To better protect against breaches, organizations must establish best practices for securely exchanging privileged information. For instance, employees must avoid bad habits (such as sending sensitive or highly confidential information via e-mail or writing down privileged passwords on sticky notes). IT managers must also ensure they educate employees about the need to create and set secure passwords for their computers instead of using sequential password combinations or their first names.
The lesson here is that the risk of internal data misuse and accidental leakage can be significantly mitigated by implementing effective policies and technologies. In doing so, organizations can better manage, control, and monitor the power they provide to their employees and systems and avoid the negative economic and reputational impacts caused by an insider data breach, regardless of whether it was done maliciously or by human error.