Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network.

DLP software use business rules to classify and protect confidential and critical information so that unauthorized end users cannot accidentally or maliciously share data whose disclosure could put the organization at risk.

Data loss from human error by the numbers

A report highlighted by PC World revealed that 75% of data loss is caused by human error. It’s the single greatest cause of data loss in the workplace. And it happens every single day at businesses of all sizes all around the globe.

  • A 2016 report by the UK’s Information Commissioner’s Office found that human error accounted for the vast majority (nearly two thirds) of data loss and data breach events reported to the agency.
  • At datacenters specifically, 70% of data incidents are caused by accidental human error, according to the research by Uptime Institute.
  • In a 2015 survey of more than 400 IT professionals, human error was cited as the top cause of data loss, higher than all other causes, including hardware failure, data corruption and natural disasters.
  • When you look specifically at the cause of downtime by data volume, human error is the #1 culprit at 58%, according to figures highlighted by Datto. In fact, the same report shows that loss of access to data caused by human error is even more disruptive to businesses than network outages.

Preventing data loss from human error

Mistakes will always happen. No matter how much you prepare, data loss from accidental deletion and other human errors is inevitable.

However, there are a few things you can do to reduce the risk of these events occurring and/or minimize the size of the loss.

  • Cybersecurity training: Whether it’s part of your overall computing training or separate, you should be educating all staff on safe practices for web/email. This can greatly reduce the risks of data loss caused by ransomware or other forms of malware. Employees should know how to spot the telltale signs of a phishing email or other spam messages from unknown senders.
  • Set stricter access controls: Limit user access to only the folder they need, based on the approach of “least privilege”. This approach wont prevent accidental deletion within the user’s approved directories, but it will prevent them from making mistakes in folders where they shouldn’t have access in the first place. Additionally, in a ransomware attack, it may help to prevent the infection from spreading outside the user’s approved directory, thus stopping it before it hits the whole network.