What is a data breach? A few examples.
1. An email sent to the wrong recipient.
Example: a course participant’s data is accidentally sent to another course participant. One way of avoiding this is to use the EUR document vault. What you actually do is send a link by email. That link allows you to access the EUR document vault. This is where a verification process takes place to make sure the person accessing the vault is still authorised to open the file in question. You can adjust settings in the EUR document vault in a variety of ways. For example, you can set a specific end date, allowing an individual to access a document up to that date (this could be used in a collaborative project). In the interim, as the owner of your own ‘vault’, you can also change these authorisation parameters. So if you think you might have sent the wrong file to someone, or you sent the right file, but to the wrong recipient, the EUR document vault allows you to immediately restrict access. If you do this quickly, the recipient will not be able to access the data. There is standard logging of all your vault activity so you know exactly who has or has not opened or downloaded a specific file etc.
2. Mass mailings: use the ‘to’ field or the ‘Cc’ field?
In a mass mailing, the recipients do not know each other. When the email addresses are visible to all recipients, this could constitute a data breach. Use the ‘Bcc’ option to avoid this problem.
3. Unsecured sharing of course participants’ data using wetransfer (or a similar tool).
In theory, when a file in the form of a link is shared using internet, this link could be guessed by unknown individuals or reshared with unauthorised parties. Always ensure that files are password protected if there is no alternative available for sharing the file. Or you can use the secure alternative SURFfilesender, which allows convenient encrypted sharing of large files.
4. Forgetting to lock your computer when it is unattended
Example: an employee leaves to get some coffee, and a third party uses the computer. Always lock the computer using the key combination of the Windows key + L.
5. Leaving print-outs/documents next to the copier/printer.
Example: a list containing data from survey respondents is left behind next to the printer. Even if the list is not removed from where it was left, there is always the possibility that someone took a photograph or made a copy of it. Avoid leaving documents next to the printer if you have printed something. Always take your printed documents to your work station.