for Business Owners and Identity Theft Victims
Think about how much of a hassle it is when someone makes a fraudulent purchase on your credit card. First, you have to deal with having fewer funds available than you were counting on having, at least in the short term. Then, you have to notify your credit company about which charges are legitimate and which ones are not. It involves hours of waiting on hold to talk to a representative and then having to prove that you are telling the truth, and it could take weeks or months before the money gets credited back to you. Now imagine that happening to thousands of people, and it is your responsibility.
Workplace data breaches can happen quickly; all it takes is for one person to fall for the scam. The most common way for workplace data breaches to happen is through business email phishing scams. For example, the scammers might send an email from a fake address that looks like it is coming from your company’s IT department, perhaps even with your company logo, asking employees to verify their email passwords. Once the scammers access one employee’s email, they have access to all the confidential information stored on the employee’s email account, including in files sent or received as attachments. Things get even worse if the same password grants access not only to email, but also to an employee portal where the employee’s tax forms, social security number and all, are kept. It does not take long for the scammers to steal the identities of hundreds or thousands of people.
Ways to Protect Your Company From Theft of Stored Data
Your data security strategy is your best defense against breaches of your company’s data and devices where sensitive data is stored. These are some measures you can take to protect your company from data breaches:
- Institute company-wide measures regarding email password security. Set up your company’s email system such that it will only allow employees to set strong passwords. The strongest passwords are at least eight characters long, are not commonly used words in the English language (nothing that would not get a red underline from Microsoft Word’s spell check function, for example), and contain a mix of uppercase letters, lowercase letters, numerals, and special characters. Your email system should require employees to change their passwords every 90 days.
- Do not allow employees to use the same password to access all areas of your company’s virtual infrastructure. Require employees to set up different passwords and PINs to access email, the employee information portal, and office computers, for example. To ensure that employees do not use the same password across all accounts, set different requirements for length and for which characters are permissible.
- Use two-factor authentication when possible, such that employees will have to verify, using their phones, when they have attempted to sign into their work email.
- Do not respond to emails that request your password or link to a form that asks you to enter it. If you see an email like this, notify the IT department. Management should ask the IT department to send out an email to all employees, warning of the phishing scam, when one is detected.
- Encourage employees not to store passwords on their devices.
Dealing With the Fallout From Workplace Data Breaches
Data breaches can result in costly lawsuits. In fact, HKM Employment Attorneys LLP has represented data breach victims in several class action lawsuits against companies that experienced a breach. The data breach lawyers at HKM Employment Attorneys LLP can help you join a class action lawsuit if your data has been stolen. Even when companies exercise the utmost caution in protecting their data, breaches are still possible. Data breach insurance is available to business owners and can pay claims filed by customers and employees whose data was stolen in an email phishing scam or other type of data breach.
Of course, if you have ever tried to get an insurance company to reimburse you after a car accident or storm damage to your house, you know it is not easy. The best way to minimize your financial losses if the identifying information of customers and employees gets stolen due to a workplace data breach is to get a lawyer involved as soon as possible. Your lawyer can help you get the best possible settlement from your data breach insurance company. If the scammers get convicted of identity theft, they may also be required to pay restitution to the victims, including your company, but many identity thieves do not get caught.
Contact a Charlotte Employment Lawyer About Workplace Data Breaches
A workplace data breach lawyer can help employers and employees recover from workplace data breaches. Contact the Charlotte, North Carolina employment lawyers at HKM Employment Attorneys LLP to set up a consultation.