For some individuals, their moral compass is key. Some may scoff at this, but often the people that don't react to "the usual stimulants" (pressure, obligations, money or fear) are unreactive for a moral reason. ie they just don't feel it it is right - whatever the cost to them personally.
So say to them – “you want to be upright and supportive of your clients, don't you, so this is how...” and go on to explain how the clients' data can be put at risk if they do not look after it. You can make it clear that this is not a blame game, but an improvement concept - how to enhance the customer experience.
Now that you have their attention, you can take them through the steps as to how they can safeguard the clients' data simply by following certain actions. You can remind them of the effect of them slipping up and the moral dilemma they will have if they somehow cause the release of client data to the detriment of the individual or firm in question.
NB. Don't use the line: ‘you don’t want to be the cause of a major client data loss...’ because that is the line from a different script - this is the organisational viewpoint. To be clear, the personal viewpoint focuses on how they themselves will feel if they cause a data breach by omitting to follow data security requirements. The organisational viewpoint is that this will damage the reputation and profitability fo the organisation (ie nothing directly to do with the individual's moral compass!) and so completely uninspiring for this sort of person!
Finally, any staff that react well to this approach should be identified as key personnel in ensuring that the organisation is sticking to the moral high-ground. This is very useful for ensuring that nothing is happening behind the scenes that senior management may not be aware of.
This is one of a series of blogs on how to optimise your Data Security Controls by focusing on individual interests:
|1) Introduction: Introduction to string of blogs on how to encourage individuals to take data security seriously and apply it with enthusiasm|
|2) Staff Benefits: How do you appeal to individuals to encourage them to adopt and develop the data security system requirements with enthusiasm.|
|3) Business Benefits: The Business benefits of getting good data security controls - as a contrast to the benefits accruing to the individuals involved.|
|4) Salary Impact: Some people may be influenced by money and be encouraged to learn more if this is reflected in the reward structure.|
|5) Work Reduction: Some individuals react to the idea that they will have less work to do if they set things up well in the first place - it certainly is true for data security.|
|6) Bonus Payments: Where money is a key driver, but a change in salary is not possible, maybe a bonus system can be used instead to enthuse people into learning more about data security.|
|7) Tailored Training: Some people react well to being offered additional or specialised training - possibly with additional side benefits - whatever it may take to enthuse them to absorb data security awareness.|
|8) Choice of Equipment: Some people may choose to improve their working environment and this can be a method to enthuse people about data security too.|
|9) Holidays: Some people enjoy time off - and the ability to earn some spare hours may be sufficient to enthuse people about data security enough to earn them.|
|10) Moral Compass: Some people are driven more by their moral compass than whether they are paid more money or have time off. These are key people in your organisation as they will help steer the straight and narrow path.|
Your feedback and contributions would be welcome to help to hone these ideas for all to benefit from - please contact us via the https://securebusinessdata.co.uk/contact or call us on 0345 600 6975.