Contact Us
01952 608908

To help reduce spam, please enter KGZMS into the box below:

close »
ADISA Certification Blancco NHS Information Governance Toolkit ISO 27001 ISO 14001 ISO 9001 BS EN 15713 CESG Contractors Health & Safety Assessment Scheme

Our Top Tips to Prevent a Data Leak in your Company

Today’s businesses are built on an infrastructure of sensitive data that is provided to them from their customers, from credit card details to addresses and dates of birth.

Data breaches and leaks are becoming more of a risk every day, but there are still many misunderstandings as to how they can happen. Oftentimes, the media reports of hackers that break into private accounts and steal personal data, however a lot of the time data leaks can be traced back to company insiders, usually as a result of a unhappy accident or structural flaw. It can be anything from human error to a ‘bending’ of the rules in your company’s computer network.

In order to prevent such issues from happening, it is important to first understand the difference between a data leak and a data breach.

A data breach usually comes about when a vulnerability is exposed by an attacker; this type of attack is carried out when the right security solution perhaps isn’t in place.

A data leak on the other hand represents the moment when Data can find itself in the wrong hands; for example a disgruntled employee who wishes to act maliciously towards the company. There are no obvious security holes with a data leak, instead is could a simple irresponsible action.

So what are the major weak spots to look out for when it comes to data leaks?

One: Human Error:

You may have invested a lot of time and money into security solutions that will prevent any data mishaps; however you will never be able to entirely account for human error. According to PWC’s 2015 Information Security Breaches Survey, 50% of the worst breaches of last year were caused by inadvertent human error.

Commenting on the results of another 2014 survey, ESET’s senior research fellow David Harley agreed that insider threats shouldn’t always be assumed as malicious. Mr. Harley said: “A very high proportion of security breaches are caused directly or indirectly by people inside an organization, whether it’s a matter of human error, susceptibility to social engineering, bad security management decisions, and so on. I’m not convinced that deliberate malicious action from insiders outweighs all those other factors.”


According to PWC’s 2015 survey, 33% of large organisations say the responsibility for who ensures  Data is protected within a company is not made clear, while 72% of organizations where security policy was poorly understood had suffered staff-related breaches.

In order to prevent this, it is important to make sure that all staff become ‘cyber-aware’, perhaps undergoing training sessions to help educate staff. In addition, it is important to ensure that the keeping networks secure and protecting Data is a responsibility made important to every member of staff, rather than having just a select few specialists whom all responsibility falls upon.


Unfortunately, Data is not just stolen by outsiders hacking into your network, oftentimes, thefts can happen very close to home, by members of working within all different departments in your company.

OFCOM, the UK’s communications regulator learned this lesson earlier this year, when they discovered that a former employee had been surreptitiously gathering its third party Data over a period of six years. OFCOM only became aware of this Data theft after the former employee tried to pass it on to a new employee, who then alerted the company to the crime.

It is highly important to make sure that you only grant access to your companies’ sensitive data to those who really need it, and that those staff members are educated and ‘cyber-aware’. Storing all of your companies Data on one huge communal server can often result in unfortunate cases such as this one at OFCOM.

Access Misuse:

In contrast to this however, even when a employee has no intention of action maliciously towards your company or organisation, seemingly minor actions can completely undermine the rules and regulations you have put into place regarding Data security, leading to security breaches and Data leaks that can be very harmful to your company. For example, when an employee goes home after a day at work, and tells or even shows their members of family or friend about something that happened, giving away customer details / sensitive information in the process.

According to a 2014 report by Cisco, approximately one fourth of surveyed employees admitted sharing sensitive information with friends, family, or even strangers, and almost half of the employees surveyed shared work devices with people outside of their companies without supervision.

Although these behaviours may be completely innocent, it is effectively releasing Data out of a company’s control. Security settings and procedure can be introduced to limit this kind of activity, but even these kinds of measures can usually be bypassed.

These are the three main Data leak weak spots recognised by, we hope that this article encourages you to revise your data security within your company! If you are looking for a reliable and trustworthy data destruction service, trust XPO It to carry out the job right. With over 10 years of professional experience and an impressive portfolio of testimonials and official accreditations, you can have confidence in our services! For more information please check out our website at:


See full article:


Our Top Tips to Prevent a Data Leak in your Company

XPO have always provided a high quality service.  Reliable, efficient and easy to use.  Always on time and professional with the disposal of equipment

Property Consultant, Birmingham Property Consultancy

We have used the data destruction services of XPO IT on a number of occasions and have been exceptionally pleased with their levels of service, efficiency and customer care

IT Manager, Nottingham Solicitors

Glad we found out about this company. Now I can be assured that our redundant IT equipment is being correctly handled and we can get rid of our smaller WEEE waste streams in parallel

Purchasing Manager, Automotive Equipment Supplier

XPO IT offer an efficient and flexible collection service for the District Council IT disposals. They provide a Duty of Care Waste Transfer Note and Certificate of Disposal for every collection. Collection staff are always courteous and friendly and go about their work without causing any disruption to my working day

E-Business Admin Assistant, District Council

We have used XPO IT Services on numerous occasions, each time we have been very pleased with the service that they provide. Their collection/recycling scheme is the best we have used (and we have used a few!). Great service and great value for money!

Senior IT Technician, Staffordshire Hospice

Get in touch

Leave your details below and we will be in touch

Please enter MQZNH into the following box: