75% of data loss is from human error. Here’s how to deal with it.
When we talk about the risk of disasters, and the importance of business continuity, the conversation is often focused on the most dramatic causes of data loss: hurricanes, lightning strikes, fires, flooding and so on.
But what about the “smaller” events?
… Deleted files
… Misplaced spreadsheets
… Important folders gone missing
These data loss events are actually far more common (and costly) for most businesses. And when the data can’t be retrieved, a simple “mistake” can turn into a catastrophe.
In this post, we look at how data loss is so often caused by human error, along with the best ways to prevent it and recover from it.
What percentage of data loss is caused by human error?
Up to 75% of data loss is caused by human error, according to a report highlighted by PC World. It’s the single greatest cause of data loss in the workplace. Around the world, it happens every single day, at businesses of all sizes.
Need more proof?
- In 2022, Verizon found that 82% of data breaches involved the human element, including social attacks, errors and misuse of systems.
- A 2016 report by the UK’s Information Commissioner’s Office found that human error accounted for the vast majority (nearly two thirds) of data loss and data breach events reported to the agency.
- At data centers specifically, 70% of data incidents are caused by accidental human error, according to research by Uptime Institute.
- In a 2015 survey of more than 400 IT professionals, human error was cited as the top cause of data loss, higher than all other causes, including hardware failure, data corruption and natural disasters.
- When you look specifically at the cause of downtime by data volume, human error is the #1 culprit at 58%, according to figures highlighted by Datto. In fact, the same report shows that loss of access to data caused by human error is even more disruptive to businesses than network outages.
What are the most common causes of data loss involving human error?
Accidental deletion, file overwrites and social engineering attacks are the most common ways that data loss is caused by human error. Data is also commonly lost during large file migrations or in cases where devices are accidentally destroyed, such as a laptop being dropped.
If you work in IT, then you probably see these accidents happening all the time.
Let’s dig a little deeper into these incidents to understand how they happen and what you can do to prevent them.
1) Accidental file deletion
One of the most common data-loss scenarios is when a user deletes an important file or folder. This can happen for several different reasons. An employee might accidentally move an important file to trash without realizing it. Or, they might intentionally delete it first, but then realize later that they needed it.
Accidental deletion is also common when users move files and folders to a different location on the server. (More on these migrations below.) Sometimes the employee recognizes their mistake immediately, making it slightly easier to recover. But other times, it can be days or even weeks before the employee notices the files are missing. To make matters worse, they may not even remember the file name, on top of having no clue when the deletion date was. This makes it even harder for IT administrators to locate it in a backup (assuming there is a backup in the first place).
The same goes for accidentally deleted emails, CRM records, app data – all the critical and sensitive data that keeps your business running.
2) Social engineering
Hackers are banking on human error to infiltrate your systems.
Social engineering is the practice of deceiving users to gain access to other security systems or to deliver malware that lays the groundwork for future cyberattacks.
Social engineering typically begins with an email. These emails are designed to trick users into thinking they’re legitimate when in reality they carry malicious attachments or links to malicious websites.
Spam emails can be considered a form of social engineering whenever they use deception. For example, employees might receive a message identified as a receipt, invoice or billing statement. But when users unknowingly click these links or open the file attachments, their computers are infected with malware.
More sophisticated social engineering attacks often use multiple layers of deception. For example, an email might be disguised as a notification to reset a password or view a file shared by a coworker on Google Drive (the message may even include the coworker’s name). When the link is clicked, it takes the user to a secondary page that also looks legitimate. But in fact, the page is just the next step of the deception. Users unknowingly enter their credentials, which are sent directly to the attackers.
98% of cyberattacks employ social engineering, according to some estimates. When these attacks are used to deploy ransomware or other types of malware, they can cause permanent data loss.
3) Mishandled migrations
Anytime that large amounts of data are being moved, there’s a risk of files being lost or accidentally deleted. Most commonly, they are overwritten. In worst-case scenarios, entire folders and directories are replaced. Newer versions of files are inadvertently overwritten by old data. Good data is replaced by bad.
Why does it happen?
In most cases, it comes down to a simple mistake caused by the person handling the migration. The intentions are good: For example, the reason for the migration may be to reorganize or consolidate data storage. Or maybe new software is being deployed that requires data to be migrated first. But in each case, if the user isn’t careful, it can lead to a botched migration that destroys large swaths of data.
Sometimes, these incidents are not entirely the user’s fault, but human error is ultimately still to blame. This brings us to our next data-loss culprit: bad integrations.
4) Bad integrations
Integrating third-party software needs to be done carefully, especially if the integration involves data migration of any kind. If the integration is misconfigured – or there are compatibility issues – then there’s a high risk of data being deleted.
Is it human error? In most cases, yes. It’s the user’s responsibility to make sure the integration is viable before proceeding. For example, in the case of adding new software, the user needs to be sure it’s developed by reputable sources and compatible with current systems. Testing environments should also be used to test integrations and identify errors before a full rollout.
In some cases, the culprit is not human error. For example, bugs in otherwise well-developed software could cause a botched integration leading to data loss. But still, proper testing should be used to reduce this risk.
5) Other IT errors
Here’s the thing …
It’s not just the non-tech employees you need to worry about. IT folks make mistakes too. And when they do, the losses can be even greater.
Above, we mentioned how human error has been reported to cause 70% of data incidents at data centers. That’s a whole different ballgame of data loss, beyond somebody simply deleting files by accident.
These incidents are caused by everything from network misconfigurations to security vulnerabilities. They’re mistakes that are made within the management of your IT systems, whether due to lack of knowledge or a lack of morning coffee. Point is: these events do happen, underscoring the importance of backing up your data.
Wait, what about ransomware?
If you follow all-things-data like we do, then you know that ransomware has become one of the biggest threats to your files. In 2016, it cost small businesses more than $75 billion in downtime, and those figures have continued to rise over the years. Attacks are happening every 11 seconds on average, locking companies out of their data forever (unless they pay the ransom or restore a backup).
But, there are two key things to keep in mind about ransomware:
- While a ransomware attack can indeed wreak havoc on your operations, it’s not the top cause of data loss. Day to day, it’s far more common for businesses to lose data because of human error.
- What’s the #1 cause of ransomware infection? You guessed it: human error. Ransomware is most commonly delivered via spam and phishing emails. When employees aren’t properly trained on what to look for, they inadvertently click on links or open attachments that drop an infection.
In a Datto survey of 1,700 managed-service providers, who together serve more than 100,000 small-to-mid-sized businesses, 83% said the most common cause of ransomware was human error due to a lack of cybersecurity training, especially in regard to dealing with phishing emails.
How can you prevent data loss from human error?
Backing up data is the most important way to prevent permanent data loss from human error. You can also reduce the risk of human error with routine employee training and stronger file access controls.
Mistakes will always happen. No matter how much you prepare, data loss from accidental deletion and other human errors is inevitable.
Let’s take a closer look at the things you can do to reduce the risk of these events occurring and/or minimize the size of the loss. Here’s how:
- Employee training for basic network usage/computing: A little bit of training can go a long way. When onboarding employees, make sure they know how to properly save, move, modify and delete files on the company network. Don’t assume everyone knows how to do this. Additionally, educate employees on the risks of data loss and the importance of notifying administrators as quickly as possible after accidental file deletion.
- Cybersecurity training: Whether it’s part of your overall computing training or separate, you should be educating all staff on safe practices for web/email. This can greatly reduce the risks of data loss caused by ransomware or other forms of malware. Employees should know how to spot the telltale signs of a phishing email or other spam messages from unknown senders.
- Set stricter access controls: Limit user access to only the folders they need, based on the approach of “least privilege.” This approach won’t prevent accidental deletion within the user’s approved directories, but it will prevent them from making mistakes in folders where they shouldn’t have access in the first place. Additionally, in a ransomware attack, it may help to prevent the infection from spreading outside the user’s approved directory, thus stopping it before it hits the whole network.
Recovering lost data
When data loss inevitably occurs, you need a way to recover it—fast. A single hour of downtime caused by data loss can cost between $10,000 to more than $5 million, so speed is of the essence.
Whether a single file has gone missing, or someone has inadvertently allowed ransomware to lock up all your data, these steps can help ensure a quick, painless recovery:
- Back up your data: This one is a no-brainer. These days, no business should go without a data backup and disaster recovery system (BDR). That goes for small businesses too (no more silly thumb drives!). Backing up your data regularly will ensure that any loss of data, from file deletion to ransomware encryption, can be recovered.
- Allow for multiple restore options: When somebody deletes a single file or even a few folders, your IT folks shouldn’t need to revert back to a large, system-wide backup. On the other hand, when massive data loss has occurred, you should be able to restore everything by selecting the appropriate recovery point. Make sure your BDR can do both.
- Recover missing files faster: The software built into your BDR system is crucial. This is what will allow you to locate and restore deleted data in the shortest amount of time possible. Consider Datto’s Backup Insights, for example, which makes it easy for IT administrators to locate deleted files, even when the file names and deletion dates are unknown. With a few clicks, the interface shows you which files have been modified, deleted or created between any two backups, so that recovery only takes seconds.
- Go hybrid: For greater assurance that your data is always recoverable, deploy a BDR system with hybrid technology, which stores your backups on-site and in the cloud. So for example, if somebody spills coffee all over your servers, you’ll still be able to recover any destroyed data from the cloud.
- Make backups more frequent: If your last backup was 24 hours ago, then all data created or modified since then is vulnerable to being destroyed forever. If something is deleted, it’s gone for good. Make sure your backups can be performed as frequently as needed to prevent a costly data loss or disruption. For businesses that demand the most frequent backups possible, Datto’s systems can back up your data as often as every five minutes.
Start with a business continuity plan
No matter what you do to prevent data loss from human error, make sure your strategies and systems are clearly defined in a business continuity plan (BCP). This comprehensive document will serve as the basis for your continuity planning, identifying your unique risks and outlining the protocols for backup and recovery.
Again, even the most comprehensive BCP won’t prevent all instances of accidental data loss. But it can significantly reduce your risk by ensuring that the business is adequately prepared.
Frequently asked questions
1) What is human error in information security?
In information security, human error refers to any action by an individual that inadvertently leads to sensitive data being compromised. Overt examples include users opening malicious email attachments, using weak passwords or installing unauthorized software that is infected with malware.
In IT, it is useful to distinguish human errors from system errors in order to identify the root cause of vulnerabilities. Given the unpredictability of the human element, users should be frequently trained on cybersecurity.
2) What is the most common cause of data loss?
Human error is often cited as the most common cause of data loss. A 2022 report by Verizon found that 82% of data breaches involved the human element. Other researchers have found that human error accounts for 75% of data loss incidents at businesses, followed by hardware failure, software corruption, malware and theft.
3) Can human error be prevented with cybersecurity?
Cybersecurity measures can prevent some types of human error, but not all. For example, application whitelisting and Internet restrictions can prevent users from inadvertently downloading malware. Stronger email filtering and firewalls can help to significantly curb the messages that are most likely to deceive users.
However, even with the strongest cybersecurity systems in place, mistakes can still occur. This is why it’s important to have additional fail-safes, such as data backups, to ensure that files and systems can be recovered in the event of a major breach.
Don’t risk permanent data loss from human error. Deploy stronger backup ASAP.
Request a free demo of advanced data backup systems from Datto, and find out how you can protect your organization from all causes of data loss. For more information, contact our business continuity specialists at Invenio IT: (646) 395-1170 or success@invenioIT.com.