Private equity firms live in understandable fear of sensitive data getting into the wrong hands. If a deal is leaked it can sabotage or even signal its death knell, like the proposed $143bn takeover bid by Kraft Heinz for Unilever. Add to this the potential fines faced by firms under the European Union’s General Data Protection Regulation (GDPR) and it’s not surprising that many are asking the question: what can be done to prevent this?
Keeping your data in the right hands can be difficult and may seem like an uphill battle. As forewarned is forearmed, we set out the ways in which data commonly gets into the wrong hands and what steps your private equity firm can take to guard against them with cloud solutions and more.
1. Reply All, auto-complete blunders: Sending data to the wrong recipient
Everyone knows that familiar sinking feeling when you hit send, only to discover that the email has ended up in the wrong hands. Hitting reply to all instead of reply, auto-filling email addresses or simply thinking of the wrong person at the wrong time are all too common scenarios. This presents one of the biggest risks to private equity firms, but it trails behind its snail-mail alternative of letters and fax.
Computer Weekly reported last year that human error causes more data loss than malicious attacks, accounting for 62% of data breaches reported to the UK’s Information Commissioner’s Office (ICO). Of these, the most common mistake was sending fax or email to the wrong person (17%) and in third place was sending emails to the wrong recipient (9%).
The solution: Consider using secure direct log-ins and online cloud collaboration tools, where only authorised persons can access certain files or folders. This can also help prevent data being shared at the other end with unauthorised persons – and allows you to remove access for users who are no longer authorised to view the files (having left the firm, for example).
2. Loss of documents
The second human error-related risk identified by the ICO’s data security breach figures was loss or theft of documents (17%).
Lecturing employees here will not help. Nobody plans to lose documents on the train after a long day in the office or find that their laptop is stolen in their near vicinity, but it does happen.
The solution: Luckily, solutions do exist. The first step is to eliminate the use of paper documents and local storage as much as possible by providing effective cloud solutions so that they can access their documents on the move whenever they require them, without printing them out or transferring them to a laptop hard-drive.
The second step is to look for an IT solutions provider that can offer a mobile security solution, encompassing features like a remote device wipe. Also, technologies now exist that allow personal and office data can be segmented, so that you can take steps to protect confidentiality whilst your employees can feel safe in the knowledge that if their device is wiped they will still have access to cherished memories.
4. Your employees using unsanctioned mobile and cloud solutions
The private equity world never really sleeps. If you expect your employees to effectively be on speed dial to your clients, then officially sanctioned mobile solutions are a necessity. Without these, they will be left with no real choice but to use their own preferred apps and services without the knowledge of your IT department – a phenomenon known as ‘shadow IT’.
In fact, ITP.net reported that a 2015 study by Brocade found that nearly three-quarters of organisations experienced problems with employees using unauthorised mobile apps. Many others could simply be unaware that shadow IT is happening in their business.
The solution: Embrace mobile – don’t run from it or try to ignore it. Ensure that you have suitable cloud solutions that enable full mobile access, including online collaboration and document management and that they have adequate security measures in place.
In the fight against data being shared with the wrong people, private equity firms need to embrace modern ways of working – instead of seeing them as a chink in their armour. And doing so need not run up a bill to rival your latest investment. Cloud solutions such as Microsoft 365 enable firms to take advantage of the latest technologies – such as secure file sharing and online document management and collaboration tools – with the cost of software, infrastructure and updates consolidated into a fixed monthly fee.
However, guarding against less sophisticated data breaches arising from human error requires a little more. That is where an IT cloud solutions partner can assist: implementing technologies such as mobile device wiping and providing in-depth user training, so that both you and your employees are fully equipped to tackle data security risks. .
Find out how technology can help, not hinder, your data protection and regulatory compliance issues and keep your private equity firm ahead in a rapidly changing marketplace with our guide: Modern workforce, modern security.